Online Privacy and Security


The policies and practices adopted by PT Bank Rakyat Indonesia, Tbk ("BRI") as the following reflect the commitment of BRI in keeping and maintaining your privacy and security once you access BRI websites and BRI internet banking.

  1. Policy on privacy

    2. BRI will neither sell, exchange nor disclose all information related to the customers or BRI website and internet banking visitors.

    BRI does not trace BRI website visitors.

    During your log in to the BRI internet banking, BRI will use cookie which will end once you log out.

    All your banking transactions and information on other accounts are kept confidential in accordance with the regulations having the force of law applicable in Indonesia and BRI internal policies.

  2. Security

    1. Security System

      2. BRI employs 3 (three) layer security systems in order to protect your access and transactions with BRI internet banking, namely:

      1. Secure Socket Layer ("SSL")

        2. SSL is a security technology that "encrypts" inter-computer communication channel in order to make it illegible by others.

      2. User ID and Password

      3. mToken BRI

        4. mToken is additional security technology that always produces a different password each time used.

      Due to the various types of internet browser available, it is difficult to provide internet banking that is in line with the security of each browser. BRI currently only provides internet banking facility which is more compatible if accessed by using Microsoft Internet Explorer version 7, Mozilla Firefox version 2.0.0, Safari version 4.0.3 or its most recent type. BRI apologizes for this inconvenience.

    2. Protection of BRI Internet Banking Communication

      3. BRI uses the encryption technology of Secure Socket Layer (SSL) 256 byte to protect the communication between your computer and the BRI server during your access to the BRI internet banking.

      To ensure protection of communication during your access to the BRI internet banking, you can do as follows:

      1. Check the SSL certificate on regular basis to make sure that you have received the valid SSL certificate which has already been registered.
      2. Should you receive the message confirming invalidity of the certificate, please do not proceed access to BRI internet banking.
      3. Make sure that you have typed the correct address of https://ib.bri.co.id
      4. Make sure that your browser shows the image of a lock/key indicating that the page that you access has been currently encrypted by the use of SSL. Should you fail to view the lock/key image, please log out and repeat to log in.
      5. Make sure you have logged out once you leave your computer even for a short while.
      6. You are not advised to access the BRI internet banking at an internet stall (Warnet) or at such other network with insufficient security.

    3. Protection of Access to the BRI Internet Banking

      4. BRI requires you to enter User ID and PASSWORD prior to access to the BRI internet banking.

      You are required to change the PASSWORD and fill in the fields of e-mail when you log-in internet banking BRI for the first time.

      To ensure protection of your access to the BRI internet banking, please do the following:

      1. Keep confidential your User ID and PASSWORD, do not disclose to others. even if such person admits that she/he is a BRI employee. BRI will never question your PASSWORD.
      2. Change your password periodically in internet banking BRI on the menu Customer Service - Administration - Change Password or if you are unsure about the confidentiality of your password. Do not use a password that is easy to guess such as: name, address and others. Do not write your password in a place where others can read it.
      3. Use PASSWORD for the BRI internet banking that is different from that you use to access other websites.
      4. Contact Call BRI 14017 / 500017 / 021-57987400 you forget your PASSWORD or in case it is blocked. Follow their instruction as to how to reactivate your internet banking facility.

    4. BRI mToken and BRI mToken Protection

      1. mToken intended as a second layer security.
      2. mToken used for internet banking BRI is soft tokens, and using mobile media for each shipment mToken code.
      3. For financial registration, customers are required to include phone numbers, which numbers will be used for delivery mToken.
      4. BRI requires that you use security mToken mToken to generate code used to authenticate each of your financial transactions and as a sign of your approval of these transactions.
      5. You must enter the code generated by mToken BRI if you perform financial transactions such as transfers of funds, purchases and payments and non-financial transactions such as: activation mToken.
      6. Transactions that can be done without using mToken BRI are: account balance information and mutation.
      7. mToken code request is required for customers who want to make financial transactions.
      8. Every single time mToken delivery, there are 5 mToken code that can be used for 5 times the transaction (a transaction is only valid for 1 transaction), and will be expired when they are 12 hours.
      9. To ensure protection of your BRI mToken, please do the following:
        • Make sure your mobile phone number that you register as mToken is true.
        • Contact Call BRI if you register your phone number as mToken damaged.

        Follow the instructions on our agents how to get your mToken back.

    5. E-mail Address and Protection of Transaction Information

      6. BRI requires you to provide your e-mail address to BRI. BRI will use your e-mail address to send information on financial transactions completed through the BRI internet banking and various non-financial transactions during first log in, change of e-mail? address, add connection, and so forth. In addition, BRI also uses your e-mail address for the purpose of promotion, gathering invitation, and other information.

      To ensure protection of transmission of information to your e-mail address, please do the following:

      1. Provide BRI with your personal e-mail address. Never use fake e-mail address.
      2. Change your e-mail address immediately you are in internet banking BRI if you change your e-mail address.
      3. If you contact BRI through e-mail, do not send information on your account which is confidential or sensitive in nature, including your PASSWORD.

    6. BRI Website

      7. In the BRI website, BRI provides URL link to other websites which are not under the control of BRI. BRI is not responsible for the content and security of such websites. Should you access such websites, please check their privacy and security policies.

      If you access the BRI website or internet banking through URL link from other websites, make sure that the address you access is correct, namely https://ib.bri.co.id

      BRI may at any time change this policy on privacy and security of information in order to make adjustment to the latest situation and technology. You may at all times view the BRI latest information and policy on privacy at https://ib.bri.co.id/ib-bri/en/privacy.html

      Tips for the Use of the BRI Internet Banking with Better Security.

      Basically, the BRI internet banking system or network has applied maximum security. The condition of the BRI internet banking security is at all times monitored and improved in line with the development of technology and the current threat.

      The threat is also experienced by all internet users including those of the BRI internet banking. Therefore, BRI requests you as the BRI internet banking user to be on alert over the various types of threats which may occur when accessing internet. Tips for security when you access the BRI internet banking include as follows:

      1. Phising

        2. Phising deals with fraudulent means used by certain parties to obtain confidential information on a customer such as User ID and PASSWORD. Those various means include:

        • Disguised as a bank staff asking for the customer's data for a particular purpose.
        • Sending e-mail containing log in screen and asking the customer to log in by entering User ID and PASSWORD.
        • Sending URL link to a website that resembles the bank's official website which is allegedly fake.

        Tips for security:

        • Please be advised that BRI will never send such kind of e-mail as described above to the customer. Should you receive e-mail of that kind which seems to be originated from BRI, you can directly delete it.
        • Should you have already filled in the information requested or feel that your User ID and PASSWORD have no longer been confidential, immediately contact Call BRI 14017. Make sure that the website you access is https://ib.bri.co.id and also make sure that the lock/key image of your browser is intact during access to https://ib.bri.co.id

      2. Virus / Worm

        3. Computer Virus is computer programs made with certain purposes. Generally, virus damages the operation system, application and data in the infected computer. Virus may spread through various media such as: e-mail, disc, CD, USB drive, Flash memory, program from internet or network and also from "mean" website page.

        Various instances of impacts from virus infection include:

        • The computer becomes unstable and frequently "hang" (blocked).
        • The computer becomes slow.
        • The data in harddisk is deleted.
        • The application program is not usable.

        Worm which looks like a virus is made in order to be able to spread fast to many computers. Even though in general worm does not cause damages as the virus does, it may be used to carry various attachments including those of dangerous kind.

        Tips for security:

        • Use updated anti-virus in your computer and make sure that your computer is scanned at real-time.
        • A lot of viruses emerge through received e-mail, ?accordingly you should be more cautious in using e-mail. Delete suspicious e-mail or e-mail coming from an unknown sender, and scan the e-mail attachment prior to opening.
        • Use firewall on the operation system of your computer or install personal firewall and make sure that the configuration of the installed firewall is able to secure your PC.
        • You are not advised to access or download files/programs on the internet from unknown/allegedly illegal websites.
        • Scan files originated from disc, CD or USB drive that you receive.
        • Make sure that both the operation system and application in your computer has been protected by the most recent protection system.

      3. Spyware

        4. Spyware is a kind of computer program programmed to "steal" important/personal information from an infected computer and send it to a particular location in the internet to be afterwards taken by its maker. The information which becomes the main target includes: credit card number, User ID and PASSWORD, account number, e-mail address and so forth.

        Spyware may be installed through e-mail attachment, the program being installed from unclear sources or by "mean" website.

        Virus may be programmed to spread spyware.

        However, unlike virus which is more destructive in nature, spyware works silently so that it will not be traceable and thereby will be much easier to gather the information as desired by those making/spreading spyware.

        Tips for security:

        Security over spyware is similar to that over virus/worm.

      4. Bot (roBot)

        5. Bot is a kind of computer programs which may, if installed in your PC, cause your PC be remotely controlled by others through network. The Bot maker/ spreader may do unlimited actions with your PC.

        In general, the controlled PCs (known as Botnet) are used to send SPAM, Virus, Worm or attack other computers connected with the network. Safeguards against spyware the same as security against viruses / worms.