Login security

CommBiz offers reassurance that your business’ finances are protected with a high level of security. Login IDs and passwords authenticate each user, while security tokens are required for all authorisers and administrators. In addition, an extra layer of online protection is provided by NetLock.

Login security

Each user is authenticated using a login ID and login password, before being granted access to CommBiz. Passwords must be a minimum of 8 and a maximum of 16 characters in length and must be different from the last five passwords used. Once a user has logged into CommBiz, a session timeout period of 15 minutes is set, which will automatically lock the application on the screen you were on. The re-input of your login credentials will reactivate the screen being used.

We recommend that Login passwords are changed on a monthly basis, which can be initiated by individual users from their CommBiz Home Page.

In addition to the normal login ID and login password, all authorisers and administrators are required to enter a unique one-time (single-use) password, generated by a security token, when accessing administration functions or authorising transactions. At your request, you can also configure the system to ensure that all your users are required to use security tokens.

Administrators and authorisers are also required to use the NetLock USB device.

CommBiz recommends downloading the latest internet security software from a trusted provider. This should be downloaded onto your computers to ensure all viruses and malicious software are identified and eliminated, thus allowing you perform your online banking with confidence.

Security tokens

All CommBiz authorisers and administrators are provided with a security token. Every 32 seconds the security token uses an algorithm to generate a unique number, a one-time password (OTP), which can only be used once. The OTP provides a second factor of authentication for added security, the first factor being the login ID and login password.
The two tokens we offer are the Go3 and the Pro260, as shown below. If you select the Express Registration mode, the Go3 token is automatically assigned to your authorised Users. For Custom Registration, you can choose either type of token, depending on your security requirements.


The Go3 token provides a simple two-factor authentication solution. The one-time password is generated by pressing the activation button on the left-hand side of the token.
The Pro260 token has a higher level of security and provides three-factor authentication. Before a one-time password can be generated, the Pro260 token must be activated by first entering a PIN number.

NetLock device


NetLock is an innovative USB security device developed specifically for CommBiz customers. NetLock is designed to be used along with existing CommBiz security tokens to give extra protection against even the most sophisticated security threats. The technology has been developed in conjunction with IdenTrust™, a global leader in online security.

The NetLock device provides access to CommBiz via a hardened Mozilla Firefox internet browser. It also uses an encrypted digital certificate (like a long mathematical algorithm) to authenticate the internet connection to CommBiz. This means you can now use any internet connection, anywhere and anytime, to carry out your CommBiz transactions with complete confidence.

NetLock can be used on any computer with a Microsoft Windows operating system and a USB port. If the NetLock device was issued after June 2015, it can also be used on a Macintosh. It doesn’t require a software installation and it updates itself automatically. Note, Netlock cannot be used on a Linux operating system.


Comprehensive auditing and user activity tracking

In addition to the audit log of user information, all actions made in CommBiz are recorded with a date and time stamp. System administrators can print audit reports as required.

  • Important information
    IdenTrust™ is a trademark of IdenTrust, Inc. in the United States and other countries.

    As this advice has been prepared without considering your objectives, financial situation or needs, you should, before acting on this advice, consider its appropriateness to your circumstances. Terms and conditions issued by Commonwealth Bank of Australia for CommBiz are available on request. View our Financial Services Guide (PDF 56kb). If you have a complaint, the Bank's dispute resolution process can be accessed on 13 2221.