Ensure your data security

You can rest assured that when you ensure the data security of your device and keep your user identifiers safe, online transactions are secure.

Things to note when you use banking services

When you wish to use online banking and insurance services, the securest way to log into OP eServices is by typing the op.fi address in the browser address bar. Do not go to OP eServices via any links that may appear in an SMS or email message.

Be watchful and alert if the service’s view is unusual or you are asked for key codes more often than once when you log in, for example. Please note that OP eServices will never ask for more than one key code at a time.

Viewing your account data and making payments in other banks’ and operators’ applications

Legislation governing payment services has changed.  This means that you can use the applications of other banks and service providers to manage your accounts and make payments, if you want. For example, you can opt to use the application of one bank for managing all your bank accounts even if the accounts were in different banks.

External service providers, or other banks and operators, will not automatically have access to your account data. This will only be possible if you authorise them, with strong authentication, to do so. External service providers are licensed and supervised by the Finnish Financial Supervisory Authority.

Ensure your device's data security

Make sure that the data security of the computers or other devices you use to access OP eServices is up to date. Check that your device has the following software and that you have updated it as instructed:

  • firewall software
  • antivirus software
  • operating system
  • latest internet browsing software versions.

Do not use your identifiers with a device with malware symptoms. Whenever necessary, you must go to an expert who will disinfect it.

See our FAQ 


Do not give your credentials to third parties. However, you may use your credentials on account information and payment order services, when the service provider has the required licence from the relevant authority or a notification of its activities. Thus far, the Financial Supervisory Authority has not approved a procedure where the service provider logs in to the customer’s online bank with the customer’s credentials. This is because the bank cannot identify the service provider.

If you disclose your credentials to an external service provider, it can use them to login to OP eServices. At the same time, the service provider gets unlimited access to all your data on OP eServices.

Your user identifiers for OP eServices represent strong electronic authentication credentials, i.e. they serve as your ID card on the web. They enable you to conduct personal affairs on the online services of numerous officials and authorities. In accordance with the Finnish Act on Strong Electronic Identification and Electronic Signature, handing over an authentication credential to a third party is prohibited. Do not disclose your credentials to anyone, not even to any of your family members.

Handing over credentials to an external service provider is also prohibited under the contract terms of OP eServices user identifiers. You may not give your credentials to a third party, such as a person, application or service.