Using the BOQ Security Token
Protecting the integrity of our customers’ financial information is our top priority, as such we have introduced a superior level of online security by way of the BOQ Security Token.
The BOQ Security Token provides what is known as two-factor authentication. Both a physical identifier (e.g. the token) and a remembered identifier (e.g. a Personal Access Code [PAC]) will be needed to authenticate some online transactions. This means, even if another person obtains your Customer Access Number (CAN), UserID (if applicable) and PAC, they will need the BOQ Security Token to be able to make a payment.
Not all transactions need a token
The tokens will not be required to log on to Internet Banking, they will be used to authenticate some transactions where funds are transferred out of the bank. This will allow you to check account balances and move funds between your own accounts as easily as possible.
Not all value transactions* will require the use of the BOQ Security Token. The BOQ Security Token is only required if you have selected a Daily Limits package with a Pay Anyone limit of $10,000 or more. Note: all Payments File Upload Facility (PFUF) users must use the BOQ Security Token irrespective of their daily limits.
The available limit packages are outlined in the table below:
| Pay anyone daily limit |
Authentication method |
BPAY daily limit |
| $0 |
- |
$0 |
| $2,500 |
- |
$10,000 |
| $5,000 |
- |
$20,000 |
| $10,000 |
Token - Application # 1 |
$50,000 |
| $15,000 |
Token - Application # 1 |
$100,000 |
| $25,000 |
Token - Application # 2 |
$200,000 |
| Available balance |
Token - Application # 2 |
Available balance |
*Value transactions - any transaction where an amount greater than zero is transferred from a nominated account.
Note: Where you decrease your daily limit to a limit which does not require the use of a token it will be necessary to authenticate the request by entering a One Time Password generated by 'Application #1' from your token.
Using the BOQ Security Token
When completing transactions, Internet Banking may prompt you to initiate one of two types of security application using the BOQ Security Token:
Token Application #2 (Transaction Signing) – customers will be required to enter information about their transaction into the token. This will be used by the token to generate an authentication code uniquely tied to that transaction, which customers will then enter into Internet Banking when prompted.
The animated demonstration below shows how you will use the BOQ Security Token. If the animation is running, wait until the end and click on Restart:
.gif "get_flash_player")
This demo requires flash player, you can download flash player for free from adobe.com.
How the BOQ Security Token works
The BOQ Security Token is not a wireless device. It does not emit any radio waves, frequencies or infrared.
The BOQ Security Token works by generating a passcode that continually changes. Based on information registered with the Bank's central Token Management System when your BOQ Security Token is assigned to you, it is possible to match these passcodes with your Internet Banking profile when you transact online.
The BOQ Security Token can be used with any computer and no special software is required.
Products issued by Bank of Queensland Limited ABN 32 009 656 740 AFSL 244616. This website contains general advice. This advice has been prepared without taking account of your objectives, financial situation or needs. You should consider the appropriateness of any advice before acting on it. You should obtain and consider the relevant Product Disclosure Statement, terms and conditions, Financial Services Guide and Guide to Fees and Charges for the product before making any decision about whether to acquire or continue to hold it. You can obtain a copy of those documents from any Bank of Queensland branch.