winbank for Corporate Banking Security

To ensure maximum security when you manage your company's portfolio via winbank web banking, we use advanced systems, established security protocols and cutting-edge methods. We make sure that your personal data are kept private, we protect your transactions and we safeguard all winbank channels from unauthorised access.

Personal access codes

 1.  Personal codes

Only authorised users have access to winbank web banking. The rights of each user may be fully adjusted to your company's needs. You can limit certain rights and create approval scenarios. Each user can access the service by entering two customer identification codes, different for each user, that only they know:
    • User ID

    • PIN

The first time you use winbank web banking, for your own security, the system makes you change your User ID and PIN. Every 2, 4 or 6 months, or every time you ask for the codes to be reissued, the system automatically redirects you to the “Change PIN” screen. You can change you codes more often if you like.

 2.  Code lock

If you enter your PIN wrongly 3 times, for your own security, the system will lock your access codes and block your access to winbank web banking.

To unlock your codes and regain access to winbank web banking you will need to verify your details. Call the Customer Service Department:
    • From a landline or mobile phone in Greece on 210 328 8000

    • From abroad on 0030 210 32 88000

 3.  Automatic logout

If the system identifies that you have been inactive for 7 minutes while logged into winbank web banking, for your own security it will automatically log you out.

To re-activate the online session, the system will ask you to log in again or to re-enter the transaction details.

Verify your ID with extraPINs

For certain actions or transactions, the system itself may require a two-factor authentication. The second factor is the 6-digit extraPIN you will receive via SMS on your mobile or by using the extraPIN generator device. The extraPIN is a one-time password that the user must enter to complete the transaction.

You must enter an extraPIN to:

  • Make batch transactions, such as payrolling, remittances or other payments

  • Set up future or regular payments, irrespective of the amount

  • Transfer cash to others at Piraeus Bank

  • Remittances

  • Pay credit cards issued by other banks

  • Manage application forms

Each extraPIN you receive is active for 1 minute. By entering the extraPIN you may carry out as many transactions as you like during the same winbank web banking online session.

To receive the extraPINs you just need to declare your preferred mobile number:

Access, use and transaction approval customisation

Access, use and transaction approval customisation

You may adjust the settings of the corporate portfolio you manage through winbank so that only the users you authorise can access certain transaction types, with different monetary limits and approval levels. In addition, you may specify approval scenarios for all monetary transactions:

  • Monetary limit per transaction type

  • Approval level and access right per user

  • Other settings to monitor your monetary transactions

More about approval workflows when managing business cash equivalents

Exclusion of accounts

You may choose to exclude certain accounts that you do not want to manage online or provide access to them only to specific users.

The accounts you exclude are not cancelled. However you can only carry out transactions on them through Piraeus Bank branches or ATMs. That is also where you will be able to monitor your account balance and activities. You will continue to receive the alerts you had set up before excluding these accounts, but you cannot set up new alerts.

Encryption and confidential data transmission

Controlled access (Firewall)

ΗA firewall controls access to Piraeus Bank’s servers. It operates on two levels:

  • It allows customers/visitors or subscribers/users to use specific services

  • It prevents third parties accessing systems and databases that contain Piraeus Bank’s confidential data and information


From the start of your online winbank web banking session, all your information and personal data is encrypted using the SSL 128-bit (Secure Sockets Layer) encryption protocol.

Every time you log into winbank web banking, all communication between your computer and the Piraeus Bank systems is encrypted with the SSL 128-bit key by Verisign. Verisign is the most widely recognised encryption key generator company for banking services.

Confidential data transmission

To keep the data you transmit during your winbank web banking session confidential, we use the SSL 128-bit encryption protocol. This key has been developed in partnership with Verisign, the most widely recognised encryption key generator company for banking services that specialises in transaction security.

Confidentiality of transactions

All information you send to Piraeus Bank is confidential. To ensure that only the necessary information is used as part of the services we offer, we have taken all appropriate steps:

  • Only authorised Bank employees have access to your company's transaction details and only when necessary.

  • Piraeus Bank does not disclose your personal or banking data or transaction data except if your company's legal representative has authorised it to do so in writing or it is obliged to do so by a court or decision of some other public authority.

  • When Piraeus Banks uses the services of third parties to support its computer systems, it ensures that your company's transactions remain confidential.

  • You can request any data held that relates to your company. You can also ask for that data to be corrected if you identify any errors.

  • For your own security, you must treat all information provided via winbank web banking as confidential and secret and must not disclose it to third parties. Security is your responsibility too.

Personal Data Protection

Piraeus Bank respects and safeguards your personal data. That is why we keep your personal data on a secure central server.

We implement Law 2472/1997 on the protection of individuals from the processing of personal data and record the personal data of all customers, suppliers, employees and associates of Piraeus Bank that it becomes aware of as a result of employment relationship or partnerships or business transactions, in a file. That data may be sent elsewhere in Greece or abroad only if the data file is held and the data transmitted in accordance with the business objectives of Piraeus Bank and the requirements of the law.

For more information about how we safeguard personal data, call us:

  • From a landline or mobile phone in Greece on 18 28 38

  • From abroad on +30 210 32 88000

Security is your responsibility too

The security of your data on winbank web banking also depends on how responsibly you manage it. Only you know your personal access codes. You should not disclose them to anyone.

winbank web banking’s customer service department will never ask you for your PIN. If anyone contacts you by phone or email asking you for your PIN or asking you to log into winbank by clicking on some link, treat it with suspicion.

Do not reveal you personal access codes for winbank web banking to anyone, even if they promise that they will offer you additional services or assistance. By providing your codes, you are giving that person access to your accounts and personal data. If these are used maliciously, you are directly responsible for the consequences.

If you believe that someone has Phished your PIN, change it immediately. Log into winbank web banking and change your PIN in your “Profile”. Let us know about it immediately.

Call us:

  • From a landline or mobile phone in Greece on 18 28 38

  • From abroad on +30 210 32 88000