Staying secure online, and off

Introducing Take Five

Take Five is a national campaign that offers straightforward and impartial advice to help you protect yourself from preventable financial fraud. This includes email deception and phone-based scams as well as online fraud – particularly where criminals impersonate trusted organisations.

You may already know the dos and don'ts of financial fraud – that you shouldn't be asked out of the blue for your PIN or full password, or ever made to feel pressured into moving money to another account. The trouble is, in the heat of the moment, it's easy to forget this.

After all, trusting people on their word is something everyone tends to do instinctively. If someone says they're from your bank or a trusted organisation, why wouldn’t you believe them?

Stop and think

1. Requests to move money: A genuine bank or organisation will never contact you out of the blue to ask for your PIN, full password or to move money to another account. Only give out your personal or financial details to use a service that you have given your consent to, that you trust and that you are expecting to be contacted by.

2. Clicking on links/files: Don't be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected email or text.

3. Personal information: Always question uninvited approaches in case it's a scam. Instead, contact the company directly using a known email or phone number.

Two-Way SMS Protection

If we notice an unusual transaction we'll text you, and you can reply with a "yes" or "no" to let us know if it's a genuine purchase or not.

This avoids your card being blocked unnecessarily, and also helps us stop fraud as quickly as possible.

If you receive an SMS from us, please don't ignore it. If you'd prefer to call us back rather than replying by text, then please call the number on the back of your card as soon as possible. If your mobile number changes, let us know as soon as possible by calling us on 0345 300 3833.


Mastercard® Identity Check™

This protects you and any additional cardholders when you make online purchases with your Partnership Card.

When making online purchases with your Partnership Card, some transactions may require an additional security check. On these occasions, we’ll ask you to open your Partnership Card app and confirm your identity using your Face ID, fingerprint or Log in PIN. You’ll then be able to see details of the transaction and confirm or reject it. This can only be completed if you downloaded the app before 5 August 2022.

If you don’t use the app, we’ll continue to send a code by text message to your registered mobile number to verify it’s you making the transaction. This code can only be used by you and for that particular transaction. NEVER share this code with anyone. Only fraudsters will ask you to share this code by pretending to be someone you trust, such as bank staff or the police. Make sure your contact details are up to date for you and any additional cardholders.

Please call us on 0345 300 3833 to update your details.


Zero Liability Protection

We won't hold you responsible for unauthorised transactions made in store, over the phone or online (including contactless transactions). However, you need to make sure that you let us know immediately if your card is lost, stolen or you suspect someone is using your card number, PIN or passwords fraudulently.


I don't use the app and I can’t receive an SMS/text message. What should I do?

If you’re not able to use the app/didn't download it prior to 5 August 2022 or get a code via SMS/text message, we’ve introduced a handheld card reader device. This can be used to generate codes to confirm purchases. 

For more information please check out our card reader page.

Here are a few simple things you can do to help us ensure your account remains secure.


Keep your contact details up to date

If we see a suspicious transaction, we may need to contact you by SMS/text message or by telephone. Please ensure that you keep us updated with your latest contact details by calling us.

If you call, you’ll be asked to confirm your memorable word, plus some security questions to confirm your identity. This process helps to protect you and your information. Please keep your information secure and ensure it’s not disclosed to anyone else.

If you move house (even if it's only temporary), tell your bank, credit card and utility providers. Use the Royal Mail Redirection service and consider registering with the mail preference service to prevent mail going to your old address. Also tell your providers if you change your work, home or mobile telephone numbers.


Tell us immediately if you think your account has been compromised

Let us know as soon as possible if your card (or any additional card on your account) is lost, stolen or you suspect someone is using your card number, PIN or passwords fraudulently. You can call on 0800 015 0914 day or night, or if you’re calling from abroad on +44 121 214 5732.

How to protect your account

1. Check your monthly statement

Make sure you check your statement for transactions you don’t recognise and let us know immediately if you suspect fraud. If you register for an online account, you’ll have access to your recent transactions and can check them more frequently.


2. Keep your card secure

Keep your card safe at all times. Don’t let it out of your sight when using it in shops or restaurants. Fraudsters can make a copy in minutes.

Don’t disclose your PIN to anyone. We’ll never ask you to disclose your PIN.

When you get a replacement card, destroy your old card – especially the chip and magnetic stripe – and dispose of the remains in separate dustbins.

You should also shred any receipts and paperwork you don’t need to keep rather than just throwing them away.


3. Stay safe online

Ensure your anti-virus software is up to date. This helps stop counterfeit emails reaching your inbox and protects against fraudsters taking over your computer.

Don’t reply to emails that ask you to provide personal information or verify your account.  We’ll never request sensitive information from you in any unsecured communications such as email.

Watch out for counterfeit websites or emails that look similar to ones you’d normally trust. Information you give on a phishing site could be used by criminals to access your account or fraudulently use your identity.


4. How to protect yourself from scams

Financial Fraud Action UK Ltd (FFA UK) is responsible for leading the collective fight against fraud in the UK payments industry. As part of their ‘Take 5’ campaign they advise you to stop and think:

Never disclose security details, such as your PIN or full banking password

Don’t assume an email, text or phone call is authentic

Don’t be rushed – a genuine organisation won’t mind waiting

Listen to your instincts – you know if something doesn’t feel right

Stay in control – don’t panic and make a decision you’ll regret


Here are some common scams:

Phone scams

Fraud over the phone – or ‘vishing’ – is when a fraudster calls claiming they’re from your bank or some other trusted organisation. It’s easy for them to convince you too, since they can both fake the telephone number on the screen, and with a bit of research find out some of your basic bank and personal details.

Remember though, a genuine bank will never ask you for personal or financial details like your PIN number or full banking password (or ask you to tap it into your phone keypad).

5 things to look out for on a scam phone call:

  • The caller doesn’t give you time to think, tries to stop you speaking to a family member or friend or is insistent and makes you feel uncomfortable.
  • The caller asks you to transfer money to a new account for fraud reasons.
  • They phone to ask for your 4-digit card PIN or your online banking password. Even if they ask you to give it to them by tapping into the telephone keypad rather than saying the numbers out loud, this is a scam.
  • They ask you to withdraw money to hand over to them for safekeeping.
  • They may say that you are a victim of fraud and offer to send a courier to your home to collect your cash, PIN, payment card or chequebook.


Text message scams

A text might not be from who you think – ‘Smishing’ is when criminals pretend a message is from your bank or another organisation you trust. They’ll usually tell you there has been fraud on your account and will ask you to deal with it by calling a number or visiting a fake website to update your personal details. Please take a moment to stop and think, and you’ll quickly realise this is the fraud.


3 signs a text message might not be genuine:

It asks you to provide sensitive personal or financial information, passwords, or to make transactions by following a link in the message.

It asks you to call a certain phone number, but that number is unknown to you. In this case, call your bank directly on a number that you trust – such as the number on the back of your card – to check that message is authentic.

The sender uses an urgent tone, pressurising you to ‘act now’.


Email scams

Criminals don’t just try and contact you by phone and text, they also ‘phish’ – contacting you by email, too. So always be suspicious of unsolicited emails that are supposedly from your bank or some other trusted organisation because the address can easily be faked. Never automatically click on any links emails may contain either, at least not before stopping to check if they seem genuine first.

Seven ways to spot an email you’ve been sent is a scam:

The sender’s address doesn’t match the website address of the organisation it says it’s from. Roll your mouse-pointer over the sender’s name to reveal its true address.

The email doesn’t use your proper name – using something like “Dear customer” instead.

There’s a sense of urgency, asking you to act immediately.

There’s a prominent website link that seems like the proper address, but with one character different.

There’s a request for personal information.

There are spelling and grammatical errors.

The entire text of the email is within an image rather than the usual text format, and the image contains an embedded hyperlink to a bogus site. Again, roll your mouse-pointer over the link to reveal its true destination.


Online scams

Online fraud covers everything from online shopping to online banking, but one thing can help prevent both: take the time to install the built-in security measures most browsers and many banks offer.

Using these tools can help protect you whether the criminals are trying to dupe you with fake pop-ups in your online banking window, sending you ‘scam alert’ messages hiding malware, or faking retailer websites to make you input your financial details.

For more information, visit:

Take Five

Financial Fraud Action UK


Action Fraud


Get Safe Online

Citizens Advice

Cyber Streetwise

Age UK

Since 14 January 2020, Microsoft has stopped releasing security updates for Windows 7. Computers using this operating system may become more vulnerable to security risks.

We recommend that you do not log in to your Partnership Card online account on computers that are using Windows 7. If you’re not sure which Windows operating system you’re using, you can read Microsoft’s useful guide.

What should you do?

Option 1: Use another device to log in to your account safely

You can access your online account using a computer with one of the following operating systems:

  • Windows 8.1 or 10
  • Apple Mac OSX 10 or later

Phone or tablet
You can access your online account using a mobile phone or tablet with one of the following operating systems:

  • Android 7 or later 
  • Apple iOS 10 or later

Option 2: Use our Partnership Card app to log in to your account safely

How to download our app

Please note our app is designed to work with mobile phones using Android 7 or later, or Apple iOS 10 or later. It may not be compatible with your tablet and some functions may not be available. If you have any problems, please sign in to your account via our website.

Option 3: Update your PC to Windows 10

Find out more


Copyright © John Lewis Partnership
Back to top