Close panel

Close panel

Close panel

Close panel

Cybersecurity

Today

05 Sep 2023

The main mission of BBVA's Security Operations team is to adopt all the necessary security measures in the face of an increasingly diverse cybercriminal reality. To this end, it has highly specialized teams in charge of assessing the security measures and processes implemented in the Group, as well as monitoring, detecting, and responding to any security risk or threat. Hundreds of hackers make up this team worldwide, organized into offensive, defensive, and transversal teams.

28 Aug 2023

BBVA has relied on behavioral economics techniques to encourage employee participation in cybercrime training. The messages conveyed through the use of these techniques have effectively doubled interest in the course and, in some cases, increased course attendance by up to 70%. The initiative, which has been recognized by the Global Association of Applied Behavioural Scientists, will succeed in making the bank’s regular cybersecurity messages to its customers more effective.

21 Jul 2023

09 Jun 2023

BBVA in Colombia redesigned its smartphone app. From now on, the app will feature a new interface, run faster, offer more security and provide new functionalities. This marks the launch in Colombia of BBVA's global mobile banking app, which is already active in Spain, Mexico, Peru and Argentina, among other countries. Today, more than 1.7 million Colombian users are using the new version of the app on their smartphones.

17 Apr 2023

09 Jan 2023

The growing demand for digital financial services around the world has brought with it an increase in exposure to digital crime and fraud. With 47.8 million digital customers worldwide, BBVA has put its customers' protection and trust as a fundamental pillar of its strategy to combat this situation. In 3 years, the bank has managed to prevent up to 75% of fraud, strengthening customer protection.

06 Jul 2022

Cybercriminals do not go on vacation. Their activity tends to intensify during the summer season. We could even go so far as to say that our time off is their bread and butter. They can take advantage of any break to attack, from the summer break to a weekend getaway. Our lack of precaution is often a way for cybercriminals to attack us.

17 Jun 2022

It is increasingly common to receive attacks from fraudsters who impersonate banking institutions, the aim of which is to first obtain our passwords and then to gain access to our assets. However, the increase in these attacks has reinforced the efforts of bank security teams and police forces, both in terms of prevention and awareness, making it increasingly difficult for cybercriminals.

19 Apr 2022

The bank becomes the first financial institution in the world to share its cybersecurity knowledge with society through Coursera, a learning platform with 97 million registered students. As experts in cybersecurity, BBVA's goal is to train, motivate and empower its customers, and society in general, to acquire secure behaviors to properly manage the risks posed by the digital era.

26 Jan 2022

Adaptation to the environment is the main vector of operation and survival for a business. The technological environment plays a crucial role in this process. As a result, cybersecurity becomes a fundamental pillar and employees are key players. Not in vain, 62% of incidents of this nature that take place in organizations happen due to human error, as reflected in the latest ‘Cyberthreats and Trends’ report prepared by the National Cryptologic Center.

19 Jul 2021

We are increasingly aware of the importance of passwords: we create stronger ones, change them regularly and make sure not to use the same ones for everything. We also know that one of the biggest risks we face is password theft, since passwords unlock our information. But are we as careful with the passwords we store in our browsers?

23 Jun 2021

After the incidents of the previous months (SolarWinds, Codecov,...) it is becoming more evident that it is necessary to have a strong inventory and control over the components with which we build our software, as well as to strengthen the process used to build it.

19 May 2021

BBVA has been involved in the creation of Pinakes, the Interbank Cooperation Center (ICC) platform that simplifies the provider evaluation process in areas relating to cybersecurity. The aim of this platform is to offer the 124 financial institutions associated with the ICC and the more than 400 providers that provide products and services to the financial sector a new efficient mechanism for ensuring their reliability and ensuring compliance with the demanding banking sector regulations when it comes to managing technological risks.

23 Feb 2021

BBVA and Google Cloud today announced a new strategic partnership to transform the bank’s security strategy by optimizing and improving its security infrastructure. As part of this global agreement, BBVA will collaborate with Google Cloud in the development of groundbreaking new artificial intelligence (AI) and machine learning (ML) models to predict and prevent cyberattacks against its banking infrastructure, providing a more secure experience for the bank and its customers.

13 Nov 2020

14 Oct 2020

BBVA has launched Aqua, a new line of pioneering credit cards in Spain which feature a dynamic CVV code and do not contain card numbers (PAN) or expiration dates printed on them. This reinforces security both for its digital and physical versions since not having this data prevents possible fraudulent use of them. In addition, BBVA´s app has renewed the entire payment experience to make it easier for the customer to manage their expenses and order the services it offers based on their use. The bank is already working to launch this mobile experience in other countries.

08 Oct 2020

11 Aug 2020

Corporate virtual security has become even more important as a result of the coronavirus pandemic. Cybercriminals have found new opportunities in digitization and remote-working to commit fraud and cyber attacks; companies and employees alike have to be prepared against this risk. To this end, Campus BBVA has trained approximately 2,000 employees using courses, conferences, and discussion groups focused on digitization and tele-working as strategic capabilities that promise to be fundamental during the near future.

28 Jul 2020

How do cybercriminals think? What techniques do they use and how do they set up to implement them? What are their goals? There's nothing better than putting yourself inside the bad guy's mind so you will be ready to react. We tell you how these criminals behave.

21 Jul 2020

15 Jul 2020

The uncertainty triggered by COVID-19 has led to a rise in cyberattacks against individuals in Spain. BBVA has therefore hosted several webinars in recent months to offer practical advice to customers and non-customers and thus alert the general public to the risk of fraud on the Internet. During these online events, involving members of the BBVA Cybersecurity team, including Roberto Ortiz, Global Head of Security Culture and Training at BBVA (People Information Security), speakers addressed the need to educate, inform and raise awareness of cyber attacks to protect the identity and finances of network users.

10 Jul 2020

06 Jul 2020

Álvaro Garrido has been safeguarding the integrity of BBVA's assets for the past three years. In his role as Chief Security Officer (CSO), he’s responsible not only for the Group’s physical & digital security, but also for its fraud prevention efforts, an exceptionally broad range of duties for such a large company and, at the same time, a great professional challenge.

16 Jun 2020

A few weeks ago some colleagues from a development team told us about their worries on the JSON Web tokens (JWT) generation they were doing as part of a new tool integration they were working on. They had heard about several security issues regarding the use of JWT tokens so they asked us for help in order to validate if the tokens they were issuing were correct and met some basic security requirements.

We are currently working on a project to help automate security tests, APICheck, which we’ve recently released as open source. APICheck is comprised of a set of small tools that can be pipe chained in order to run several tests on API requests, so we got down to work with the development of a new tool for validating the JWT they were issuing, jwt-checker, in which we’ve implemented the ability to pass the validations on the tokens we’ll talk about. Below I’ll show you an example of a test implemented using the tool.

26 May 2020

Essential remote working has forced a change to on-site employee training plans. BBVA had already espoused a culture of online learning before the pandemic, offering its staff a comprehensive digital training catalog via the Campus BBVA platform. The platform has been refreshed to adapt to employee needs during the weeks of confinement. Employee response has been positive: traffic to the training portal shot up 96 percent with more than two million sessions during the first month of lockdown. A review of the most consumed topics reveals employees’ growing interest in developing new competencies (data, design, sustainability), which are priority for BBVA and and even more apropos given the new reality that awaits.

15 May 2020

Scammers adapt quickly to new trends, exploiting them to lure new victims. An example that has gained notoriety in recent weeks: web sites promoting fraudulent Fortnite offers. Fortnite is a popular video game and is being used by cybercriminals as an enticement to misappropriate user data.

12 May 2020

It’s technically complicated, but yes, if the webcam user doesn't follow some security precautions, it is possible. Furthermore, exploiting the fact that the COVID-19 pandemic has driven an increase in teleworking, online classes, and all kinds of virtual meet-ups, cyber criminals are looking to profit by stepping up their attacks. Find out how to prevent others from unauthorized access to your web camera or videoconferences.

07 May 2020

The arrival of COVID has forced many companies to figure out new ways of working, and to accepting the idea of allowing, where feasible, employees to work from home. These new alternative work arrangements may yield substantial sustainability, cost saving and productivity benefits, but also expose of corporate confidential information to new threats. In this context, adopting increased security habits becomes more important than ever.

04 May 2020