Online and Banking Security
You are reminded to take security measures as recommended by the Bank from time to time. You shall be liable for all losses if you have acted fraudulently. You may also be held liable for all losses if you have acted with gross negligence (such as knowingly allow your Device, PIN or password to be used by others); or failed to inform the Bank as soon as reasonably practicable after you find or believe that any unauthorized transactions have been conducted over your account(s), or that your Device, PIN or password for accessing the Internet banking services have been compromised, lost or stolen. Please be noted that this may apply if you fail to follow the safeguards as advised by the Bank from time to time if such failure has caused the losses.
However, unless you act fraudulently or with gross negligence such as failing to safeguard your Device, PIN or password for accessing the Internet banking service, you shall not be responsible for any direct loss induced. If you have any enquiries on any dispute transactions or any complaints, you may call our customer hotline at (852) 3718 1818 for further investigation and handling.
Please be aware of bogus phone call, fraudulent email and SMS messages purportedly from banks requesting to provide personal information, User ID, password, other sensitive information, or calling back a bogus hotline number quoted in the email or SMS message to confirm transaction details of your account.
• ask for personal information through Voice Response System; or
• send you email / SMS message or by phone calls asking for your Airstar Bank Online User ID and password, other types of password / PIN or other sensitive information; or
• notify customers of account irregularities through pre-recorded messages.
• In accordance with the Hong Kong Monetary Authority's supervisory requirements, banks will not send SMS or email messages with embedded hyperlinks requesting customers to carry out transactions in their websites or mobile applications, nor will they ask customers to provide sensitive personal information, including login passwords and OTPs, via hyperlinks.
• to not provide any personal information to unsolicited callers;
• to ask for caller's contact details and verify with the bank if in doubt; and
• to verify the hotline numbers with the Bank before calling.
If you are concerned you may have disclosed your personal details to any suspicious third parties, or want to identify whether the communication is from Airstar Bank, please call our 24 hour Hotline at 3718 1818 or report to the Police.
Please stay vigilant in order to protect your properties from all kinds of deception. To act against deception and increase public awareness of various kinds of scams, the Hong Kong Police Force has set up the Anti-Deception Coordination Centre (ADCC) under the Commercial Crime Bureau.
If you have any questions related to deception, please call ADCC's 24-hour enquiry hotline, "Anti-Scam Helpline 18222", or visit ADCC's website for the latest modus operandi of deception and scam alerts.
• Install apps on your mobile device from trusted sources only. It is recommended to use the App Store on Apple device or Google Play on Android™ device to download apps. Understand the permissions of mobile apps before you accept and install them.
• Do not use a jailbroken or rooted device for your mobile banking.
• Install updates and patches to your mobile device regularly, including updates to your operating system (OS) and mobile apps.
• Only use trusted Wi-Fi networks or network service providers.
• Disable wireless network functions (e.g. Bluetooth and NFC) when not in use.
• Install the latest anti-virus and anti-spyware software on your mobile device and keep it updated.
• Set up auto-lock and device lock (such as passcode, fingerprint ID and Apple's Face ID) to prevent unauthorised access to your mobile device.
• Do not write down or record the passcode or PIN without disgusting it.
• Do not write down passcode on any device for accessing e-banking services and any accompanying or nearby objects.
• Please inform the bank immediately if you find or suspect that (1) the passcode or devices for accessing e-banking services have been compromised, lost, or stolen, and (2) unauthorised account transactions have been conducted.
• Do not write or store your user name and password on your mobile device.
• Avoid sharing your device with others and do not use other people's devices to log on to your private accounts.
• Users should always log out after using the Airstar Bank mobile banking app.
• be different from passwords used for other purposes.
• contain numbers, lowercase and uppercase letters.
• not be based on guessable information such as your name, personal telephone number, birthday or other personal information.
• be changed regularly.
• Do not disclose your user name and password to anyone, including bank staff and the police.
• If you have lost or disclosed your password or suspected that your password has been used by an unauthorized party, please contact us immediately.
• Do not respond to unsolicited communications – including emails, phone calls, and text messages.
• Be careful when sharing personal information on your phone in public places.
• Review your bank account activities and statements regularly, and report any irregularities to us immediately.
Your password for mobile banking should:
• be different from passwords used for other purposes
• contain numbers, lowercase and uppercase letters
• not be based on guessable information such as your name, personal telephone number, birthday or other personal information
You are advised to change your password regularly. If you have not changed your password over certain period of time, our system will remind you automatically.
You may be asked to provide personal information as additional identity verification when you use the mobile banking service. Be vigilant and do not casually disclose your personal information to anyone. You should also keep documents (such as letters and bank statements) which carry your personal information in a proper and secured manner.
It helps to fix security problems of the operating systems or apps if you update and download "patches" provided by software vendors regularly. This helps to prevent your device from virus attacks or unauthorised access from hackers.
• Encrypt your data if you have to keep your personal information in an electronic storage medium to prevent unauthorised access or use by third parties.
• Do not save or keep your password in your browser and disable the "Auto-Complete" setting to prevent third parties from accessing your information via the browser.
• Set up proper access permissions of your computer to prevent unauthorised access to your data by third parties via the network.
• Do not download or install illegal or unknown softwares to prevent malware infection.
• Remember to scan for malware before opening any files from external sources.
Please call our Customer Service Hotline immediately on (852) 37181818.
Soft Token is a security verification feature within the Airstar Bank Mobile App, which is used to secure your account and transactions. It will be used to authenticate your identity when you perform designated high-risk transactions.
After logging into the Airstar Bank Mobile App, select "Personal Center", "Security Settings", "Soft Token" on the home screen, and follow the instructions to activate your Soft Token. A One-Time Password will be used to verify your identity before your Soft Token can be activated.
Biometric authentication function (e.g. fingerprint authentication, Touch ID or Face ID) in your mobile device can be activated so that login authentication to our Mobile App can be performed using the biometric identity sensor module of your mobile device.
Apple devices supporting Touch ID or Face ID with iOS 10.0 or above;
Android devices supporting fingerprint authentication with Android OS 6.0 or above.
If you need assistance during registration and/or login process, please contact our Customer Service Hotline on (852) 37181818.
Android user may use fingerprint authentication, while iOS users may use Touch ID or Face ID to replace the Password as your identity verification for quick access to your bank account. You may also confirm transactions using fingerprint authentication, Touch ID or Face ID by setting biometric as your Soft Token authentication.
Where you have activated the biometric authentication function in your mobile device and activited the Touch ID/Face ID authentication in the Airstar Bank Mobile App, the Mobile App will access the biometric sensor in your mobile device and obtain the necessary information to perform the authentication. The Bank does not collect your biometric credentials.
All soft tokens are encrypted and managed within the bank's key management service, the token is only bound with a trusted device. This ensures that they remain secure and protected from unauthorized access.
All biometric data is encrypted and stored securely, fulfill the industry standards and regulations to protect user privacy and prevent unauthorized access.
All communications with the authentication factor are fully encrypted in transit, ensuring that data remains confidential and secure during transmission.