1 - SGBS Online

[SECURITY INFORMATION]
SGBSONLINE
RECOMMENDATIONS SECURITY – ONLINE BANK TRANSACTIONS
 Best practices
IT security refers to the body of
techniques and best practices to protect your computers and your
interests in the use of IT services, such as online bank services of Société Générale de Banques au
Sénégal. If the techniques and good practices have been developed by It security experts, you must
know about and implement the easiest ones.
Detection of a malicious act: contact our security services
Do you think you are a cybercrime victim? Do you have any doubt of the
nature of a received message? Contact our security teams as soon as possible:


[email protected]

+221 33 839 42 42
Protect own password
A password is an important protection to carry out online transactions safely. Nevertheless, to ensure full
protection, a password must comply with good practices listed below.
○ Choice of a password: a 6 digit password is intended to be entered on the virtual keyboard.
Choosing a « strong » password shall protect from fraud attempts, passwords must not be
trivial (repetition of digits or sequences of digits) and must not be easily identifiable by a third
person (anniversary date).
○
Use of a password: only enter your code on the virtual keyboard of the secured access
space of your online bank at the following address https://www.sgbsonline.sn
- 1 -S.A. AU CAPITAL DE 10 000.000.000 FRANCS CFA - LSB N° P5 – SIEGE SOCIAL 19, AVENUE PDT LEOPOLD S. SENGHOR DAKAR – BP 323 –
R.C DAKAR N° 7008 B NINEA : 0014051 – NITI : 206 020851-F - TEL : +221 33 839 55 00 –:
1
[SECURITY INFORMATION]
SGBSONLINE
Never communicate your password to anybody.
We remind you that Société Générale de Banques au Sénégal shall never ask
for your password.

Log out after consultation :
Authentication on online bank services shall initiate a consultation session of your customer space. The
session enables you to browse pages and carry out some operations without having to authenticate
yourself again. Though practical, such functionality may enable a user of your computer to browse and
make some operations on your customer space without your knowledge.
You must log out after consultation via « log out » button, closing the page or
the browser shall not be enough.
We remind you that any operation made in your name via your session cannot
be denied

Disable the auto-complete feature of the browser :
Most internet browsers suggest that you save usernames and passwords used in the authentication
forms, including your login username for online bank services. The auto complete feature of the
username shall enable to access in the future your customer space without having to enter your
username again. Though practical, the auto-complete feature of your username may allow a user to log in
to your customer space without your knowledge
You must disable the auto-complete feature of the browser.
We remind you that any operation made in your name via your session cannot
be denied

Secure one’s computer :
Before you browse on Internet, you must protect your computer from possible malicious attacks. You
shoud therefore follow the following instructions :
- 1 -S.A. AU CAPITAL DE 10 000.000.000 FRANCS CFA - LSB N° P5 – SIEGE SOCIAL 19, AVENUE PDT LEOPOLD S. SENGHOR DAKAR – BP 323 –
R.C DAKAR N° 7008 B NINEA : 0014051 – NITI : 206 020851-F - TEL : +221 33 839 55 00 –:
2
[SECURITY INFORMATION]

SGBSONLINE
Update one’s operating system and one’s software: update one’s operating system and
software * is paramount in order to protect oneself from malicious attacks. In fact,
making up known security faults would make inefficient the most common attack
techniques.

Install an antivirus : an antivirus software, even a free one, must be installed in your
computer.
Such software shall protect you by identifying and blocking malicious
applications installed in your computer. In addition, an antivirus software shall check the
reliability of the files you download on Internet or you receive by e-mail. See also to
update your antivirus solution.
* In priority should be updated access-internet softwares (browser, mail box …) and widely known
software (pack Office, suite Adobe, Java …)
● Check the reliability of the visited site
Whether you consult a bank site or an e-commercial site, it is important to ensure that you are on an
official and secured site before making any authentication operation or bank operation. Please follow
these instructions so as to make sure of the reliability of the site you are visiting:
○Check the URL site on the address bar: an URL is the sole username of the web page
you are consulting and which is visible on the address bar of your browser. Checking
carefully your address shall enable you to identify any malicious site as its address shall
inevitably display some differences from one official site
(ex. www.particulier.sg.sn instead of www.particuliers.societegenerale.sn).
○ Check the address’ prefix : an official internet site of bank or commercial services, shall
use some secured communication protocols with its customers. Make sure you browse
on a site securing your communications; the prefix « https » must precede the site URL
(instead of « http »).
The full address of SGBS secured space is as follows:
https://www.sgbsonline.sn
o
Check the security certificate: The certificate is used to ascertain that the site belongs to
the Société Générale group. Your Internet browser shall enable to display the security
- 1 -S.A. AU CAPITAL DE 10 000.000.000 FRANCS CFA - LSB N° P5 – SIEGE SOCIAL 19, AVENUE PDT LEOPOLD S. SENGHOR DAKAR – BP 323 –
R.C DAKAR N° 7008 B NINEA : 0014051 – NITI : 206 020851-F - TEL : +221 33 839 55 00 –:
3
[SECURITY INFORMATION]
SGBSONLINE
certificate used on the page you are visiting. The certificate must have the following
form :

Specific Protections to Smartphones :
The growing use of Smartphones and the increasing development of bank services on such platform
introduce new risks for your security. The confusion between portable telephones and Smartphones is
frequent; however Smartphones are not more or less computers you can call with. Security measures
valid for computers (as mentioned previously) are therefore for Smartphones.
However, specific protections must be applied to smartphones:
Protect your telephone with a password (not trivial) and automate the screen lock in case of inactivity
o
See to apply all updates proposed by your system manager
o
Only download applications from official application site stores (ex. Apple Store, Google
Play Store), at the risk of introducing malicious applications on your Smartphone
o
Do not unlock under any pretext the operating system of the Smartphone (ex. jailbreak,
rooting), such practice shall increase your exposure to risks
o
Do not store any confidential data if they are not encrypted
- 1 -S.A. AU CAPITAL DE 10 000.000.000 FRANCS CFA - LSB N° P5 – SIEGE SOCIAL 19, AVENUE PDT LEOPOLD S. SENGHOR DAKAR – BP 323 –
R.C DAKAR N° 7008 B NINEA : 0014051 – NITI : 206 020851-F - TEL : +221 33 839 55 00 –:
4
[SECURITY INFORMATION]
o
SGBSONLINE
Install an application antivirus software you will keep update
We remind that it is essential to use the same precautions on a Smartphone as
on a computer when you browse on Internet
 Security Measures
Aware of security risks due to the sensitiveness of online bank services, Société Générale shall
implement all security measures in the state of art in order to ensure an optimal security level.
● Mechanisms and authentication procedures
Authentication is a key element of online bank service security. Such procedure, which gives you access
to consultation and management of your accounts, shall enable the computer systems of Société
Générale to formally identify you.
Elements enabling to authenticate you are your username and password. The username is unique and is
provided to you at subscription to online services. A password by default is allocated to you at
subscription to online services and a password change form shall be submitted to you upon at first
subscription.
Authentication case by password
A new password that you will choose shall be modifiable any time at the following address:
https://www.sgbsonline.sn. The couple username, password shall enable you to access consultation and
management of your accounts thanks to innovating system implemented by Société Générale.
Never communicate your password to anybody.
We remind you that Société Générale de Banques au Sénégal shall never ask
for your password.
Authentication case by virtual keyboard
- 1 -S.A. AU CAPITAL DE 10 000.000.000 FRANCS CFA - LSB N° P5 – SIEGE SOCIAL 19, AVENUE PDT LEOPOLD S. SENGHOR DAKAR – BP 323 –
R.C DAKAR N° 7008 B NINEA : 0014051 – NITI : 206 020851-F - TEL : +221 33 839 55 00 –:
5
[SECURITY INFORMATION]
SGBSONLINE
A new password that you will choose shall be modifiable any time at the following address:
https://www.sgbsonline.sn. The couple username, password shall enable you to access consultation and
management of your accounts thanks to innovating system implemented by Société Générale.
The Virtual keyboard shall reinforce the password security by its recuperation by a malicious individual
more complicated.
Never communicate your password to anybody.
We remind you that Société Générale de Banques au Sénégal shall never ask
for your password.

Communication encryption :
Online bank services of Société Générale de Banques au Sénégal are based on the protocol of
encryption communication SSLv3/TLS (Secure Socket Layer version 3 / Transport Layer Security). The
encryption activation shall enable to strengthen HTTP communication which is now referred to as HTTPS
(S: Secure/Sécurisé). The HTTPS protocol shall ensure that all the information exchanged on the site are
confidential and accurate.
Do not hesitate to check that you are visiting a secured site
o
The prefix « https » precedes the address of the site you are visiting
o
According to the browser you use, a lock logo displays on the status bar
Case of « Extended Validation Certificate » (EV)
- 1 -S.A. AU CAPITAL DE 10 000.000.000 FRANCS CFA - LSB N° P5 – SIEGE SOCIAL 19, AVENUE PDT LEOPOLD S. SENGHOR DAKAR – BP 323 –
R.C DAKAR N° 7008 B NINEA : 0014051 – NITI : 206 020851-F - TEL : +221 33 839 55 00 –:
6
[SECURITY INFORMATION]
o
SGBSONLINE
According to the browser you use, the address bar becomes green and displays a
certification
logo
The full address of SGBS secured space is as follows:
https://www.sgbsonline.sn

Automatic log out procedure :
For your security, after ten minutes of inactivity on the service, you will automatically log out. Thus,
nobody can use the site in your place when you are missing without being first logged out. In order to log
in again, you must enter again the username and password.
You must log out at the end of your consultation via « log out » button
We remind you that any operation made in your name via your session cannot
be denied

Traceability and archiving:
For security purposes, the activity of your bank site is traced and filed 24/24 and 7/7, and this, with
respect to banking regulation in force and in accordance with the laws on IT and individual liberty.
Any default shall be subjected to in-depth analysis as well ad hoc procedures to ensure reliability and
continuity of the service at any time.
- 1 -S.A. AU CAPITAL DE 10 000.000.000 FRANCS CFA - LSB N° P5 – SIEGE SOCIAL 19, AVENUE PDT LEOPOLD S. SENGHOR DAKAR – BP 323 –
R.C DAKAR N° 7008 B NINEA : 0014051 – NITI : 206 020851-F - TEL : +221 33 839 55 00 –:
7