Millenet and security

In this section you will find information how to gain access Millenet, login to transactional system, security issues etc.
  • How to obtain access to the Millenet system?

    Client may get access to Electronic Banking Channels at any Bank Millennium branch, courier process or with prepaid card. Client receives MilleKod and P@ssword1 allowing him to login to Millenet. 


    MilleKod is a unique 8-digit system identifier for every Client in Millenet. It is possibile to set more friendly name for the MilleKod number. Your own name for MilleKod must consist of a minimum of 8 and a maximum of 16 numbers or characters and must be unique in the system.


    P@ssword1 shall be required at the first logging into Millenet. Upon the first logging the system will force User to change P@ssword1 into his private one.


    Client can also sets the Daily tranasactions limit for the system. Daily transactions limit constitutes daily limit for transactions, which may be ordered through the Millenet system.


  • What is the purpose of P@ssword1 and how to change or unblock it?

    P@ssword1 is used for logging into the Millenet system. Bank's Client receives the above password in protected paper envelope, in SMS message (during first login), in Millenet message or in return transfer in online process. P@ssword1 should be used no later than 90 days from the date of issue. Additionally, in the case of delivery in the form of SMS, the message is valid for 15 minutes from the time of sending by the system. After this time, P@ssword1 will expire and it is needed to contact with the Bank in order to receive a new one.


    The Millenet system forces change of P@ssword1 upon Client's first logging. At any time Millenet User may change P@ssword1 in My settings > Password Manger.


    The system will block P@ssword1 after three failed attempts.

    • When User recalls correct P@ssword1, it may be unblocked at 801-24-HELP (0-801-24-4357).
    • If the User forgot P@ssword1, he should contact Bank's in order to receive a new envelope with P@ssword1.

  • What are SMSp@sswords?

    SMSp@sswords are one-time codes sent via SMS to a mobile phone.
    SMSp@sswords are used to confirm operations in the Millenet online banking system for individual and self-employed Customers.


  • Why is the Bank is using SMSp@sswords for authorization?

    The one-time codes sent via SMS are an innovative, convenient and secure method of authorising bank transactions.
    In fact it brings only benefits:

    • you do not have to remember any numbers,
    • you do not have to carry any additional devices with you,
    • all you need to do a transaction is your mobile phone.

  • How to activate SMSp@sswords?

    To activate you need to define your mobile phone in the Bank system. New customers can activate service during first visit in Bank branch while signing the agreement. Existing customers can do this using P@ssword2 downloaded from an ATM:

    • print P@ssword2 from a Millennium ATM using your credit or debit card of Bank Millennium,
    • when you have logged in Millenet the system will ask you to give the number of the mobile phone, to which SMSp@sswords will be sent,
    • after approval of the number you will get an SMS with the first SMSp@ssword, which you will have to enter in Millenet,
    • at the end of the activation the system will require you to give selected characters from the P@ssword2 printed out in the ATM.

  • How to use SMSp@sswords?

    Using SMSp@sswords is very simple and intuitive.

    • Before starting the transaction make sure that you have with you the mobile phone defined earlier in the system.
    • After approval of transaction details in Millenet, SMSp@ssword will be automatically sent to the pre-defined mobile phone.
    • Now it is only necessary to check if the data contained in the SMS message are consistent with the data on the computer screen and type-in the SMSp@ssword.
    • After the system has verified SMSp@ssword the transaction will be executed.

  • I do not have a mobile phone. How will I be able to perform transaction?

    A mobile phone is essential to use SMSp@sswords and confirm operations. There is also possibility of defining trusted beneficiaries, where executing transfers will not require SMSp@sswords, mobile would not be necessary.

  • What is P@ssword2 necessary for?

    P@ssword2 is used only for activation/change mobile phone number for SMSP@sswords service.


    You can print P@ssword2 in Bank Millennium's ATM machine using option Electronic Banking Channels > P@ssword 2 printout.


    During first logon to Millenet after P@ssword2 printout system will give you possibility to set/change mobile phone number for SMSp@sswords.


  • Can I activate SMSp@sswords without generating P@ssword2 from an ATM with my debit card?

    Yes, activation is possible through telephone service:

    • call 801 24 HELP (0 801 24 4357) or +48 22 598 40 50 (for mobile and international calls),
    • choose option 3 (for English),
    • choose option 2,
    • enter your 8-digits MilleKod,
    • enter your 8-digits P@ssword1,
    • you will be contacted with an operator in a while,
    • after verifying your information the operator will ask you to state the number of the mobile phone, to which SMSp@sswords will be delivered,
    • you will confirm the transaction by giving the consultant the activation SMSp@ssword sent to your mobile phone during the call.

  • What transactions will be confirmed with the SMSp@ssword?

    SMSp@ssword authorisation will be required for following transactions:

    • ordering a transfer from the Customer's account to accounts of other Customers,
    • defining, editing and deleting Standing Orders,
    • defining, editing and deleting Trusted Beneficiaries, granting Trusted status to a Beneficiary defined earlier,
    • change of settings in options: Personal Data, Security Settings,
    • defining and changing settings of the MilleSMS service,
    • top-up of Pre-paid mobile phones,
    • accepting the Bank's offer as regards credit products,
    • agreement constitution with the service supplier,
    • issuing supplementary cards to main credit cards,
    • Internet payment transfer confirmation.

  • Can I make transactions without giving the SMSp@ssword every time?

    This is possible for domestic transfers and top-ups of pre-paid phones. For this purpose you must give the transfer beneficiaries and defined phone numbers Trusted status. However defining and editing such trusted beneficiaries does require the SMSp@ssword.

  • How much do the SMSp@sswords cost?

    You do not pay anything for SMSp@sswords. Service activation is free-of-charge and the Bank will pay for the SMS messages sent with SMSp@sswords.

  • Can SMSpasswords be sent by SMS to fixed-line phones?

    No, only a mobile phone may be defined in the system and only to such numbers may SMSp@sswords be sent.

  • What to do when I change the number of my mobile phone?

    If the phone number has changed, then the new number should be defined in the system to continue using SMSp@sswords. This can be done in one of 2 ways.

    Using P@ssword2 downloaded from an ATM:

    • print P@ssword2 from a Millennium ATM using your credit or debit card of Bank Millennium,
    • when you have logged in Millenet the system will ask you to give the number of the mobile phone, to which SMSp@sswords will be sent,
    • after approval of the number you will get an SMS with the first SMSp@ssword, which you will have to enter in Millenet,
    • at the end of the activation the system will require you to give selected characters from the P@ssword2 printed out in the ATM.

    Through telephone service:

    • call 801 24 HELP (801 24 4357) or +48 22 598 40 50 (for mobile and international calls) and ask for activation of SMSp@sswords,
    • the operator will forward you to the automatic service, where you will need to state the full MilleKod and P@ssword1,
    • after verifying P@ssword1 the operator will ask you to state the number of the mobile phone, to which SMSp@sswords will be delivered,
    • you will confirm the transaction by giving the consultant the activation SMSp@ssword sent to your mobile phone during the call.

  • What to do if my mobile phone is lost or stolen?

    Apart from blocking the number with the mobile network operator you need to block it in Millenet. After logging on to Millenet select the option MilleSMS > SMSp@sswords. Here select Delete this number.

    However please remember that to later define the mobile phone number you will need P@ssword2 printed out from an ATM, or will have to call the Bank's phone service.


  • What to do to get an SMSp@ssword?

    If SMSp@sswords were activated and the mobile phone number was defined, then during performance of every transaction, which requires the SMSp@ssword to be stated, it will be sent automatically by SMS to the mobile phone.

  • What to do if I lock the SMSp@ssword?

    Unlocking the SMSp@ssword is possible in one of 2 ways:

    Using P@ssword2 downloaded from an ATM:

    • print P@ssword2 from a Millennium ATM using your credit or debit card of Bank Millennium,
    • when you have logged in Millenet the system will ask you to give the number of the mobile phone, to which SMSp@sswords will be sent,
    • after approval of the number you will get an SMS with an activating SMSp@ssword, which you will have to enter in Millenet,
    • at the end of the activation the system will require you to give selected characters from the P@ssword2 printed out in the ATM.

    Through telephone service:

    • call 801 24 HELP (0 801 24 4357) or +48 22 598 40 50 (for mobile and international calls),
    • choose option 3 (for English),
    • choose option 2,
    • enter your 8-digits MilleKod,
    • enter your 8-digits P@ssword1,
    • you will be contacted with an operator in a while,
    • after verifying your information the operator will ask you to state the number of the mobile phone, to which SMSp@sswords will be delivered,
    • you will confirm the transaction by giving the consultant the activation SMSp@ssword sent to your mobile phone during the call.

  • How long does the SMSp@ssword remain valid?

    The password sent in an SMS message remains valid for 15 minutes from the time it was sent by the Bank. This time is sufficient to receive the message and approve the transaction. If for some reason this period is exceeded you can generate the SMSp@ssword again without the need to cancel the pending transaction, by selecting Generate new SMSp@ssword.

  • What to do if the SMS with the SMSp@ssword is not delivered to the mobile phone?

    If the SMSp@ssword was not delivered to the mobile phone you can generate the SMSp@ssword again without the need to cancel the pending transaction. On the screen for typing the SMSp@sswords select the button Generate new SMSp@ssword.

    Generating a new SMSp@ssword is possible 2 minutes after this screen appears.


  • Can I use SMSp@sswords when abroad?

    Yes, just remember to activate roaming service from your mobile network operator. Additionally the Bank enables use of SMSp@sswords through mobile telephones working in networks of operators in the United Kingdom.

  • Can I give 2 phone numbers e.g. a separate one for the business account?

    No, for one MilleKod only one mobile phone number can be given.

    Note! Assigning the number to another user, e.g. co-owner of the account, will result in deactivation of the number under the previous MilleKod


  • What is the daily transactions limit? How to change it?

    Daily Limit defines the amount limit for transactions executed in a specific day.

    The amount of the incoming transfers and standing orders are included in the daily limit. Mentioned restricions are not applicable to transfers between owned accounts in Millennium Bank.

    The amount of the daily limit can be changed only in the Bank's branch.


  • Can you change the settings for idle periods in the Millenet system?

    Upon logging into the Millenet, any longer idle period in operation results in automatic logout from the system for security reasons.


    Idle time may be changed in option My settings > Password Manager by setting the time in minutes (maximum idle time in the system is 15 minutes).


  • What is the purpose of "Password Reminder Frequency" option?

    Password Reminder Frequency option available in the My settings > Security settings bookmark sets how often the system will remind Millenet User about changing the password for security reasons.
    Proper message will be displayed to the User immediately upon logging into the system and will require entering new P@ssword1 or cancelling the change.


  • May I change the information displayed in "My finances" bookmark?

    Millenet User may select the information to be displayed in My finances option at bookmark My settings > Display options. Having selected the options of User's interest and having confirmed the changes with Save button, new settings will be entered.

  • I have a few savings and checking accounts. May I choose which account will be displayed as the first one on the order screen?

    User may choose the account that will be displayed as the first one at bookmark My settings > Display options - option Default account. After choosing proper account and confirming changes with Save button, the new settings will be introduced.

  • How to use Millenet system safely?

    When using the Millenet transaction system, Bank's Client should check whether system logging and operation are in the secure session (https protocol displayed in the website address and "padlock" icon - in case of Mozilla Firefox and Internet Explorer by the website address field and whether the correct Website address is displayed starting from https://www.bankmillennium.pl/osobiste/...
    Please, follow also 10 security principles available at the Millenet address - 10 security rules and see movies on security, courtesy of Microsoft, available on the Microsoft's Security movies site.

     


  • I was log out automatically. Why?

    After a certain period of time when the user stays idle (which means that the user did not change the viewing page) the system will automatically log out. The time after the user is log out can be changed in My settings > Security Settings > Idle time.
    In case of the automatic logout please check if your operation was properly executed.