Updated to reflect the points published in the Arab Bank Security Statement, adapted to Al Nisr’s insurance business and aligned with the Privacy Notice published on Al Nisr website.

Protecting Your Information

At Al Nisr Al Arabi Insurance Company, protecting your personal and financial information is a top priority. We are committed to maintaining secure and effective methods when collecting, using, sharing, storing, and protecting your information across our insurance operations, digital channels, and customer service interactions.
We deploy and maintain security controls and procedures that are continuously monitored and reviewed to ensure that they remain relevant and effective. Our approach focuses on prevention, detection, response, and correction across different channels used to deliver insurance products and services.
We work continuously to support ongoing compliance with applicable regulatory requirements and with relevant best practices and standards, as appropriate to our insurance business model.

How to Protect Yourself

In addition to using strong authentication methods, please do not disclose information that could be used to compromise your account, identity, policy details, or payment arrangements. Regardless of the type of information requested, you are advised to:

• Assess whether the request is reasonable and whether the requested information is necessary for the specific insurance service or transaction.

• Verify the identity of the requester before sharing any personal, financial, health-related, or policy information.

• If you are unsure about any request, please contact the Company through official channels before taking any action.

If you receive a suspicious email, SMS, call, or message that appears to be from the Company, please do the following:

• Do not respond to the message and do not click on any links or attachments.

• Report the matter immediately through the Company’s official contact channels.

• Please note that Al Nisr Al Arabi Insurance Company will never ask you to disclose your password, PIN, OTP, or any other secure authentication credentials. 

Passwords and Authentication

Protect your accounts and identity by securing your credentials such as usernames, passwords, and authentication methods. If your credentials are compromised, an unauthorized person may gain access to your online insurance services, policy information, client space, payment details, or requests submitted through digital channels.
Where available, customers should use strong authentication methods and take all reasonable steps to protect their login credentials.

Security Best Practices

• Keep your computer, mobile device, and applications updated.

• Download mobile applications only from reputable and official sources.

• Install and maintain up-to-date anti-virus and anti-malware software.

• Lock your computer or phone when it is not in use.

• Avoid installing applications from unknown or untrusted sources.

• Avoid using public Wi‑Fi when accessing online services such as client portals, premium payment services, or online policy information.

• Use unique passwords and PINs for different services.

• Change your password periodically and whenever you suspect compromise.

• Review privacy and security notices before submitting personal information online.

• Sign out of online services, clear your cache where appropriate, and close your browser after completing your session.

Practices to Avoid

• Do not share your authentication credentials, payment card information, or PIN with anyone.

• Do not write passwords down in insecure locations.

• Do not use default passwords, names, or dictionary words as passwords.

• Do not reveal your password, PIN, or one-time password to anyone. The Company will never ask you for this information.

• Do not grant permissions to applications unless the reason for the permission is clear and legitimate.

• Do not leave your devices unattended.

• Do not open emails or attachments or click on links from unknown or suspicious senders.

• Do not respond to unsolicited messages requesting personal, financial, health, or policy-related information.
   

Create and Use Strong Passwords

Passwords should be strong so they are not easily guessed or cracked. As a good practice, passwords should be at least eight characters long and include a combination of uppercase and lowercase letters, numbers, and special characters. Consider using a memorable passphrase to strengthen your password.

Common Threats

Social Engineering
Social engineering refers to the practice of manipulating individuals to circumvent security controls and commit fraud. This may occur through telephone calls, emails, messages, or other channels, and often aims to obtain information that individuals would not normally disclose.

Phishing
Phishing is a type of social engineering attack used to steal personal data, login credentials, payment information, or other confidential data by pretending to be a trusted entity. Phishing attempts may arrive through emails, text messages, phone calls, or social media.

Email and SMS Spoofing
Spoofing occurs when an email or SMS message appears to have originated from a trusted source when it was actually sent by someone else. For example, a fraudster may pretend to be a customer, supplier, intermediary, healthcare provider, or service provider and request a change to bank account details, beneficiary details, or payment instructions.

Identity Theft
Identity theft is a type of fraud in which someone uses personal information such as national identification details, social security details, policy information, bank account details, or other identifiers without authorization. Criminals may impersonate Company representatives or other trusted parties to obtain such information.

Tips to Safeguard Your Information

• Only provide personal, health, financial, or policy-related information when the interaction involves a transaction or request that you initiated and only through trusted channels.

• Always use secure websites or authentic mobile applications when submitting personal or payment information online.

• Keep your contact details updated to ensure you receive notifications and service communications.

• Regularly monitor your policy transactions, premium payments, and online account activity to identify any unusual activity promptly.

• Avoid accessing your online insurance services in open public areas such as internet cafés.

• Secure your mobile phone and notify the Company immediately if it is lost or if you suspect unauthorized access.

• Shred or securely dispose of documents containing personal information, policy details, financial information, or medical information when they are no longer needed.

   

Management of Information Obtained Electronically

Personal information received through electronic channels, including the Company’s website, client space, online forms, premium payment channels, electronic applications, or emails, is safeguarded to help ensure your privacy and protection. Information collected may be used to provide insurance services, process requests and claims, improve our products and services, measure website usage, and identify opportunities to better serve our customers, all in line with the Company’s Privacy Notice and applicable legal and regulatory requirements.

Website Usage Tracking – Cookies

Upon accessing the Company’s website, certain information may be stored temporarily on the device you are using through cookies and similar technologies. Cookies may be used to help the website function, improve user experience, support analytics, and understand how visitors interact with the website. Cookies do not by themselves identify you personally in every case, and you may manage cookie settings through your browser options. For further details, please refer to the Cookie Notice published on the Company’s website.

Applicability of This Statement

This Security Statement applies to Al Nisr Al Arabi Insurance Company, its official website, digital customer channels, and insurance-related services provided through the Company’s authorized operations and functions.

Privacy

For more information on how we protect the privacy of your personal information, or if you would like to learn more about our privacy practices, please refer to the Privacy Notice published on the Company’s website or contact us at privacy.office@al-nisr.com.

Contact

For more information regarding this Security Statement or the Company’s security and privacy practices, please contact:

• Compliance and Legislations Enforcement Department / Privacy Office: privacy.office@al-nisr.com

• Official Company contact channels as published on Al Nisr Al Arabi Insurance Company website.