First mobile access

Introduction to EFG Chat

We live in a society that demands an easy and immediate access to all sort of information. In this sense, EFG wants to offer its customers a new tool that permits real-time communication with their advisors.

We want to provide our customers with a secure communication tool that allows them to discuss with their advisors with the confidence that all their communications are secure. We make sure that when one logs out from EFG Chat, no residual information is kept on the device. Information is only available on our servers, where it is encrypted to protect our customers’ privacy.

 

EFG mobile security

It is of major interest for EFG to ensure the privacy of our customers’ data by securing all means of communication we provide.

Our security strategy is composed of three main elements:

  1. Secure login/logout
  2. Session duration
  3. Data storage

Secure login/logout

We have leveraged the eBanking login security to make the login process of all of our EFG Mobile applications as robust and secure as our eBanking login nowadays. In addition to that, we have created a new security item called “access”.

An access can be seen as the key that allows opening the door and accessing the mobile application, which is secured behind this door.

One “access” links one eBanking account with one mobile device and one application. If one wants to install an EFG Mobile application on two different devices, one has to create one access on each device. If one owns two eBanking accounts and wants to an EFG Mobile application for each account on the same device, one has to create one access per eBanking account on this device.

The access allows us to identify an eBanking user with a device as well as to list out the mobile applications this user has installed on the device. This not only secures the login, but also in case of loss of the device, support can easily revoke all the accesses linked to it; avoiding the misuse of the information by an unknown third party.

During the login, we use the secure protocol “https” to send the login credentials to our servers in order to validate the login.

We also provide a secure logout process, clearing out all the session data from the device. Once log out is triggered, the data will be erased from the device and will only remain available on our servers.

Session duration

We think of the EFG Mobile applications suite as one additional tool that our customers and advisors can use during the course of their journey. This is the reason why we would like the EFG Mobile application to be as responsive as possible, always in alignment with the security recommendations concerning the duration of a session.

We have established that after 2 minutes of non-usage of the application or when application is sent to the background, it will be locked with the security PIN. One can unlock the application by inputting the PIN or using the touch ID if the mobile device has this functionality. In order to set it up, one has to go to the “Settings” page and turn on the touch ID lock.

EFG chat session

EFG Chat will close the session and user will get securely logged out after 6 month of inactivity.

Data storage

As mentioned in the “Secure login/logout” chapter, we do not store any application data on the device after logout is performed. All data, including messages, are stored encrypted on our servers. Information is sent in a secure way from our servers to the EFG Mobile applications every time it is required.

 

Install EFG chat

One can find below the necessary steps to install and set up EFG Chat on a mobile device. Please note that all our mobile applications, including EFG Chat, will always be available on the corresponding online stores (Google Play for Android and Apple Store for iOS).

We highly recommend to avoid using public WI-FI to install and set up the chat as it might not be secure enough.

Pre-requisites:

  • Make sure the mobile device is connected to the mobile data or a secure WI-FI.
  • Make sure the mobile device has an operational camera to scan the QR code.
  • Make sure one is in an environment that allows connecting to the eBanking using another device different from the mobile device.

Installation steps:

  1. Download EFG Chat from the online store.
  2. Once EFG Chat is installed, one has to tap on the icon to launch it.
  3. One can walk through the on boarding pages to see a brief description of what EFG Chat offers.

 

4. Tap on “Log in” to start the registration process. Please note that these steps only have to be done once per eBanking account and device:

a. Define the 6-digits PIN that will be used to lock/unlock the application and to set up the touch ID

 

b. Next steps cover the creation of a new access. By default, an access is given a name. One can change this name by editing the default value.

 

c. Before scanning the QR code from “Mobile Access Management” application, one has to give access to EFG Chat to access the camera on the device.

d. Log in to eBanking and open the “Mobile Access Management” application.

 

e. When the QR code is displayed on the “Mobile Access Management” screen, please tap on “I’m ready to scan ” on EFG Chat.

 

f. Scan the QR code.

 

g. After scanning the QR code, one is ready to log in to EFG Chat using the eBanking credentials and the Entrust token code. Same configuration as the one used to log in to eBanking.

Once the installation process is successfully completed, one is ready to start chatting.

Use EFG Chat

As previously mentioned, the goal of the EFG Chat is to allow EFG customers to have a real-time communication with advisors. EFG Chat can be seen as a complement of the Secure Messaging application in the sense that all the communications carried on EFG Chat are considered official as well as all the actions taken in the course of the conversations.

EFG Chat includes a F.A.Q document, with answers to common questions and it allows user to directly contact the support team for assistance.

Main features of chat

  1. EFG chat allows communicating to any contact available in the list of contacts. Only written communication is possible, no video or voice calls are available.

    a. One can send messages to any of the contacts available in the list of contacts; one cannot add or remove contacts from this list.

  2. One can always retrieve the history of the conversations by scrolling up on the chat to load older messages.
  3. EFG Chat allows forwarding a message to any contact in the list as well as to securely copy a message. We only allow copying messages inside EFG Chat application; one cannot copy a message from EFG Chat and paste it on an external application (i.e. mail application).
  4. In case the sending of a message has failed, EFG Chat will show an error and will allow the manual resending of the message. One can always see if the message has been read by the recipient.