Skip to main content

It's nothing to do with pumping iron - it's part of new banking regulations to keep fraudsters away from your finances. You might hear it called Strong Customer Authentication or SCA.

This extra level of security will require you to authenticate using our app, or alternatively we'll text you a one-time passcode, to make sure it's really you when you bank and shop online.

Banking online

On top of your usual sign in process, you may need to authenticate using our app before you can view your account online. You'll also need to do this when you make certain changes to your account and for some withdrawals.

If you're not using the app, we'll text you a one-time passcode instead, or you can use a number generated by your security token (if you have one).

Shopping online

When you make a purchase online, depending on the amount, you may need to authenticate payments through our app, or we may need to text you a one-time passcode.

Some transactions won't need to be verified - including recurring transactions and low-value payments.

For extra security, when using your contactless card you'll sometimes be asked to enter your PIN as well.

What do I need to do?

If you're already using the Virgin Money Mobile Banking app

You can now update your mobile phone number in the app. Go to the “More” menu, then select “Change your contact details”.

If you use Online Service to manage your Savings account or Mortgage

You can update your current mobile phone number in Online Service Link opens in a new window

Virgin Money Credit Card customers

If you need to change the number we hold for you or are having any problems updating us, get in touch with customer services and we’ll give you a hand.

Frequently asked questions

A one-time passcode is a unique 6-digit number weʼll text to your mobile. It can only be used once, and for security reasons will only work for a short amount of time. If you have any problems getting hold of your passcode, make sure you get in touch. We might need to check we have the right number for you.

Weʼll never call, email or ask you for your one-time passcode, so please donʼt share it with anyone. One-time passcodes are used to register for our Online Service, sign in to your online account, change details on your online account, verify some withdrawals you make and to confirm itʼs you when you make a card transaction online.

Not all payments or transactions will be affected. Card purchases you make over the phone (like buying from a catalogue by calling the company and giving your details over the phone) wonʼt be any different.

If you have an online account and send your withdrawals to a nominated bank account – such as your current account – youʼll only be asked to confirm the nominated bank account once. After that you can make withdrawals without needing to authenticate.

Automatic payments that you make regularly to the same provider (e.g. a subscription to an online streaming service) wonʼt need Strong Customer Authentication (SCA). You might be asked for additional identity checks when initially setting up these payments, though.

Low value card payments (under £30), including those made by contactless, donʼt always require SCA. However, if youʼve made more than one payment within a short period of time, we might need to check itʼs you making the transaction. For contactless transactions, this will mean entering your PIN number into the payment terminal.

Although the biggest changes you’ll see are online, Strong Customer Authentication (SCA) will also apply in face to face transactions. As Chip & PIN is a familiar way of proving your identity, most purchases won’t need you to do anything new. However, if you make contactless payments, SCA may mean you have to input your PIN slightly more often.

These rules don’t apply to travel purchases, so any contactless payments for the bus, train or tube won’t change.

Strong Customer Authentication is being introduced to help reduce fraud. Extra protections will help make customers safer, and mean their money is better protected. This is happening across all banks in the UK so you may receive various communications about it.

To access internet backing we need to send an authentication code. The best way to do this is to your mobile number, however this can be sent to your landline.

No – we won’t use your number to talk to you about products unless you’ve already given us your consent to do that.

The first thing to do is check you’ve entered the right code. If the code still doesn’t work, you can simply request another one. If you’re still having problems, get in touch with customer services who will be able to sort things out for you.