Cookie settings

Cookies are small text files stored on your device to identify you and can be used to remember user preferences and analyse traffic to further improve our website. We may share information about your use of our site with our social media, advertising and analytics partners. By clicking "Accept all cookies", you agree to the use of all cookies as described in our cookie statement or "Accept only essential cookies" to only use cookies that are necessary for the functioning of our site.

Read our cookie statement here.

You can choose to adjust your preferences at any time.
Wholesale Banking

ING’s security measures

To overview

All of ING's systems are continuously monitored for potential vulnerabilities and breaches. Monitoring is performed 24/7 on various levels and from various angles. Close alignment with the international security community also ensures that ING can act upon new vulnerabilities before they emerge in our global IT ecosystem.

ING complies with the latest regulatory and software standards and with the latest technologies to ensure ING’s systems are protected and that ING’s products and services are always available.
Additionally, ING runs an extensive Responsible Disclosure program, where security professionals and anyone that joins the program are rewarded for responsibly reporting (potential) security issues in our systems. For all details of ING’s Responsible Disclosure program terms please visit ING Responsible Disclosure - Bug Bounty Program - Intigriti.

Secure connection with ING

Computer viruses and other malicious software (malware and trojans) are common and rapidly spreading threats. Software like this can be very harmful to your computer and seriously threatens safe use of Internet banking and expose personal data. When you browse to any website/webapplication of ING, a secure connection is established between the ING host system and your computer. This connection protocol is often called Secure Socket Layer (SSL) or Transport Layer Security (TLS), which means that all communication between you and ING is encrypted. SSL/TLS is the international standard of securing personal information and transactions on the Internet.

To check if your connection with ING is secure, please:

  • Check that the address in your browser starts with “https://”
  • Verify that the SSL-certificate is issued to ING Bank N.V. or ING Groep N.V. by clicking on the security icon (the lock) in the browser.

Restricted log on time (time out)

If you leave your mobile phone or computer device unattended, then log off from the ING Internet banking application and always lock your device. ING will automatically end your user session after 5 minutes of inactivity. It is important to understand that this can result in loss of data on your end since the last time that you saved your work, so please be sure that you save the transaction/order that you are working on before this 5 minutes waiting period expires. After the session expires, you will need to log on again to re-access the Internet banking application.

Secure access

ING’s Internet Banking applications are protected from unauthorised access by one or more authorisation levels. ING uses cutting-edge technology to encrypt and authenticate your transactions.

Segregation of duties, advanced permission schemes

ING Wholesale Banking application “InsideBusiness” supports multiple authorisation levels, which act as security measures on a functional level. By limiting access to accounts and applying dual signatures on payments, the potential damage that a single compromised (system of a) user can invoke unintended/unauthorized transactions will be prevented or at least decreased significantly. A rich setup of user access and sign permissions is supported in the system. The combination of limits/thresholds on customer and account level allows segregation of duties and responsibilities on different levels within the company structure. Administrative configuration itself is also subject to dual control.

Find out more

All of ING's systems are continuously monitored for vulnerabilities and potential breaches (e.g. malware), including security state monitoring (e.g. configuration and patch problems) and monitoring on security breach events.