Digital Banking Security

This text has been prepared by T. Vakıflar Bankası T.A.O. ('VakıfBank') in its capacity as the data controller, in accordance with Article 10 of Law No. 6698 on the Protection of Personal Data ('Law'), the Communiqué on the Procedures and Principles to be Followed in Fulfilling the Obligation to Inform ('Communiqué'), and the Guide on Cookie Practices ('Guide').
What is a Cookie?
A cookie is a type of identification file given to the visitors' computers or mobile devices by websites, in the form of small-sized data files. It enables the recognition of computers when the website is visited again. Websites, by reading these data files created by users when they first connect, gain the ability to work more efficiently, quickly recognize the users, and load user settings such as site language in a fast manner during subsequent visits. The use of these technologies is conducted in compliance with the legislation to which we are subject, primarily Law No. 6698 on the Protection of Personal Data ('PDPL').

Cookies help the website remember information about your visit (e.g., your preferred language and other settings). They can provide convenience on your next visit and make the site more practical and faster for you.

Through this Cookie Policy, we aim to provide information to members/visitors ('Data Subjects') on the purposes for which we use cookies during the administration of VakıfBank's websites and the types of cookies used, as well as how you can manage these cookies concerning the processing of personal data obtained during the use of cookies.

For detailed information on the processing of your personal data, you can read Clarification Text On The Protection And Processing Of Personal Data Of Turkiye Vakiflar Bankasi Turk Anonim Ortakligi

What Are the Types of Cookies?
Cookies are categorized into temporary and permanent cookies based on their validity periods. Temporary cookies are data files that are generated during a user's visit to a website, storing the user's preferences during that visit and automatically deleting when the visit ends and the user leaves the site. Temporary cookies are data files that are generated during a user's visit to a website, storing the user's preferences during that visit and automatically deleting when the visit ends and the user leaves the site. The user preferences stored in this data file are read from it quickly during the user's next connection and are loaded, enabling the user to have a faster and more efficient website experience.

In VakıfBank websites and mobile applications, both temporary and persistent cookies can be used for the following purposes:

Ensuring site security management; for instance, avoiding the need for logged-in users to re-enter their passwords when visiting different pages on the site during the same session.
Ensuring the functions of the site or application work as intended; for example, remembering the user's username or search queries on their next visit to the site.
Monitoring and maintaining the performance of the site or application at a high level; these are cookies that collect information about page visit intervals, potential error messages, and the total time users spend on the respective pages, in addition to user behavior on the site, to enhance the performance of the bank's website.
Saving time for users by remembering their preferences; for instance, displaying pages or icons related to visitors' areas of interest based on the pages and products they have viewed.

Are Cookies Mandatory?
Internet browsers on computers or mobile devices allow cookies by default. These cookie settings enable websites to utilize this feature to enhance the user's experience. Users can adjust their cookie settings or completely block cookie usage through methods that differ according to the type of internet browser on their devices. The method for changing the selection of cookie usage varies depending on the type of browser and can be learned from the respective service provider when requested.

Similar to cookies used on other websites, users of VakıfBank have the option to selectively or entirely block the use of cookies when they so choose. However, the majority of our cookies are designed to ensure the proper functioning of the website or application, and blocking them may lead to the disruption of certain functions. Therefore, it is not recommended.

Cookies Used on Our Website
The types of cookies used on our website are as follows.
Essential Cookies
The use of a certain type of cookies is required for the proper functioning of our site. For example, the identity verification cookies that come into play when you log in to our website ensure that your session remains active as you navigate from one page to another on our site.

Other Cookies
Functionality and Preference Cookies
These cookies enhance the personalization of services provided on our site for you by recalling your preferences and selections.
Performance and Analysis Cookies
Through these cookies, we can analyze your use of our site and its performance, enabling us to improve the services we provide to you.
Targeting or Advertising Cookies
We do not use cookies for product and service promotion or marketing activities on our website.
Do VakıfBank Cookies Store My Confidential Information?
VakıfBank does not store users' confidential information through cookies. Cookies solely contain information pertaining to your browsing history and do not access files stored on your computer or mobile device.
How can cookie preferences be controlled?
Cookie use is predefined in many browsers. Users can change this selection status in the browser settings. Therefore, the user can also delete existing cookies and refuse the storage of future cookie uses. So, if cookie use is canceled, it may not be possible to benefit from some features in the Bank's systems.

Changing the cookie use selection method varies depending on the browser type, and the methods for some service providers are as follows.

Google Chrome	By clicking on the "lock sign" in the address section of your browser, you can allow or block cookies from the "cookies" tab.
Internet Explorer	By clicking on the security tab in the "Tools" section at the top right of your browser, you can manage cookies as "allow" or "do not allow".
Mozilla Firefox	Click on the "open menu" tab in the upper right corner of your browser. By clicking on the "Options" image, you can manage cookies using the "Privacy and Security" button.
Opera	By selecting "Advanced" in the "Preferences" section of your browser, you can manage cookies in the "cookies" section.
Safari	Select the "Safari" tab from the "Settings" section of your mobile phone and you can manage all your cookies from the "Privacy and Security" section.

What are the Rights of the Data Subject?
Pursuant to Article 11 of PDP Law, you may make requests regarding the following issues regarding your personal data by applying to our Bank:

a. To learn whether personal data is being processed,
b. If personal data has been processed, to request information about it,
c. To learn the purpose of processing personal data and whether it is being used for that purpose,
d. To learn the third parties to whom personal data is transferred, whether domestically or abroad,
e. To request the correction of personal data if it is incomplete or incorrect and, in this context, to request the notification of this correction to the third parties to whom personal data has been transferred,
f. To request the deletion, destruction, or anonymization of personal data if the reasons requiring processing have ceased and, in this context, to request the notification of this process to the third parties to whom personal data has been transferred,
g. To object to an adverse result arising from the analysis of processed data exclusively through automated systems,
h. To request compensation for the damages you incur as a result of the unlawful processing of your personal data.

You may convey your requests pertaining to the aforementioned rights through the 'Personal Data Subject Application Form,' accompanied by identity verification documents. These can be submitted either in person at our branches or through a notary. Alternatively, you can send them securely with an electronic signature to the address 'Finanskent Mahallesi Finans Caddesi No:40/1 Ümraniye/İstanbul' or to the email address vakifbank@hs01.kep.tr. Our Bank will finalize your application requests free of charge within 30 (thirty) days at the latest, depending on the nature of the request, in compliance with Article 13 of the PPD Law. In case the request is rejected, the reason(s) for the rejection shall be notified to you in writing or electronically.
Application address :
Türkiye Vakıflar Bankası T.A.O.
Finanskent Mahallesi Finans Caddesi No:40/1 Ümraniye/İstanbul
Phone: +90 216 724 10 00
Fax: +90 216 724 39 09
Bank's Registered Electronic Mail (KEP) address: vakifbank@hs01.kep.tr

Internet banking usage is on the rise, and with the malicious use of evolving technologies to obtain customer information, security becomes an even more crucial topic for us.

In today's internet banking, along with advancing technology, various methods such as emails and links are used to obtain customer information, including card details and card passwords. Using these methods, a user's personal information can be accessed. Additionally, through programs that can copy both internet websites and keyboard and screen displays, all kinds of password information of the user can be obtained. To prevent such risks, it is important for you to carefully read and follow the Security Warnings and explanations in the Security menu available during our bank's internet banking login. Your attention and implementation of these measures are vital for your security.

Access our website by typing www.vakifbank.com.tr in the address line of your browser and access our Internet Banking application from the page that will open.
First, close all open browser windows. Then connect to Internet Banking by opening a new window. When you connect to Internet Banking, make sure that our site address starts with 'https'.
The 'closed lock' icon should appear in the browser window. If there is no 'closed lock' icon, do not perform banking transactions and exit the system immediately. The lock sign indicates that the connection is encrypted
Check whether the security image displayed at the login stage of Internet Banking is the same as the one you have previously selected, and in case you see an image different from the one you have selected, call our Customer Contact Center at 0850 222 0 724 to report the situation before proceeding with the transaction.
Once you have finished your transactions in Internet Banking, close the application by clicking the 'Secure Exit' button.

What we do for your safety;

Your safety and privacy is important to us in all financial transactions you perform through VakıfBank Internet Banking. We continuously update our existing security applications and implement new security measures by closely following the technology in order to keep your privacy and security at the highest level every time you use Internet Banking. In this regard, the sensitivity we have shown has enabled us to launch our new application, Mobile Signature. You can restrict Internet Banking in a way that suits your own usage style with the Security Settings option.

Our advice to you;

Our Bank takes precautions for your security, and some small precautions you can take also play an important role in ensuring your security:

Update your operating system regularly. This prevents possible vulnerabilities from being exploited.
Always use the latest version of your internet browser.
Always use an antivirus software and update it regularly.
Install and activate a firewall on your computer.
Only use software from trusted sources.
Close all other programs on your computer during Internet Banking transactions. Do not chat, surf or download files during this time.
Do not use Internet Banking on an unfamiliar computer or on shared computers (such as internet cafes).
Never share bank accounts and/or passwords over the phone or email.
We will never send you an e-mail asking for your passwords, asking you to update your information or change your passwords, or containing links directly to our website. When you receive such an e-mail, please call the Customer Contact Center at 0850 222 0 724 as soon as possible to report the situation.
Please take care for the confidentiality of your user information. Do not write down your password or save it on your computer or browser. Do not use passwords that can be easily guessed by others, such as date of birth or phone number. Do not use consecutive numbers next to each other or more than two consecutive numbers as your password, and make sure that your new password is different from the last two passwords you used.

Internet Banking

Internet Banking Frequently Asked Questions

Please install the Mobile Banking application only via Apple Store, Google Play Store.
All records of all activities carried out through Mobile Banking are kept within the framework of our Bank's privacy policy.
Regularly update your operating system. This prevents vulnerabilities from occurring.
Only use software from trusted sources.Only use software from trusted sources.
Never share your bank accounts and passwords over the phone or e-mail.
After completing your transactions in Mobile Banking, please close the application by clicking the 'Exit' button.
Do not accept files via Bluetooth that you do not know the source and reliability of. Having Bluetooth turned off will allow you to make more secure transactions when using Mobile Banking.
Please call the Customer Contact Center at 0850 222 0 724 for all problems and suspicions you encounter while using Mobile Banking for your security.

Device Authorizations

For your protection, we request authorizations to prevent the VakıfBank Mobile Banking application from being used in fraudulent transactions and to ensure that the application can only be accessed with your device. The Authorizations granted by you will not be used to access your phone book or other personal information and documents. Detailed information on authorizations can be found below.

Phone authorizations: You can call VakıfBank Customer Contact Center through the application,
Location authorizations: See the nearest branches and ATMs on the "Nearest VakıfBank" screen,
Authorization to access Google services: Showing the nearest branches and ATMs on Google Maps,
Network connections and WiFi connection authorizations: You can use the app by connecting to the internet,
SMS reading authorization: Automatic entry and verification of the passwords we send via SMS,
Photo/Media content authorization: Ability to store images within the app on the phone to improve app performance,
Identity authorization: Required to access Google services and to receive Pocket Signature notifications.

Get Password

Your password is personal information. Never share your password with anyone, including bank personnel, either verbally or in writing. When entering your password at POS or ATMs, please pay due attention to the confidentiality of your password. If you forget your password, call the Customer Contact Center at 0850 222 0 724 to get a new password.
Please ensure that your password does not consist of easily guessable numbers such as your birthdate, phone number, or card number, and avoid using sequences or easily discernible numbers like 33333, 12345, 24862, 25808, or those that can be deduced from your typing patterns.
Please take care to ensure that the PIN you have chosen for your bank card differs from the PINs associated with your Internet Banking, Customer Contact Center, credit card, or other bank card/credit card.
Do not write your PIN on your card or anywhere else, do not store it on your mobile phone or computer, and refrain from keeping it written in your wallet.
Please change your PIN at regular intervals.
When entering your PIN at POS terminals or ATMs, always ensure to keep it concealed and make sure there are no individuals around who could potentially see your PIN. In case of suspicion, please contact us at our secure Customer Communication Center at 0850 222 0 724 to report any concerns for your security.
Do not leave the ATM until your transaction is complete and you have safely retrieved your card. Do not seek assistance from unfamiliar individuals.
When you encounter a suspicious situation at the ATM where you are conducting a transaction (such as a device that appears to have been tampered with), for your security, please immediately call the Customer Contact Center at 0850 222 0 724 and provide information before proceeding with the transaction. Ensure that there are no suspicious individuals around you.
In situations where your card gets stuck or trapped in the ATM, do not seek assistance from individuals who offer to help, and refrain from entering your PIN. Ask for help from bank personnel or call the Customer Contact Center at 0850 222 0 724 without leaving the ATM.
Use your own phone or the nearest secure phone when calling our Bank and always dial the phone number yourself. You can easily make an emergency call by saving the number of our Bank's Customer Contact Center in your phone.
In case of theft or loss of your card, please call the Customer Contact Center at 0850 222 0 724 without delay to close your card.
Malicious individuals may falsely claim that if you re-enter your PIN when your card is stuck in the ATM, your card will be returned or canceled. They may even offer to assist you in calling your bank using their own cell phones, with the intention of obtaining your card's PIN. If you find yourself in such a scenario, to ensure your safety, kindly report it by dialing the Customer Contact Center using your own mobile phone or the nearest secure phone.
For security purposes, our bank may request you to change your card PIN, send you a new card PIN, or temporarily deactivate your card in case of suspicious situations like your password not meeting the designated security criteria or if your card or PIN has been compromised through methods such as card trapping or card cloning. Use your new password in such cases and never use your old card password. Please call the Customer Contact Center at 0850 222 0 724 or our branches to open your card if your card is disabled.

When using the Customer Contact Center, you need to go through various security steps in order to receive information and make transactions.
All conversations during the services you receive from the Customer Contact Center are recorded for your security.
Some information is asked for your security during the transactions you make by connecting to your Customer Representative.
When you make transactions through the Customer Contact Center, you can enter your password using the keys on your phone, so you don't have to share your password.

You can receive the statement of your transactions by e-mail or fax upon your request.

Scanner And App

Recommended Browsers for Internet Banking

Google Chrome

Version 58 and Above

Internet Explorer

Version 11 and Above

Mozilla Firefox

Version 45 and Above

Safari macOS

Version 10.12 Sierra and Above

Mobile App

Apple Store

Version iOS 13 and Above

Google Play

Version Android 7 and Above

Huawei

Version HarmonyOS 5 and Above

Security Tools

Mobile Signature

We put an end to waiting for SMS, generating passwords and typing passwords over and over again!

SMS Password

SMS Password is a single use password made up of numbers sent to your mobile phone during the login phase of Internet Banking and to be used transactions over a certain amount.