Home >

Security Hub - FAQs


Information and answers to Frequently Asked Questions about Security Enhancements. 


Online security

A key part of your security profile for your online access and safety, is and will be, your email address. Importantly this email address needs to be a unique email to you as an individual.

Today, if we detect any unusual activity on your account, if you need to complete a password reset, or you update your information, we will send you an email to confirm it was you.

Soon, we will be making a change to how you log in to your account. We will be asking you to provide your email and password at login rather than your username and password.

As part of our upcoming password complexity improvements, we will also be introducing two-factor authentication to keep your account and investments safe.

We won’t use your email address for marketing purposes, unless you give us permission.

Soon, we will be making a change to how you log in to your account. We will be asking you to provide your email and password at login rather than username and password.

Where someone has their own login credentials (username) for access to their account(s), then we will require a unique email address to be provided to ensure that everyone continues to use our online service.

All your account communications will continue to be sent to the email you have chosen for your joint profile, which doesn’t need to be unique.

With each customer having a unique email address, we will be able to understand who is logging in and make sure every customer profile is protected.

Soon, we will be making a change to how you log in to your account. We will be asking you to provide your email and password at login rather than username and password.

There are certain circumstances where you may have chosen to, or you are not able to link your accounts together (see more about linking your accounts here). For any account where you have a username and password, you will also need to provide a unique email address.

The unique email addresses provided for login will enable us to understand which account you are logging in to and will provide all the necessary security protection that surrounds that profile.

The strength of your online protection is reliant on you having a strong password.

We support your password with robust anomaly detection shields and further security protection around your key personal information.

Changing from username to email, allows you a simpler login experience without undermining any of that protection.

Your email address is the key piece of information that we will use to uniquely identify you. We are further supporting this change, by adding to those anomaly shields already in place. Additionally, we will be improving password complexity options and introducing two-factor authentication at login.

We will be in touch in the coming months to tell you more about these new security features.

You will lose your online account access if you do not provide an email address. Your ability to use and maintain your account will not be affected, but you will need to speak to our Customer Service team over the phone instead of making changes online.

If you don’t currently operate your account online, your service will not be affected.

Where possible, we are encouraging all new and existing customers to create an email address so they can take advantage of all the existing security protection features we offer.

If you do lose your online access and you would like to provide an email address, you’ll need to speak to our Customer Services team, who will be ready to help you. One of our agents will be able to update your account and get you back online. You can contact us on 0345 607 6001 between 7.30am and 5.30pm, Monday to Friday.

We understand that setting up an email address might seem daunting, but it can be a simple process.

While we can’t advise you on which email provider you should choose, when you register with your internet provider (for example, BT or Sky), then they will often provide you with an email account. Additionally, they are likely to be able to provide additional email addresses if you ask them to. These may be free or have an additional cost, so it’s advisable to check with them first.

You can also set up an email account that is separate to your internet service provider. There are plenty of email providers, such as Gmail, Hotmail and Yahoo.

Your online account access will not be affected if you do not provide us with your mobile phone number. However, as it is today, you will find certain functions are restricted to protect you and your assets.

Instead, if you need to make any change to your key information, you will need to contact us.

Having a mobile phone number allows you to take advantage of all our existing security features, so we strongly recommend adding your number to your account if you can.

When you request a message, subject to your network provider and phone settings, we will attempt to send you a message whether you are at home or abroad.

However, sometimes you might not receive your text code. In most cases, it could be that you aren’t receiving texts due to poor reception or local restrictions.

If you don’t receive your message, contact a member of our Customer Services team who will be able to help you. You can call us on 0345 607 6001 between 7.30am and 5.30pm, Monday to Friday.

In the meantime, we are continuing to look at alternative methods if you find yourself in a situation where an alternative to a SMS message is required as a secondary authentication option.

Two-factor authentication introduces the “something you have” element to your login journey along with “something you know”, such as your user ID and password.

The “something you have” at ii will be a one-time code sent to your registered mobile phone. If you don’t have a valid mobile number, we will be contacting you to get an up-to-date mobile number we can use for this process in the coming weeks.

By adding the requirement of “something you have” to your login process, we add an extra layer of security to your accounts, making it much harder for cyber criminals to carry out fraud.

We don’t currently have two-factor authentication enabled when you log in. However, we are pleased to announce it will be coming very soon.

In order to be able to take advantage of this feature, you will need to have a registered mobile on your account. Key journeys regarding the safety of your personal information, are already protected by a two-factor process using SMS verification.

We currently have some restrictions in place regarding our password complexity. We are making changes to our authentication services. This will allow you more control of the passwords you use to protect your account.

We will be significantly increasing your password options, allowing you to use longer passwords and special characters, too. All existing passwords will not be impacted.

You can change your password via the “accounts” menu. Choose personal details & preferences and you can change your login password under the security options.

Telephone security

While the majority of your day-to-day phone transactions and tasks will not be affected, it could take longer for you to pass security when you speak to one of our customer service representatives over the phone.

If we aren’t able to help you over the phone, we will be able to explain your next steps so we can help to complete your request.

No - we will only ever send you marketing information if you have given us explicit permission.

The changes we are implementing to the way we authenticate you means that soon, we will no longer be able to verify your identity with characters from your password. While your password is already securely stored and encrypted, our new method is a much safer practice not only for you, but also for us.

Over the past year we have introduced a telephone SMS verification process. We have carried out a consumer confidence test and found that the vast majority of our customers found the new process, quicker, easier and safer to use.

Yes, you will be able to receive SMS codes abroad, subject to your network provider and phone settings. You may incur extra charges from your mobile provider for receiving text messages abroad.

Account linking

We strongly recommend that you do, as it helps us to identify you quicker and provides greater account security.  Don’t forget, linking your accounts will give you quicker access to your investments and allow you to save money.

When you go to log in via our website, please do so with the account you would like to use as your Primary account. Your ‘Primary’ account will become the one username and password you will use to view all your accounts under one overview.

For example, if you want to always log in using your Trading account username and password, then please make sure to log in with these credentials when you go through the linking process.

No, you can only link accounts in your own individual name.

Yes, you can. You can use your non-refundable trading credits across all your accounts as you wish.

If you have realised you have an account that you do not use, you can close it by logging in and going to ‘close account’ from the ‘account’ menu.