Banco Internacional de Costa Rica, S.A. (BICSA) is committed to the security of its clients and periodically maintains and updates extended validation security certificates on its website and for Electronic Banking.

A security certificate provides a secure connection between Internet users and the website that uses it. It is issued by a certifying authority and uses the SSL encryption system.

The extended validation security certificate guarantees users of a site that they are really entering the entity’s website, in this case, Banco Internacional de Costa Rica and that said entity has the exclusive right to utilize the domain specified on its site.

You can identify a site that has a security certificate in the following manner:

Upon gaining access to a site that utilizes a security certificate, you will observe in your web browser’s address bar the following:

  • The website’s address begins with https://
  • An icon depicting a lock
To identify a site with an extended validation security certificate, you will see that your web browser’s address bar has all the characteristics of a site with a security certificate and additionally shows, shaded in green and to the right, a rectangle with the name of the company that owns the website.

Upon entering our website or Electronic Banking, you will see that the address bar will read Banco Internacional de Costa Rica, S.A.

  • The token is an electronic device that the Bank will provide to the client as a second authentication factor to gain access to the e-Banking site and as validation to perform transactions.
  • This device generates single-use dynamic passwords that will be requested by the e-Banking system.

  • We use access credentials such as user name and password.
  • For input of the password, we use a virtual keyboard for greater security.
  • The token is used as an additional authentication factor, for clients’ greater security.
  • We impose a maximum transaction amount.
  • The e-Banking system has an “End Session” button so that the user can terminate the session once transfers have been made.

BICSA offers its clients a tool that allows notifications to be sent and received in a reliable and secure manner.

To achieve this, the Microsoft Office 365 services is used, which through emails, allows the sending and receiving of notifications, account statements and transaction notices, in an encrypted manner, ensuring the security of the information contained in the message.

For access to the tutorial from our website:





  • Protect your Social Security Number (SSN) or National Identity Card.
  • Protect your debit card’s PIN by memorizing it and avoid sharing it with anyone.
  • If you need to throw away documents or papers that have bank account or personal information, shred them instead of throwing them in the trash.
  • Review your credit history and report any unusual activity.


  • Memorize your password and do not write it anywhere it can be easily discovered by other persons.

  • Never include your password in an email.

  • Avoid the use of birthdays, phone numbers, pet or family names in passwords.

  • Do not utilize the same password for more than one account. If your password is discovered, it could give the attacker access to several of your accounts.

  • Create passwords in accordance with the website’s requirements. We recommend creating complex passwords that utilize upper case letters, lower case letters, numbers and special characters.

  • Change your password from time to time for greater security.


  • Always enter our Online Banking through our website, writing our website’s address in your browser’s address bar.

  • Once you are at our website, make sure that a green lock appears in the address bar, and that the address is shown as “”, the “s” indicating that it is a secure website.

  • Memorize your e-banking access credentials (user name and passwords) and don’t share them with anyone.

  • When you are finished using e-Banking, make sure to close the session, clicking on the corresponding button.

  • You should use e-Banking through known devices, be it your personal computer, work computer or personal tablet.

  • Your internet browser’s version should comply with the minimum specification required by our e-Banking’s certification.

      ○     Internet Explorer Version 9 or higher
      ○     Google Chrome 42 or higher
      ○     Safari 5.1 or higher
      ○     Mozilla Firefox ESR 38 or higher

  • Keep your token or security device in a safe place.


  • Avoid making transfers from public places.
  • Verify that the beneficiary account’s information is correct.
  • If you receive an email with information about the transfer you are carrying out, contact the beneficiary to confirm the information.


  • Delete any email where you are asked for confidential information, such as your telephone, client number, user name, password and account information, especially if it is marked URGENT.

  • Be wary of emails that show obvious and numerous grammatical errors. Often, these emails are fraudulent.

  • Never gain access to our website from links included in emails you have received.


  • Keep your computer updated with the latest version of an anti-virus software.
  • Avoid downloading programs and applications from untrustworthy sites, as these may have a virus that will affect your computer.
  • Make sure that your internet browser has the latest updates released by its maker.
  • Avoid sharing your computer with unknown persons that could have access to your confidential documents.
  • Keep a personal firewall active on your computer.
  • Update your computer’s operating system with the latest releases from its maker.


  • Constantly review your accounts’ transactions to aid you in detecting fraud and detecting a suspicious transaction.



The objective of Phishing or identity fraud is to acquire confidential information in a fraudulent manner. It commonly begins with the receipt of a phony email that takes the person to a clone of a legitimate website, in this way allowing for the disclosure of personal and confidential information that is then used to commit fraud.

You can identify this type of email as follows:

  • The email urgently asks for confidential information about your bank accounts or online baking access information.

  • The email could be about a special deal or to inform you that you have won a prize and asks you to input personal information.

  • The body or subject line of the email may contain obvious and numerous spelling errors.

We recommend that you never provide confidential information through email. To gain access to BICSA’s e-Banking, type in into your browser’s address bar.

Pharming is a type of cyber-fraud that commonly occurs when the computer is infected with a harmful “trojan horse” program or virus that takes it to a false website, with the objective of stealing the victim’s confidential information. This type of fraud occurs when downloading images or programs linked to a fraudulent email, or when downloading files or images from internet pages belonging to unknown sources.

It is an online crime that usually occurs when a user’s computer is infected by a malicious program termed a “trojan horse or virus” that takes the user from a bank’s website to a fraudulent website to steal confidential information and allow for the commission of fraud.

We recommend that you do not download files or images from unknown sources on the internet and to keep your computer’s anti-virus software updated.


Social Engineering is a kind of fraud carried out through manipulation or deception, with the objective of obtaining personal information through the use of different methods, among them, the wrongdoer making a phone call pretending to be someone else, thereby obtaining confidential information. The deception can be carried out by email or in person.

We recommend that you never share your confidential information with strangers. Remember that BICS will never ask for your password or confidential information by phone or email



If you should have a question about or suspect being the victim of fraud, do not hesitate in contacting your relationship officer or the Customer Service Department at 800-800-24272 (507)208-9500 / email: /