winbank for businesses Security

To ensure maximum security when you manage your company's portfolio via winbank web banking, we use advanced systems, established security protocols and cutting-edge methods. We make sure that your personal data are kept private, we protect your transactions and we safeguard all winbank channels from unauthorised access.

Personal access codes

 1.    Personal codes

Only authorised users have access to winbank web banking. The rights of each user may be fully adjusted to your company's needs. You can limit certain rights and create approval scenarios. Each user can access the service by entering two customer identification codes, different for each user, that only they know:
    • User ID
    • PIN

You pick up your personal codes from a Piraeus Bank branch when you sign your contract. They are inside the winbox we give you. They come with instructions about how to use winbank services.

The first time you use winbank web banking, for your own security, the system makes you change your User ID and PIN. Every 2 or 3 months, or every time you ask for the codes to be reissued, the system automatically redirects you to the “Change PIN” screen. You can change you codes more often if you like.

 2.     Code lock

If you enter your PIN wrongly 3 times, for your own security, the system will lock your access codes and block your access to winbank web banking.

To unlock your codes and regain access to winbank web banking you will need to verify your details. Call the Customer Service Department:
    • on 0030 210 32 88 000

 3.     Automatic logout

If the system identifies that you have been inactive for 10 minutes while logged into winbank web banking, for your own security it will automatically log you out.

To re-activate the online session, the system will ask you to log in again or to re-enter the transaction details.

Transactions with authentication

In order to conduct transactions at winbank, every transaction should be authorized.

Transaction authorization will be performed easily, quickly and free of charge through a push notification* or with an extraPIN delivered through Viber** or SMS at the company’s registered user or alternatively using a code from a token generator.

*You receive this code by push notification, if you are a winbank business app user and have the notifications enabled in your device and app.

** A prerequisite is to have a Viber account, with the mobile phone number you have declared to the Bank for receiving the extraPIN code. The extraPIN code will be sent to Viber from the winbank account. In case you don’t have a Viber account, or it is not possible for any reason to send you the extraPIN code via Viber, you will continue to receive it on your mobile via Push Notification or SMS. If you don’t want to receive the extraPIN code via Viber, you can exclude winbank from the list of recipients in the Viber app and undo this option at any time.

Access, use and transaction approval customisation

Access, use and transaction approval customisation

You may adjust the settings of the corporate portfolio you manage through winbank so that only the users you authorise can access certain transaction types, with different monetary limits and approval levels. In addition, you may specify approval scenarios for all monetary transactions:

  • Monetary limit per transaction type
  • Approval level and access right per user
  • Other settings to monitor your monetary transactions
More about approval workflows when managing business cash equivalents

Exclusion of accounts

You may choose to exclude certain accounts that you do not want to manage online or provide access to them only to specific users.

The accounts you exclude are not cancelled. However you can only carry out transactions on them through Piraeus Bank branches or ATMs. That is also where you will be able to monitor your account balance and activities. You will continue to receive the alerts you had set up before excluding these accounts, but you cannot set up new alerts.

Encryption and confidential data transmission

Controlled access (Firewall)

A firewall controls access to Piraeus Bank’s servers. It operates on two levels:

  • It allows customers/visitors or subscribers/users to use specific services
  • It prevents third parties accessing systems and databases that contain Piraeus Bank’s confidential data and information


From the start of your online winbank web banking session, all your information and personal data is encrypted using the SSL 128-bit (Secure Sockets Layer) encryption protocol.

Every time you log into winbank web banking, all communication between your computer and the Piraeus Bank systems is encrypted with the SSL 128-bit key by Verisign. Verisign is the most widely recognised encryption key generator company for banking services.

Confidential data transmission

To keep the data you transmit during your winbank web banking session confidential, we use the SSL 128-bit encryption protocol. This key has been developed in partnership with Verisign, the most widely recognised encryption key generator company for banking services that specialises in transaction security.

Confidentiality of transactions

All information you send to Piraeus Bank is confidential. To ensure that only the necessary information is used as part of the services we offer, we have taken all appropriate steps:

  • Only authorised Bank employees have access to your company's transaction details and only when necessary
  • Piraeus Bank does not disclose your personal or banking data or transaction data except if your company's legal representative has authorised it to do so in writing or it is obliged to do so by a court or decision of some other public authority
  • When Piraeus Banks uses the services of third parties to support its computer systems, it ensures that your company's transactions remain confidential
  • You can request any data held that relates to your company. You can also ask for that data to be corrected if you identify any errors
  • For your own security, you must treat all information provided via winbank web banking as confidential and secret and must not disclose it to third parties. Security is your responsibility too

Personal Data Protection

Piraeus Bank respects and safeguards your personal data. That is why we keep your personal data on a secure central server.

We implement Law 2472/1997 on the protection of individuals from the processing of personal data and record the personal data of all customers, suppliers, employees and associates of Piraeus Bank that it becomes aware of as a result of employment relationship or partnerships or business transactions, in a file. That data may be sent elsewhere in Greece or abroad only if the data file is held and the data transmitted in accordance with the business objectives of Piraeus Bank and the requirements of the law.

For more information about how we safeguard personal data, call us:

  • From a landline or mobile phone in Greece on 18 28 38
  • From abroad on 0030 210 32 88000

Security is your responsibility too

The security of your data on winbank web banking also depends on how responsibly you manage it. Only you know your personal access codes. You should not disclose them to anyone.

winbank web banking’s customer service department will never ask you for your PIN. If anyone contacts you by phone or email asking you for your PIN or asking you to log into winbank by clicking on some link, treat it with suspicion.

Do not reveal you personal access codes for winbank web banking to anyone, even if they promise that they will offer you additional services or assistance. By providing your codes, you are giving that person access to your accounts and personal data. If these are used maliciously, you are directly responsible for the consequences.

If you believe that someone has Phished your PIN, change it immediately. Log into winbank web banking and change your PIN in your “Profile”. Let us know about it immediately.

Call us:

  • From a landline or mobile phone in Greece on 18 28 38
  • From abroad on 0030 210 32 88000