Security centre for clients
Security is an essential part of the business we run and the services we deliver at Transact. See how we keep your investments safe and how you can protect yourself online.
How we keep your investments safe
Your account (our platform)
Your data is protected using encryption and security controls both in transit and stored within our systems.
We verify bank accounts to make sure they are held in your name.
We actively monitor dark web sources for compromised credentials and other indicators of account compromise to help protect your accounts and personal information.
Your money and investments are protected
Transact, as part of our Group IntegraFin Holdings plc, is regulated by the Financial Conduct Authority.
Your assets are protected under the Financial Services Compensation Scheme (FSCS). You can read more about this in the client assets protection and compensation guide.
Your investments are held securely by our in-house, authorised custodian; regulated by the Financial Conduct Authority (FCA).
Why cyber security matters
When you access your financial information online, it’s important to stay vigilant about cyber security. Criminals are always looking for ways to access personal and financial information. Even one weak password or suspicious link can open the door to fraud or identity theft.
This guidance outlines simple steps you can take to reduce the risk and help protect your account, your finances and your peace of mind.
Best practice recommendations
MFA adds an extra layer of security by requiring a code or approval in addition to your password.
Always enable MFA when logging into the platform or any financial service you use.
Use a password that is long, complex and unique; don’t use the same password across different websites.
Avoid passwords that include names, birthdays or common words.
Consider using a password manager to store your passwords securely.
Make sure your phone, tablet or computer is running the latest software and security updates.
Turn on automatic updates where possible to stay protected.
Be cautious of emails or texts that ask you to click links, open attachments or provide login details.
Always check the sender’s address carefully. Criminals often create fake emails that look genuine.
If something doesn’t feel right, don’t click; contact us or your adviser directly.
Avoid logging in from shared or public computers.
Always lock your phone or computer when not in use.
Make sure your devices have antivirus or security protection turned on.
Don’t log in to your account or share personal information when connected to public Wi-Fi (like in cafés or airports).
Use a secure, password-protected home or mobile connection instead.
Spotting and responding to suspicious activity
If you receive a login alert or message you weren’t expecting, change your password straight away.
If you’re ever asked to update bank details by email, double-check with your adviser directly. Don’t rely solely on the message.
If something doesn’t look right, even if it seems to come from a known source, stop and verify before taking action.
Never share your login details with anyone, including friends or family. Your account should only be accessed by you.
When using the Transact platform
Always use MFA when logging in.
Log out fully when finished, especially on shared or public devices.
Don’t let your browser save your login details if you’re using a shared computer.
Keep your device protected with up-to-date security software.
Need help?
If you notice suspicious activity or think your account may have been compromised, contact the cyber security team: cybersecurity@integrafin.co.uk.
Your responsibility and disclaimer
Cyber security is a shared effort. While we take steps to protect the platform, you are responsible for keeping your devices, passwords and personal information secure.
This information is provided as general guidance and does not constitute advice or imply any liability on our part for any cyber security incidents. If you are unsure about any of the steps, you may wish to speak to your adviser or seek professional support.
If someone contacts you out of the blue
Stop
Taking a moment to stop and think before parting with your money or information could keep you safe.
Challenge
Could it be fake? It’s OK to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
Protect
Contact someone you trust, such as a friend or family member, and contact the company directly.
