Skip to main content

Heartland Security

Your online security and identity is important to us and we work hard to make sure your details are kept safe. If you detect any suspicious online or behaviour or email scams, please contact our Heartland security team immediately. Email us at [email protected]. Our emails are monitored Monday to Friday, 8.00am – 5.30pm and we’ll respond within three working days.

How we protect you

We have a number of measures in place to help keep your account and data safe.

We will never ask you to disclose your user ID or password over phone, email or in person, nor will we send you an email with a link to internet banking. We use HTTPS encryption throughout our websites to ensure that any communication, transactions or online application data between your browser and our websites is safe and secure.

How secure is the Heartland Mobile App?

  • Sensitive data travelling across the internet between your device and our systems is encrypted twice*
  • We will lock your account automatically if the incorrect password is entered too many times
  • The app will time-out if it is left running with no activity
  • We use multiple layers of gateways and firewalls to align with industry best practice
  • We conduct security assessments of our app and supporting infrastructure to ensure that potential vulnerabilities are identified and addressed. These assessments are carried out by a third party that specialises in information security

How secure is Heartland internet banking?

  • The data you submit between your computer and our internet banking system is encrypted*
  • To ensure the payments you make are safe we’ve introduced a passcode verification step. When making payments via the Pay Someone or Pay Multiple Payees screens, you will be prompted for a passcode that will be sent to your mobile as a text message.

*Encryption means your information is scrambled on its journey to our banking system. We unscramble the information after it arrives safely into one of our systems.

How to protect yourself

Check the website you’re on

If you have doubts about the legitimacy of the website you’re on, remove the website address and re-enter into your browser address bar.

Don't respond to requests for your personal information

We will never ask you for your internet banking password or Keep Safe questions and answers. If you receive a phone call, email or request for your password, contact us immediately on 0800 85 20 20 and press 1, or at [email protected]. If you’re overseas at the time, you can call us on +64 9 927 9641. We’re available Monday to Friday, 8.00am – 5.30pm.

Install anti-virus and anti-spyware tools

Ensure your antivirus is up-to-date. This helps increase the chances of detecting online threats.

Update your browser regularly

For compatibility and increased security we recommend that you use the latest version of your browser.

Create a safe password

The password you choose for internet banking should be different to any other passwords you use across the internet. You should also try and avoid passwords that can be easy for anyone to guess such as your street name or number or date of birth. We recommend creating a password with a mix of lowercase and uppercase letters, numbers and symbols.

Never share your password

Never disclose your password to anyone even if they say they’re calling from Heartland Bank. If you think someone else may know your password we recommend you change it immediately.

Update your password regularly

We recommend you change your password every six months. It’s easy to change your internet banking password at any time online. Simply log in and choose the ‘Change Password’ option available by hovering over your name at the top right of the screen.

Ensure you log off after each session

This is especially important if you use internet banking at work or on a public computer.

Don't forget

To let us know if the electronic device you use to receive the passcode for access to your internet banking is lost or stolen, or if you become aware of any unauthorised use.

To ensure your internet browser and/or devices are capable of supporting the encryption and other technical requirements of our internet banking which we update from time to time, by updating your web browser.

You shouldn’t use an electronic device which contains software that has the ability to compromise passwords, PIN codes and/or data (such as spyware).

Types of online threats

These are some of the common threats that can be used to obtain your information.

Phishing emails

These are typically emails you receive from a person or company trying to obtain your personal information such as your internet banking username, password, account number or credit card details. These emails will direct you to a fake website that will look similar to the actual website and ask you to enter your personal details. These emails could also infect your computer with malware or viruses that may be used to capture your personal information without your knowledge.

If you weren’t expecting to receive an email from us, or have concerns around its authenticity, then make sure you don’t respond or click on any of the links.


This is software that secretly collects your personal information by recording your keystrokes, which are then sent to various people over the internet. You can sometimes unknowingly download spyware while accessing a file sharing site, opening an email attachment or by clicking on a link in an email.

To protect yourself from spyware make sure your anti-virus software is up to date and that your browser and software are up to date. If you think you’ve been compromised then update and run your anti-virus software and update all your passwords.

If you want to know more, see our Online Services Terms of Use.

Report a security issue

If you detect any suspicious online behaviour or email scams, please email our Heartland security team immediately. We will then investigate your issue and advise you of the appropriate action.

Email us at [email protected]. Our emails are monitored Monday to Friday, 8.00am – 5.30pm and we’ll respond within three working days.

Back to top TOP