EFG Mobile Security

EFG assigns the utmost importance to ensuring the privacy of our clients’ data by securing all the different means of communication we offer.

Our security strategy comprises three main elements:

1. Secure login/logout
2. Limited session duration
3. Strict data storage requirements
    

Secure login/logout

We have leveraged eBanking login security to make the login process for all our EFG Mobile applications as robust and secure as our eBanking login. In addition, we have created a new security feature called access.

Access can be described as the key that unlocks the door to EFG’s secure mobile application.

One access links one eBanking account with one mobile device and one application. If you want to install an EFG Mobile application on two different devices, you will need to create one access on each device. If you hold two eBanking accounts and wish to have an EFG Chat application for each account on the same device, you must create one access for each eBanking account on this device.

Access allows us to identify an eBanking user with a device as well as listing the mobile applications that the user has installed on the device. In addition to ensuring a secure login process, this means that if the device were to be lost, EFG can easily revoke all related access to eliminate the risk of confidential information being accessed by an unauthorised third party.

During the login process, we use the secure protocol ‘https’ to send the login credentials to our servers in order to validate the login request.

We also provide a secure logout process: Once the logout is triggered, all session data are erased from the device and only remain available on our servers.

LIMITED session duration

We think of the EFG Mobile applications suite as an additional tool that our clients and advisors can use on their journey. This is why we want the EFG Mobile application to be as responsive and user-friendly as possible, while ensuring it is compliant with the latest security recommendations concerning the duration of a session. This means that if the application is not used for two minutes or if the user switches to a different application, the EFG Mobile application is locked. In order to use the application again, you must first enter your PIN or use the Touch ID/Face ID function if this is already activated on your mobile device. If you wish to use Touch ID/Face ID, please visit the ‘Settings’ page on your device and turn on the Touch ID/Face ID lock.

EFG mobile applications will close the session and the user will be securely logged out after 6 months of inactivity.
 

Data storage

As mentioned in the ‘Secure login/logout’ section above, we do not store any application data on the device once the user has logged out. All data, including messages, are stored in encrypted form on our servers. Information is transmitted securely from our servers to the EFG Mobile applications every time it is required.