Security & Risk
Online Security

While in our care, we protect your data in a number of ways:

We require 2-Factor Authorization (2FA) via a 2FA app (Authy or Google Authenticator).

We require password formats that are difficult to hack.

We hash password data using SHA-256 so it’s impossible to decrypt.

We maintain multi-level security protocols on our servers.

We use SSL connections only (the little padlock or HTTPS before our URL).

Nevertheless, these measures alone can’t protect your account against all risks. You are the first line of defence against cybercrime. So what can you do?

First, get to know the most common threats and then learn how to repel them.

How they get you: a summary of the most common threats
Cybercriminals develop new tricks all the time. To outsmart them, you need to understand the risks and how they evolve. To the right is a summary of the most common threats – it’s not exhaustive, but might prevent you from falling victim to them in the future.
Data breaches

Websites store your data on servers. If cybercriminals hack into these servers, they can steal passwords, email addresses, phone numbers, and so on. Some of the biggest names in tech have suffered large data breaches, including Facebook, Twitter, and Capital One.


This is where an attacker poses as a legitimate person or business to trick you into sending sensitive information. They often use similar logos and URLs to deceive you, or play upon your security fears to encourage you to click rogue links or reveal personal data.


This is nasty software that gets under the skin of your device and steals from you – often without you realizing. Some malware will track the sites you visit, such as banks, and record your keystrokes. It’s then easy to figure out your log-in details to steal from you.

Hijacked browser

Even your browser can be hacked. Cybercriminals can then take advantage of browser-saved passwords and email addresses, or redirect you to fake websites.

Hijacked internet connection

When you use an unsecured internet connection, such as a public wifi spot, hackers can steal data sent between your device and the website. This is also common on unsecured websites (without the padlock or “https” before the URL).


This is a specific type of malware that hijacks your computer or hard drive and asks you pay a ransom – usually in cryptocurrency – to release your data. Until you pay the ransom, your computer or devive will have no or limited access or functionality.

This is just a short list. To protect your account, you must use all the measures at your disposal, so let’s take a look at them now...

How to keep your data safe?
Online security is not guaranteed. Cybercrime is increasingly sophisticated and even law enforcement struggles to keep up. That said, if you rigorously follow the steps below, you will dramatically reduce your chances of falling victim to an attack.
Enable 2-Factor Authorization (2FA) on all sensitive apps.

MyConstant is a sensitive app. Any app that handles your money is sensitive. Enable 2FA wherever it’s available – and think twice about using a website where it isn’t. If you lose your device, contact us immediately so we can help reset your 2FA app.

Pick a strong password and change it whenever there’s a data breach.

A strong password is essential. This Avast blog lists some good ideas. Avoid short, common formats and use a minimum of 15 characters. The longer, the better, the more random, the better, the larger the selection of character types, too, the better. Importantly, don’t share it with anyone – if you do, change it. Always change your password when compromised in data breaches, too. Sign up for security alerts such as those Google and Firefox offer.

Use a VPN when necessary.

If you suspect someone is monitoring your internet connection, use a Virtual Private Network (VPN) to browse. This creates a secondary but secure transmission pathway from your browser to the website you want to visit.

A VPN works by masking your IP address and diverting data through its servers. This means only you and the website you visit can see transmitted data. You do need to pay for a VPN, though, and they can slow down your connection, so only use them when you need to be extra safe.

Don’t share your password with anyone else.

Sounds obvious, but only you should know your password. You multiply your risk every time you share it with someone else. How can you be certain they’ll protect it? So don’t share it with anyone – not even friends and family. If you do, change it immediately afterwards.

Install and schedule regular antivirus and antimalware checks.

A good antivirus and antimalware program will help keep your computer free of viruses and other software that can track, harm, or exploit your data. But only if you use it, of course. They should always be left on, with full-system checks scheduled at regular intervals. Here are a few security packages to choose from.

Beware of suspicious emails, texts, notifications, and phone calls.

Cybercriminals often impersonate a legitimate person, company, or institution to trick you into revealing personal data in a practice called phishing. This might be a fake email from your bank – with logos – or a customer service representative calling to ask you to “update your details”.

Be vigilant and only trust official communication channels and senders.Our current official email addresses are:


If you’re unsure what or whom to trust, please email us at and we’ll send you our list of official communication channels. Whatever you do, don’t click links or reveal data to anyone even vaguely suspicious. If the sole aim is to get sensitive information from you, be on your guard.

Beware of public wifi – or any unsecured wifi hotspot.

Public wifi hotspots at airports, coffee shops, malls, and so on rarely offer secure connections. They’re easy pickings for any hacker who wants to steal your data. All they need do is intercept the connection and then wait for you to transmit data. If you must use public wifi, don’t access password-protected sites or share any sensitive information. Even better, use a VPN (Virtual Private Network) that secures your connection.

Consider a password manager.

If the thought of managing your password manually puts you off, consider a password manager. It generates strong passwords for you and enters them with a single click. A popular choice is 1-password. It’s about $3 per month and is considered one of the best password managers on the market.

Check the websites you visit are authentic and secure.

When visiting a website, look at the URL bar at the top. Fake sites use a similar URL to the real one, but the Top-Level Domain (the bit after the website name) often differs. For example, it might be “” or “” instead of our legitimate URL “”.

Also, you should see a padlock or the letters “https” before the URL. Like this:

This means the connection between your browser and our website is encrypted. If you see neither, the data you send is visible to anyone listening in on your connection. You can still use websites without the secured symbols, but don’t give them any sensitive data.

Stay on top of the latest threats.

Lastly, sign up to a free cybersecurity newsletter so you’re aware of the latest threats. There are many to choose from such as this from the Mississippi Department of Information Technology Services. Prevention is always better than cure and the more you know, the better protected you’ll be.

I hope these measures help you stay safe online. Remember this isn’t an exhaustive list, but a solid starting point. Please take the time to understand the importance of online security. A “this won’t happen to me” attitude is risky, and as I said at the start, online security is a shared responsibility. We’re doing our part – please also do yours.

Download MyConstant app

Asked Questions

Here you'll find answers to the most common questions our customers ask. If you can't find your answer here, please email us at and we'll be happy to help you.