Skip to main content

Banking securely

Protecting you when you’re using our internet banking is serious stuff to us. We guard your personal information, privacy and money using the latest online security measures. And our systems are regularly tested by independent experts to make sure they’re safe. Find out more about our security.

Take Five Campaign

Passcodes and alerts

Passcodes and alerts

One time passcode to your mobile

To keep you safe we’ll send a unique code to the mobile phone you’ve registered with us:

  • to confirm when you set up a new payee using internet banking
  • for setting up your security information

We’ll never ask for this code at any other time and you should never share it with us or anyone else if it’s not for the reasons above.

It’s really important you tell us if your mobile number changes. And if you get a one time passcode message you’re not expecting, let us know by calling 0345 08 08 500.


We may send you a text or email message if:

  • your balance falls below or goes above a certain amount
  • a card transaction that looks suspicious happens on your account

Messages from us will appear from:

  • MetroBank
  • 80003

We may ask you to reply to messages. We may also contact you by phone if we spot suspicious activity on your account. We’ll never:

  • include a link to a web page for you to follow
  • ask you for a full password, full security number or full answers to your security questions

If you’re not sure whether a call, text or email is genuine, call us on 0345 08 08 500.

Online security

Online security

We use security technology across all our platforms, including encryption, fraud prevention and anti-phishing - all of which have 24x7 monitoring.

Security features to keep you safe

  • Look for the padlock –we use 256-bit encryption on all our websites and you can check you’re secure by looking for the padlock icon next to the web address
  • Inactivity time out –you’ll be logged out of internet banking if you’re inactive for 10 minutes
  • Secure login –three failed logins will block your access
  • Summary page –when you log in to internet banking, you’ll see details of your last login. And if you’re a personal customer, you’ll see failed logins and any new payees set up since your last session. 

Mastercard SecureCode

Mastercard SecureCode

Stopping fraud

MasterCard SecureCode software works behind the scenes to stop any fraudulent transactions on your account. It can stop suspicious activity like:

  • unusual card payments
  • unusual purchases

If a purchase looks suspicious, we might ask you for extra authorisation.

If you’re suspicious of any card transactions on your account, call us on 0345 08 08 500.

What you can do to stay secure

Keeping you secure means the world to us, but there are things you can do too. Know what to avoid and how to protect yourself from fraud –stay up to date on the latest threats and scams.



Keep your passwords strong

Other people shouldn’t be able to guess your passwords. And you shouldn’t use the same one for more than one site. What you can do:

  • Use strong passwords - a minimum of 8 characters and a mix of upper and lower case letters including numbers. Don’t use number or letter sequences
  • Don't write down or tell anyone your login details
  • Don’t use your date of birth as your ‘Security Number’
  • If you think your password has been compromised, change it

Check your wireless network

Use a secure wireless network you recognise to go online. If you’re on an unsecured network, a fraudster can see who you bank with and could hack your personal information. What you can do:

  • Make sure your wireless router’s security features are switched on
  • Always use a strong password for the router
  • Use a firewall on your computer


In communications

In communications

Phishing, vishing and smishing

Fraudsters have lots of sneaky ways to steal your personal information:

  • Phishing – getting information by email
  • Vishing – getting information by phone
  • Smishing – getting information by text

What you can do:

  • Don’t follow links sent to you in emails and texts. We’ll never ask you to do this.
  • Don’t tell anyone your 4-digit PIN – even the bank or the police.
  • Be aware – we’ll never ask you to move your money to a new account for fraud reasons or send someone to your home to collect your card, cheque book or cash – even if you’ve been a fraud victim.
  • Don’t respond to suspicious calls, texts or emails. If you think something’s wrong, come in store and tell us or call us on 0345 08 08 500.
  • If you get a suspicious phone call, make sure the line is clear before you call us.
  • If you get a dodgy email, mark it as spam and forward it to us at Then delete the email.
  • Never send confidential information by email. It can be intercepted by hackers.

How to spot a phishing scam

Phishing emails can look genuine, but there are a few giveaways to look out for:

  • The email address – is it the same as the one you usually get emails from, or just similar?
  • The subject line – if it mentions something like ‘secure message’, ‘security alert’ or ‘system upgrade’, assume it’s suspect
  • The greeting – does it say ‘Dear customer’ or something similar? A phishing email is unlikely to include your name
  • If it requests you to follow a link or a button or to download a file – these will likely take you to a fake copycat website
  • A sense of urgency, like: ‘If you don’t respond within 48 hours your account will be suspended’
  • Grammar and spelling mistakes

Cards and money

Cards and money

Your cards can be vulnerable to fraud – so keep a close eye on them. Here is what to look out for.

Fraudsters using your lost or stolen card

  • Report any stolen cards straight away.
  • Never write down your PIN with your card.
  • Only carry the cards you need.
  • Never share your cards, even with friends and family.

Counterfeit card fraud or skimming

Counterfeit cards are usually made by skimming – copying the data from your card’s magnetic strip on to another card. This happens most often at bars, restaurants, petrol stations and cash machines. And most people don’t know it’s happened until their statement arrives.

What you can do:

  • Don’t leave your card with restaurant staff for long – ideally you should see the card at all times
  • Check cash machines for signs of tampering – if you think a Metro Bank machine has been tampered with, call us on 0345 08 08 500
  • Cover the PIN pad with your hand when you enter your number
  • Always read and check your statement and tell us if you find anything suspicious  

Fraudsters using your card details to buy things online, by phone or by post

This is called card not present fraud, and it’s the most common type in the UK.

What you can do:

  • Don’t enter your card details on shared computers
  • Never email your card details
  • Always log out of any websites where you’ve entered your card details
  • Only enter your card details on secure sites – they have web addresses that start with https and a padlock icon next to them

Your card being stolen on its way to you

There’s a bigger risk of this if you share a letter box.

Find out how long it will take for your card to arrive and contact your card provider straight away if it doesn’t turn up. Don’t forget, with Metro Bank you can get your card printed in store on the spot - and because we’re open until 8pm weekdays and at weekends you can do this at time convenient for you.

Money mule scams

A money mule is someone who helps criminals launder money. They’re often recruited by adverts for what looks like a legitimate job, but involves transferring money through your own account and keeping a cut as commission.

The money is likely to be the proceeds of crime and it’s a criminal offence to hold it. If you’re suspected of money laundering your accounts may be suspended and closed down. Plus your name might be put on the fraud database.

What you can do:

  • Be wary of any job that involves you holding or transferring money through your personal account
  • Never share your bank details with anyone you don’t know or trust

Keep your mobile safe

Keep your mobile safe

We’re doing more banking on our mobile phones – and the fraudsters know it. That’s why it’s vital to be as safe on your phone as you would be on your computer. What to look out for:

  • Fraudsters trying to get your details through email, texts and over the phone – Phishing, SMiShing and Vishing
  • Bluetooth attacks that let fraudsters see your private information
  • SIM Swap

What you can do:

  • Use a PIN that nobody else would guess
  • Set your phone to lock automatically
  • Never store passwords, usernames or log-in reminders on your phone
  • Reset your phone to factory settings if you sell or recycle it
  • Never follow links in texts or emails
  • Use different PIN codes for your phone, apps, cards, etc
  • Always log on to internet banking through the app or the correct web page

What is SIM Swap?

This happens when a fraudster replaces your SIM with a new one and moves your number to it. All your calls and texts will be diverted to the new number – making the fraudster the main contact for your bank and card providers. 

What you can do:

  • Don’t give confidential information over the phone unless you're absolutely sure of the caller's identity. If in doubt, ask for the caller's phone number and check to see if it's genuine (look on the website).
  • Don’t turn your handset off if you get a flurry of nuisance calls. Fraudsters use this technique to stop you noticing a loss of service when a SIM is swapped.
  • Set up additional security with your network provider to stop your number being diverted without your permission
  • If your mobile phone service stops unexpectedly, tell us. Call us on 0345 08 08 500 and we’ll help check out the problem.

Stay safe on social media

Stay safe on social media

We love social networking – but sharing personal information on channels like Facebook, Twitter and LinkedIn can put you at risk from fraudsters. They can use your details to impersonate you, accessing your accounts and opening new ones in your name. 

What you can do:

  • Be careful what you share - phone numbers, emails, dates of birth and your mother’s maiden name can be used to steal your identity
  • Think about using different emails for different sites to avoid phishing attacks
  • Use your privacy settings to control what people can see, and who can see it

Social media and Metro Bank

We have official accounts on Twitter @Metro_Bank and @MetroBank_Help, on LinkedIn, Instagram and on YouTube.

Both our Twitter accounts have been verified by Twitter and include Twitter’s blue verified badge.

We’ll never ask you to share any account information in a public forum. The only details we’ll ever ask you for are your name (or if you’re a business customer, your business name) and a contact number we can reach you on. Please use a private/direct message to tell us these.

If you ever have doubts about a social media channel, call us on 0345 08 08 500 or email


If you have any security concerns or want to talk to us about anything on this page, give us a call and we’ll be happy to help. Ring 0345 08 08 500 as soon as possible. If you are worried about an email , don‘t respond – just forward it to

ways to bank


Metro Bank 24/7. Check balances, make payments, see transactions and open new accounts any time - all with internet banking.


Control your money on the move with our mobile banking app. Check balances, move money, make payments and more wherever you are.


A friendly face and a quick answer. And all the usual payment services too. We're open 362 days a year


If you need help you can talk to a real person in our UK contact centre 24 hours a day, 7 days a week, 365 days a year