A. Advantages of Clove Financial
i) Deposit protection
Every Clove bank account is guaranteed by the Compensation Scheme of [Nationality] Banks up to [AMOUNT].
ii) Security procedures
Our three-tier security procedure protects your Clove bank account and all your transactions. Your account can only be paired to one smartphone at a time, and you must log in to your account using your password or fingerprint. On top of this, you must verify all online and offline transactions with your PIN.
iii) Real-time account notifications
You’ll receive instant push notifications after all account activity, so you always know where your money is going, and when. You don’t need to wait a few days to see a transaction, or until the end of a billing period to see all your transactions.
iv) Customized security settings
(1) You can customize your Clove Mastercard permissions and restrictions. With a few taps, you can change:
(2) Whether it can be used for payments abroad
(3) Whether it can be used for online payments
(4) Whether it can be used for withdrawing cash
(5) If you’ve misplaced your card, or you want to restrict all your card’s functions, you can block and unblock the card with a simple tap. If you report that your Mastercard has been stolen, it will be blocked right away, and we’ll send you a new one immediately.
v) Clove Bug Bounty Program
The Clove Bug Bounty Program offers cash rewards to encourage security researchers to inform us about bugs or vulnerabilities, so that we can fix them long before any damage is done.
B. CLOVE Bug Bounty Program
i) Tips for secure online banking
(1) Phishing – be cautious about emails and fake internet sites
(a) Phishing is when someone attempts to get your password or login credentials through deceptive emails, text messages or fake websites. For example, you might receive a link that redirects to a fake website, which then asks for sensitive personal information. The fake site often looks like a real bank or other well-known site. If someone gets your personal information, it can be used to log into the real site, like your bank account.
(b) We recommend that you avoid clicking on links in emails or text messages that seem suspicious. Neither Clove nor any other reputable bank will ever ask you for your password, PIN (personal identification number) or TAN (transaction authentication number) by email or text message. If you’re ever in doubt, please contact customer support before you proceed.
(c) We also recommend that you double check how you’ve typed a web address. Criminals often operate websites named for well-known sites, but with small typos. The sites often look like the originals, and are solely designed to capture your password, TAN, PIN, or other sensitive information.
(d) It’s also important not to enter personal information on a website that starts with a normal "http://" address. Instead, always look for a secure "https://" address in your browser window. Secure sites also have a small lock symbol next to the site name in your browser. All CLOVE websites and web services use a secure connection, from our homepage to our online banking page.
(2) Update your software
(a) Keep your computer up to date with anti-virus programs and a firewall, which help prevent the installation of malicious programs (known as Malware or Trojans) on your computer. Such programs are designed to collect information and re-use it for potentially criminal purposes.
(3) Pharming – an extension of Phishing
(a) Classic phishing involves having you click on a link. This has been further developed into a method called pharming. Malicious software can change the settings on a computer in a way that can redirect web traffic to a fake site, even when you enter the correct website address. Criminals then collect sensitive information from the fake site. Protect your computer, as we’ve recommended, with up-to-date anti-virus software and by activating your firewall.
(4) Don’t write down your password and PIN
(a) A secure password should ideally contain capital and small letters, numbers and at least one “special character” (like !@#$%). It should also be at least 8 characters long. Please don’t store your password or PIN for CLOVE (or any other financial institution) directly on your computer. In case your computer was misplaced or fell into a hacker’s hands, your password could be compromised and reused.
(5) Avoid Computers with public access
(a) For security purposes, avoid using “public access” computers (like those in internet cafes, hostels or copy shops) for secure transactions. These computers are particularly susceptible to malware.
(6) Private and public WiFi
(a) Be sure that the WiFi you use for any bank connection is secured with “WPA 2” security. The former WEP (Wired Equivalent Privacy) standard is outdated and is no longer considered secure. Without using the newest standard, cyber criminals could intercept your internet connection and compromise your personal data. If you use public WiFi networks, there’s a higher risk that your online banking data could be compromised. Alternatively, you can use mobile banking without WiFi using your phone’s cell service.
(7) Stay alert
(a) Regularly check your account’s activity. Respond immediately if you notice any unusual account movements. If you still use a traditional bank, you can call customer service to block your account, or email us. Note that traditional banks often charge a fee to block your account.
(b) With the Clove app, you can track your account’s movements in real time and receive a push notification for each transaction. You can block (or unblock) your account at any time, right in the app.
(8) Tips for secure mobile banking
The term “mobile banking” includes bank transactions carried out via a mobile browser or using mobile apps. One in seven smartphone users in Germany has already activated banking services on their smartphone.
Mobile banking apps fall into two different categories. The first includes mobile apps specific to particular banks. In most of these, the mobile apps provided by the banks are lagging behind users’ expectations.
The second category consists of modern banking apps, which you can use to manage your bank account in real time. The disadvantage here is that you have to share the access details for your bank account with the app provider. Especially with a banking app that provides complete access to your bank account, you should make sure you read users’ reviews of the app before you start to use it.
The Clove mobile app combines the security of a bank account with the very latest mobile banking functionality. As far as security is concerned, there are no major differences between the security requirements for mobile banking and those for online banking. Nevertheless, you should still take into account our additional recommendations so that you can access your mobile banking services securely.
(a) Lock your screen
(i) We recommend making your smartphone more secure by adding a lock code, pattern or fingerprint. This helps make your banking app more secure, especially if you lose your smartphone.
(b) Update your mobile operating system
(i) We recommend that you regularly update the software on your smartphone. Manufacturers frequently issue software updates to protect against new safety defects.
(c) Update your mobile banking apps update
(i) Make sure you download banking apps, and any other apps for that matter, only from the official manufacturers’ stores (such as the App Store or Play Store). Be suspicious of any new unfamiliar apps. They can contain malware and facilitate access to sensitive details.
(d) Be careful with WiFi and Bluetooth
(i) We recommend that you disable publicly accessible WiFi connections and your device’s Bluetooth function before you make a mobile connection to your bank. Even if you’re using a private WiFi network, you should check that it’s secured by the WPA2 system.
(e) Protect your passwords, PINs and TANs
(i) Never save any bank-related passwords, usernames, PINs or TANs on your smartphone. If your phone is lost or becomes infected with malware, this will increase your risk of falling prey to cyber criminals.
(f) Questions? Check our Support Center
(i) You can find even more answers in our Support Center.