Certain things in life are meant to be shared: appetizers, feelings, secrets. And then there are certain things that you should always keep to yourself, like your toothbrush, your house keys, and your banking PIN. Yet, according to the RBC Fraud Prevention Poll, 55% of Canadians have admitted to sharing their banking PIN or passwords with others.

Even though there can be serious consequences if your PIN or password is compromised (like losing money and, uh, having your identity stolen), 41% of Canadians have done at least one the following things that could jeopardize their security: 

  • Used the same phone unlock code as their bank PIN
  • Used their birthday as their bank PIN
  • Kept their PIN written down in their wallet
  • Used the last 4 digits of their phone number as their PIN
  • Used the word PASSWORD as a password for websites
  • Set their debit or credit card PIN to something easy like 1234 or 5555
  • Written their PIN on their debit or credit card

Have you done any of these things? Well, if so, you could be leaving yourself open to fraud

“You should always protect your PIN and passwords and choose one that follows security best practices,” says Jason Storsley, Vice President, Fraud Management, RBC. “In the wrong hands, this information could be detrimental to your financial security. Think of it as leaving your house key in the lock, yet expecting that you are protected.”

While banks like RBC use a series of advanced security measures and technology to protect clients from fraud, PINs and passwords are your first line of defence. And if you're not protecting this information, you could be vulnerable — very vulnerable. If you think your passwords are strong enough, you may want to think again. Fraudsters are using increasingly sophisticated methods to target people. 

To mark Fraud Prevention Month, RBC has the following tips to help Canadians reduce their chances of falling victim to fraud.

Always shield the PIN pad when making a transaction

Protecting your PIN is one of the most effective ways to protect yourself against fraud. Next time you're taking cash out of an ATM or making a transaction in a store, keep your card within sight and always shield the PIN pad while you enter your PIN.

Choose your PIN wisely

Choose a PIN with numbers and/or letters you can easily remember, but avoid numbers and letters that others might guess like your birth date, phone number, address or SIN.

Don't write your PIN down anywhere

Never write down your PIN or store it electronically and do not disclose it to anyone including your bank, law enforcement agencies, friends or family. Keep it completely to yourself.

Never share your PIN 

Don’t share your PIN, even with people you trust. If you need someone to perform banking activities on your behalf, ask your bank what options are available other than sharing your PIN.

Change your PIN immediately if you suspect fraud

The very first thing you should do if you suspect that your PIN has been compromised is to change it immediately. You can do this by contacting your bank.

Protect yourself online

You know those texts and emails you get asking you to sign in to your bank account immediately "for security reasons"? Ignore them. Phishing scams, where fraudsters impersonate your bank or another company and ask you to disclose your PIN or password, are rampant online. Your bank would never ask you what your PIN or password is online or over the phone.

Choose a strong password

Choose passwords that are hard for others to guess but easy for you to remember. Complexity is good, but the length is key. Always use the maximum password length allowed, aiming for a minimum of 16 characters whenever possible. Avoid common words and sequences like "password," "ABCD," "1234" or anything that can be easily guessed.

Be creative. Some of the strongest passwords aren't even words. Passphrases, a collection of randomly chosen words like "Delay Elephant Buy" or "Europe Profit Now," are the best option for maximum security. Replacing some letters with spaces, numbers or special characters can help increase the strength of your password.

Check your account activity regularly

Don’t let fraud go undetected. Log in and view your account activity multiple times a week to ensure there are no suspicious transactions.

While no one can totally protect themselves against fraud, employing these strategies will help keep your money and your personal information safe. Banks like RBC also work hard to ensure billions of transactions take place safely each year while protecting their customers from fraud and identity theft.

During Fraud Prevention Month, learn more about what you can do to keep your PIN and passwords safe. Visit the RBC website to learn more today.