Ujjivan never asks for your user id/password/pin no. through phone call/SMSes/emails. Please do not respond to any such phone call/SMSes/emails. Any such phone calls/SMSes/emails asking you to reveal your login credentials or One Time Password through SMS could be an attempt to withdraw money from your account. NEVER share these details to anyone.

Ujjivan wants you to be secure. If you come across any such instances, please inform us through email to the following address

We also request you to read the following general information:

Ujjivan makes every effort to provide optimal security of customer’s data and of all transactions, protecting the information of our clients is very important. However hard we work, there are risks online and you may take some action to protect yourself from such threats. Here we provide some information to help you.

Key security issues

Key security issues

Ujjivan Small Finance Bank will provide information on security related news on a periodic basis to keep our customers updated about important developments.


A phishing attack is an online fraud method which involves sending official looking email messages with return addresses, links and imprinting that all appear to come from banks or other reliable sources. Such emails typically contain a link to a fake website and deceive account holders to enter customer names and PIN/Password on the pretense that these details must be updated or changed. Once the customer submits the details, it can be used on legitimate bank sites to take customer’s money.

Nowadays, phishers also use phone (voice phishing) and SMS (Smishing).

It is important that you are suspicious of emails asking for your information like account number, card number, user id, password, PIN etc.

Fake Ujjivan websites and Apps

Ujjivan monitors the internet to find imitation websites and apps, which are often the first step made by phishers. We then work with the authorities to take down such websites and apps as quickly as possible. Since internet is like a sea and we may miss some of these sites; hence you can report phishing attacks by sending us an email at

Ujjivan’s standard practices

These are the standard practices we follow and any deviation may be a malicious email:

    • Ujjivan will address customers by name in any email.

    • Ujjivan will not insert hyperlinks in emails that take you to sites where you must enter your security information.

    • Ujjivan emails will never ask you to reply in an email with any personal information.

    • Ujjivan will use suitable encryption and authentication mechanisms to secure the transactions;

    • Ujjivan will never claim your account may be closed if you fail to confirm, verify, or authenticate your personal  information via email.

    • Ujjivan will never claim the need to confirm important information via email due to system upgrades.

If customers have any suspicion about any email they have supposedly received from Ujjivan, they should contact us immediately.

Verifying Websites

Verifying Websites

Customers must be sure that the site they are entering really belongs to Ujjivan, and is a secure site.

How to check that URL you are entering is secure?

    • The URL will begin with https://


    • The application window will specify that SSL (Secure Sockets Layer) Library.

If https, the secure lock icon, a small padlock will appear on the browser in the positions as detailed below:

When you click on the icon with the padlock, then a security certificate should appear. The certificate shows who owns the website; it should show the name of Ujjivan. Verify that the information and validity of the certificate are correct.


How you can protect yourself from fraudulent apps for smartphones?

Just because an app is in Play Store or App Store doesn’t always mean that app is a legitimate app. Store owners constantly remove malicious apps like fake browsers, fake antivirus, fake games, It is possible that cyber criminals may attempt to mimic Ujjivan products.

Cyber criminals can try any means necessary to trick you into installing fake apps. Criminals use emails and SMS that appear to be originated from Ujjivan, to trick you into downloading applications that can compromise your data. Sometimes fake apps will pose as system or app updates, and clicking on the links may also lead to your data being stolen.

Suggested measures for installing apps:

  1. Download apps from official sources only.

  2. Do research about app before installing like how many times app has been downloaded.

  3. Read reviews about apps.

  4. Do not install app through link provided in SMS or email.

Protect Yourself

Protect Yourself

Protect your personal information

Your user id, account numbers, customer ID, PIN, password are the means to your account. You are requested to

  1. Never write them down.

  2. Never share them either verbally or in any written communication like email, SMS.

  3. Never share them on social websites.

  4. Destroy securely any document containing your personal address.

Protect your computer

  1. Always keep your systems and application patched up.

  2. Install and update genuine anti-virus solution.

  3. Install and update genuine anti-spyware tools.

  4. Install and update personal firewalls.

  5. Use only licensed and legitimate application and operating system.

Protect yourself from Spam Emails

  1. Use a spam filter to enable automatic filtering of spam.

  2. Never reply to any spam message.