Welcome to our 'frequently asked questions' (or FAQs) page. This is where we have answers to the questions we are most often asked about, the dangers of fraud and how you can protect yourself. 

  • We find a balance between making sure we’re talking to a genuine customer while ensuring your personal details are safe.
  • So, to verify you as a customer, we may ask for your sort code, account number or card number. We may also ask you for certain digits of your Telephone Banking Password, sometimes known as a Personal Security Number (PSN).
  • But, we would never ask you to reveal your full password (just certain digits of your PSN). We will also never ask you to reveal  your PIN, or to move your money to another account. If in doubt, hang up and call us back using a number found on the back of your card or at https://www.tsb.co.uk/contact-us/.
  • We address you by name, not “dear sir/madam”.
  • We may include the last four digits of your card number or the last three digits of your post code.
  • The “from” address should be from an email address ending “tsb.co.uk”.
  • We would never ask you to move your money to another account. Or ask you to re-authenticate yourself.
  • Hover over any links in the email to reveal its true address. If it looks suspicious, don’t click on it.
  • If in doubt, don’t click on any links and forward the email onto emailscams@tsb.co.uk.
  • Scammers/fraudsters can now hijack the trail of real text messages. We would never put a phone number on a one-time password (and we’ll never ever ask you to disclose your one-time password to us).
  • Always use the number on the back of your card or on https://www.tsb.co.uk/contact-us/. Don’t click on any link or call on any number found in a text message.
  • If you’ve reported fraud to the police, then they may call you as part of their investigation.
  • But - if someone calls you saying they are the police, remember that they would never ask you to reveal any  personal bank security details such as your PIN, passwords or username.
  • They will also never ask you to move money to a ‘safe’ account or come to pick up your cards or cash.
  • We have some very complex systems looking into how fraud has occurred, but we also look at things like IP addresses, devices, location and how the transactions were processed.
  • We’ll do all we can to make your account safe, and help you understand what happened.
  • We’ll investigate your case thoroughly and keep you updated.
  • Where we are able to refund your money, we’ll do this as quick as possible and with the minimum of fuss.
  • An example of phishing is when a fraudster sends an email to you purporting to be from a reputable company in order to persuade you to reveal personal information, such as passwords and credit card numbers
  • Phishing can also happen via phone call (vishing), text message (smishing) and letter. Essentially these are all the same types of fraud but using different mediums.
  • If you suspect an email, call, text or letter is a phishing attempt, send it on to the company and they can investigate. If it’s TSB they’re purporting to be, please send it to emailscams@tsb.co.uk.
  • Identity theft is when a criminal uses your identity to obtain products and services such as bank loans, credit cards and store cards for their personal gain.
  • They may be successful in committing identity theft because they have found out your personal details, such as your address, date of birth, and bank account details.
  • Methods include theft (such as rummaging through your rubbish for bank statements), reviewing social media profiles (if you share too much personal information) or social engineering (where they have tricked you into revealing these details).
  • Social engineering fraud is when a criminal tricks, deceives or manipulates a person into giving out confidential information or handing over money to them.
  • Criminals win the trust of victims by pretending to be people of authority, such as a bank, utility company or even the police.
  • Examples of where criminals can attempt social engineering fraud include email, text message and telephone calls.
  • SIM swap fraud is when a criminal successfully ports your phone number onto a new SIM card that they possess, in order to intercept your text messages and phone calls.
  • By doing so, they can receive one-time passwords (a.k.a. two-factor authentication or two-step verification), typically used by banks and other services that require extra security. From there, they may be able to log onto your bank account and steal funds from you.
  • To keep your phone number safe, always protect your personal information and passwords. By doing so, this makes it much harder for criminals to port your telephone number with the mobile providers.
  • If your mobile phone unexpectedly loses reception, contact your provider on a separate phone immediately to check all is in order.
  • A romance scam is when a criminal creates a fake identity to start a relationship with a victim with the intent to steal either their money or personal information. These scammers lower victims' defences by building an online relationship, then asking for money for a variety of reasons, such as illness.
  • Further information on how to avoid romance scams can be found here.
  • We’re dealing with your money and so, sometimes we want to be absolutely sure we’re dealing with you. So we use Enhanced Internet Authentication (EIA).
  • Setting up a new recipient or standing order are examples of when we’ll send you a One Time Password (OTP); this is to make sure the instruction is genuinely coming from you. All you need is a phone near you. You'll be able to choose which number we call you on, provided it's a number we already hold for you. For UK mobile numbers, we’ll now send you a text with your OTP. For landlines and other numbers, we’ll now give you a call and read out your OTP. You'll need to enter the six-digit number directly on Internet Banking or the app. The whole process takes less than a minute.
  • Never share your OTP with anyone. If we need to contact you, we would never ask you for your OTP.
  • Please make sure your contact details are up-to-date: log on to Internet Banking, then select Personal Details from the top right-hand menu.

Strong Customer Authentication is a new legal requirement for UK banks that will create additional ways for you to verify your identity, and will make online banking and payments more secure.

How will this affect me?

We have already introduced extra security on your account. This means we may need to send more One-Time Passwords to your mobile or UK landline phone when you access internet banking or before you use certain services in internet banking. All you’ll need to do is enter these passwords when you’re asked to.

Because your passwords will be unique and sent only to your phone, when you use a password, we’ll know it’s really you. This will help us make sure that only you have access to your account.

We’ll soon be introducing this extra security when you use your debit or credit card online too. If you’re registered for our Mobile Banking App you’ll be asked to approve your card payment in the App. If you don’t have the App (or for example if you lose internet connection) we’ll send a one time password to your mobile phone or UK landline.

Do I need to do anything?

It’s important that you give us the right phone number to ensure we can send these passwords to you. This will allow you to continue using your Debit or Credit card online, as well as our internet banking services.

Personal banking customers
You can check and update your phone details by logging into internet banking or the mobile app*, calling our telephone banking service, or by popping into a branch

Business banking customers
You can check and update your phone details by logging into internet banking or by popping into a branch.

About our Privacy Policy

TSB’s Data Privacy Notice can be found at tsb.co.uk/privacy/. If you’ve got any queries or concerns please get in touch with us at privacy@tsb.co.uk.

*Download the TSB Mobile Banking app from Google Play or the iTunes App Store.


We use Verified by Visa and MasterCard ID Check (previously known as MasterCard SecureCode) to keep you safe when you shop online.

This means that you’ll occasionally need to enter a one-time password when you use your card online. You’ll receive the one-time password in a text message sent to your registered number.

Since February 2020, you may have noticed new screens for Verified by Visa and MasterCard ID Check. These are being gradually rolled out to work better on mobile screens.

From August 2021, we will no longer facilitate transactions to cryptocurrency exchanges. The Financial Conduct Authority (FCA) has warned about the extremely high risk involved in investing in cryptocurrency and we are seeing an increasing level of fraud and financial crime through cryptocurrency merchants. Therefore, we have taken the decision to not support cryptocurrency transactions. We’ll send you a text letting you know your transaction has been declined.


Report suspected fraud

Find the fastest way to report your fraud on our 
‘How to report fraud’ page


How to cancel your card 

You can cancel your card in the TSB Mobile Banking app or use one of the other options here

Unsure about a transaction?

To help you identify a transaction you don’t recognise follow this guide

Register for mobile banking

We’re open anytime and anywhere. Take care of your day-to-day banking when you need to.

Set up mobile banking

logging in?

Follow our step-by-step tutorial to get back online from the safety of your home.

View tutorial

Need to visit us?
Visit our FAQs

If you need help with something specific, let us know what it relates to or search a topic.

Go to help page