You’ll need to update your browser so you can continue to log on to your online banking from 28th February. Update now.



Protecting your card and PIN

Protecting your card and PIN

Keeping your credit card and PIN secure is very important.

To avoid being liable for unauthorised transactions, it is important that you follow the Conditions of Use of your card and protect your card and PIN. Here are some simple steps you can take to protect your credit card and PIN:

Protecting your cards

  • Sign your card as soon as you receive it
  • Regularly check that you are still in possession of your card and tell us immediately if it is lost or stolen
  • Don’t let anyone else use your card, or hold it for you
  • Take your cash, card and receipts with you after every transaction
  • Don’t leave your card out where it is easily seen, such as a bar or cafe
  • Cut up and dispose of your card when it expires

If you use the CommBank app, remember to protect your device (eg. mobile phone or tablet computer) in the same way as your card.

Protecting your PIN and password

  • Memorise your PINs and passwords and destroy any letters advising you of new ones
  • Don’t tell anyone your PIN, not even friends, family or a bank representative

When using your credit card to make purchases via the internet, only deal with well-known/reputable businesses. Make sure that a padlock symbol appears in the right hand bottom corner of the web site indicating a secure operating environment.

Don’t write down or record your PINs or passwords without making a reasonable attempt to disguise them (see below for more information). 

Never keep your PINs or passwords (or the disguised record of them) on or with your card or other device through which you access your card  (eg. mobile phone or tablet computer).

Avoid letting anyone watch you enter your PIN or password. A good practice is to cover the keypad when you put in your PIN or password.

If you choose your own password or PIN, don’t choose something that is easy to guess like your (or a family member’s) birth date, name, phone number, postcode, driver’s licence number or numbers that form a pattern.

Watch out for scams in the form of email, SMS or calls asking for your account details. If you see suspicious emails, please forward emails to

If you want to write down or record your PIN or password

If you write down or record your PIN or password, you must make a reasonable attempt to disguise it and prevent unauthorised access to the record. For example, you could:

  • Hide or disguise the PIN or password record in a place where it would not be expected to be found,
  • Keep a record of the PIN or password record in a securely locked container, or 
  • If the PIN or password is stored electronically, make sure others cannot access it.

We will not consider that a reasonable attempt has been made to disguise a PIN, password or other code if it is recorded:

  • In reverse order
  • In an easily understood code, e.g. A=1. B=2
  • As a phone number where no other phone numbers are recorded or as a four digit number, prefixed by a telephone area code
  • As a ‘date’ (e.g. 9/6/63) where no other dates are recorded
  • As a series of numbers or words with any of them marked, circled or in some way highlighted to indicate the PIN, password or other code
  • As an obvious word or number or one that can be found in a purse or wallet.

Please note: These are guidelines only. While following these steps will help you to protect your credit card and PIN, your liability for any losses arising from unauthorised transactions is determined in accordance with the ePayments Code. For further details, click here.

This article is intended to provide general information of an educational nature only. It does not have regard to the financial situation or needs of any reader and must not be relied upon as financial product advice.