The website "bbva.fr" is a website designed exclusively to inform BANCO BILBAO VIZCAYA ARGENTARIA S.A. (hereinafter "BBVA") existing customers in France and potential customers resident in France about the French subsidiary of BBVA and its product and service offering on the French territory.
The website "bbva.fr" provides access to part of the interactive and secure website reserved for customers of the French subsidiary of BBVA and is available by subscription (see information about services and rates in agency). This service enables customers of the French subsidiary of BBVA to view their account and make transfers and carry out other banking procedures and is available 24/7 (except during maintenance periods or in the event of technical problems).
2. SYSTEM REQUIREMENTS
The website "bbva.fr" is optimized for 1280 x 800 pixel display (and higher resolutions for a better display) and for the use of the latest versions of the following browsers:
We recommend that users regularly update their operating system and their browser by regularly visiting the websites of the developers to download updates and patches, especially as regards security patches.
We also recommend that users:
- install antivirus software on their computer and keep them regularly updated.
- install a firewall and keep it up-to-date 1personnel that use a broadband access (by cable, ADSL or otherwise) or not.
The browser's cache memory allows almost immediate access to recently visited web pages. This feature sometimes causes small errors when a page displayed in the terminal can be the last saved in the cache and not the latest page published on the website server. In order to avoid these problems, it is recommended to activate the content update option in the browser used after each new visit and periodically clean the files and cache data.
3. SPECIFICATIONS AND SECURITY TIPS
A) Security protocol
The part of the bbva.fr website accessible by subscription is secured using the 128-bit Secure Socket Layer (SSL) communication protocol in order to encrypt all the data exchanged and which is enabled when accessing the service. The 128-bit SSL encrypts data sent so that it can only be read between the user terminal and the BBVA server. Thus, this security protocol guarantees the BBVA user:
That the customer communicates their data to BBVA's server.
That data exchanges flow in encrypted form, preventing interception or manipulation by third parties.
The user can easily verify that he is on a secure site by the "s" that appears in his browser window after the http. The address of the part of the bbva.fr website accessible by subscription begins with https://netredex.grupobbva.com/ [ ] A closed padlock or an intact key must be displayed at the bottom (or top) of the browser screen. This locked (and closed) padlock or this unbroken key indicates that the SSL process is in use and that the Internet space in which the user is browsing is secure.
In order to securely browse the website, users are recommended to take these basic precautions:
- Check, when accessing the site, that the secure communication protocol is enabled (see above).
- Do not accept when the browser offers to save your login details.
To sign out, always use the "sign out" button on the website's toolbar and click accept in the dialog box that is subsequently displayed. Thus you ensure that you will properly disconnect from the website, which will ask you for your login details again in the next session.
If you do not log off properly, the server will only interrupt the current session once the set time-out period has expired, which will activate the automatic disconnection. Meanwhile, it would be possible for a person who has access to your device to use your session without the need to have your password.
Check the security certificates for secure pages viewed by clicking on the padlock icon that appears at the bottom (or top) of the page and making sure of the validity of the certificate issuer and the website's security. In the detailed security information your browser gives you access to, most notably, the website identification data, the certifier and information on the security measures in place are displayed.
Only use "strong" passwords:
A strong password should be at least eight characters long. It must consist of at least 3 different types of characters among the four existing types of characters (uppercase, lowercase, numbers and special characters). It should not be related to the holder (name, date of birth, etc.).
Mnemonics are used to create complex passwords, such as:
Store only the first letters of words in a sentence; for example, the sentence "an Internet user forewarned is forearmed" corresponds to the password "1IU4wais4ar".
Capitalize if the word is a name (e.g.: User);
Keep punctuation (e.g.: ’);
Express numbers using digits from 0 to 9 (e.g. One ->1).
Try, whenever possible, to use different passwords for all your accounts at secure websites; Have, at least, one specific password for each major account (e.g.: email account, bank, etc.), and, above all, do not use it for another account. Thus, if your password is compromised, other means of secure access will not be2;
Do not save your passwords in a simple text file stored on your computer or on the Internet;
Do not send your own passwords to your personal email address;
Always delete messages that are sent to your email when creating your accounts, especially if they contain your username and / or passwords;
Configure the software so that it does not "remember" selected passwords or, at least, set a master password that enables you to unblock (or not) their use.
A cookie is a text file deposited and stored in memory in the browser of the terminal (computer, cell phone or tablet) used during the visit to the website. Its purpose is to collect information on the user's browsing and browsing habits or their equipment, and, depending on the information they collect and how the website consulted on the terminal is used, to identify and offer them services tailored to their terminal. For further details on the BBVA general cookie implementation policy, please view this policy which is available on the website and explains in detail the cookie implementation policy applied by BBVA and the technical possibilities allowing users to oppose the registering of cookies and delete them depending on their browser.
Users can authorize, block, or delete cookies installed on their computers or applications at any time by changing their browser's settings. To do so, please view the following pages according to your browser:
Cookies implemented on the website bbva.fr are strictly necessary for the use and provision of services of websites visited and their exclusive purpose is to control the sign-ins and sign-outs and linking user actions ("User session cookies"), and the recording of some of his or her preferences (such as language, date formats and amounts). However, if the browser is configured to refuse the implementation of cookies, it will not be possible to access the website and the services offered.
C) Use of ID and PIN:
Customers of the French subsidiary of BBVA who subscribed to the interactive service - which can be accessed from the site - will receive an ID, a PIN and a coordinates card, enabling them to connect and use this service.
The secret code is personal: do not disclose it to anyone, in any way (in person, by telephone, in writing, by email, in a form, etc.), even if the person who asks you claims to work for BBVA. Only enter your codes in the secure space of the website.
Avoid checking your accounts in a public place or on shared computers (Internet café, for example). If you use a wireless network (Wi-Fi) do not forget to enable the encryption process for exchanges (WEP key).
All code input errors are recorded. After three incorrect entries, access is blocked. The account is unlocked automatically the following day.
Every time you login to your account, check the date and time of the last connection, and the various recent transactions (transfers). In order to be able to detect any anomalies.
You are disconnected automatically after ten minutes without use, so that no one can use the site in your place if you left without disconnecting. If you wish to reconnect, you must re-enter your customer ID and PIN.
No bbvanet.fr page remains in the browser memory (no cache page).
If you have any doubts about the validity of a transaction, please inform us immediately: by sending an email to: firstname.lastname@example.org or by calling your branch (contact details available on the website "www.bbva.fr").
1 Computer system that allows selective passage of information flows between an internal network and a public network, and the neutralization of attempts to enter the public network.
2 For example, if you use the same password for your email account and your social networking account and your social network provider suffers a data breach regarding your means of authentication, a malicious person could use this information to not only access your social network account but also to access your email, and therein to see list of messages of registration to your accounts on various sites (if you have not deleted them from your inbox). This will enable some of your account information to be accessed and the forgotten password feature to be used to take control.
Banco Bilbao Vizcaya Argentaria S.A. ("BBVA") S.A. under Spanish law, with a share capital of €3,267,264,424.20 and headquarters in BILBAO (Spain) 4 Plaza de San Nicolas R.M. Vizcaya T.2083 L. 1545 Sec.3a F.183 H. 14741 with its main establishment in Paris, France (1st) 29. Avenue de l’Opéra RCS Paris 349358887 – Tel. +33 (0)144 868 300. email@example.com www.bbva.fr . DPO contact firstname.lastname@example.org or for France email@example.com Ombudsman contact: M. le Médiateur FBF B.P. n°151 75422 Paris Cedex 09 firstname.lastname@example.org . The insurance intermediary N°ORIAS n°07207869 can be reached at www.orias.fr . May 2018 edition