{"type":"document","data":{"id":"9aee6c1d-89d4-44c5-81d0-4d0f6d12a84a","localeString":"en-GB","publishDate":"2026-04-15T09:18:38.482+02:00","contentType":"onecms:productPage","hasMacro":false,"flexPageMetadata":{"afmBanner":false,"robotInstruction":{"noIndex":false,"noFollow":false},"description":"Help ons de veiligheid en betrouwbaarheid van onze systemen te verbeteren. Meld kwetsbaarheden."},"mainHeaderZone":{"componentType":"productHeader","coreHeader":{"body":"Are you a security expert and have you found a vulnerability in our systems? Let us know. By reporting it, you are helping us improve the safety and reliability of our services together.","headerImage":{"transformBaseUrl":"https://assets.ing.com/transform/04e09918-9f79-4fb4-87dd-6f9ed98a6eb7/Tile_720x384_25Kb_step_tcm162-224456","type":"image","width":720,"original":"https://assets.ing.com/m/21cde5b169c6433/original/Tile_720x384_25Kb_step_tcm162-224456.jpg","extension":"jpg"},"title":"Reporting vulnerabilities","subtitle":"Responsible disclosure"},"backLink":{"textLink":{"url":"/en/bank/safe-banking/what-we-do","text":"ING security policy"}}},"flexZone":{"flexComponents":[{"componentType":"paragraph","title":"ING and security","richBody":{"value":"

At ING, keeping online banking safe and our digital services running smoothly is a top priority. Day and night, our specialists work hard to improve our systems and processes. Even with all the effort we put into security, vulnerabilities can still exist. That is why we take every report seriously.

Do you have the right skills to discover vulnerabilities in our systems? You can help by reporting them to us. This way, you are helping by make our systems safer and more reliable. If you’re the first to report a vulnerability and haven’t gone public with the problem, you’re eligible for a reward.

Our team of security experts will look into your report. You will get an initial response by email within two working days. Sometimes it might take a bit longer, like during busy periods, holidays or if we are short-staffed.

"}},{"componentType":"paragraph","title":"What this program is not intended for?","richBody":{"value":""}},{"componentType":"paragraph","title":"International laws and regulations","richBody":{"value":"

Laws around reporting vulnerabilities can vary from country to country. Please make sure you are aware of the local rules that apply to your situation. In some places, investigating our IT systems might be considered a criminal offence. You could risk prosecution under local or international law. If you have found a vulnerability on one of our ING pages, keep in mind that local laws always take priority over INGs guidelines. That said, if you act in good faith and follow INGs rules, we will not report your actions to the authorities unless we are legally required to.

"}},{"componentType":"paragraph","title":"Your privacy","richBody":{"value":"

We only use your personal data to follow up on your report. We won’t share it with anyone else unless we are legally required to do so, or if we ask another company to help investigate your report. In that case, we will make sure they treat your data with the same level of care and confidentiality as we do.

"}},{"componentType":"paragraph","title":"How can you make a report?","richBody":{"value":"

You can report the vulnerability by email:responsible-disclosure@ing.nl. To send an email to this address, you willl need to encrypt your message using our public PGP key (zip) Write your report clearly and concisely. Make sure to include:

Our specialists will read your report and work on the vulnerability immediately.

"}},{"componentType":"paragraph","title":"What can you report?","richBody":{"value":"

Examples of vulnerabilities that can be reported:

"}},{"componentType":"paragraph","title":"What cannot be reported","richBody":{"value":""}},{"componentType":"paragraph","title":"The rules of the game","richBody":{"value":"

While investigating, you might do things that could technically be illegal. But if you act in good faith, carefully, and follow the rules in our responsible disclosure policy, the bank has no grounds to report you. Therefore, follow the rules as set out in this responsible disclosure policy and do not act disproportionately:

"}},{"componentType":"paragraph","title":"Reward","richBody":{"value":"

We encourage everyone to report any vulnerabilities to us. If the vulnerabilities you reported have been fixed or have caused a change in our services, you’re eligible for a reward. The amount of the reward depends on the severity of the problems, the type of website (static informational websites versus online banking sites), and the quality of the report received. If the report is of significant value to the bank’s continuity and reliability, the reward will be significantly higher.

Good to know:

"}},{"componentType":"paragraph","title":"Information in English","richBody":{"value":"
Please follow this link to read the information on responsible disclosure in English.
"}},{"componentType":"linkList","iconTitle":{"icon":{"transformBaseUrl":"https://assets.ing.com/transform/f52818ae-9791-4ef7-9799-d3f991c2e3b4/Functionalities-Lock_Confirmation_Outline","type":"image","width":32,"altTextNL":"\"\"","original":"https://assets.ing.com/m/5b979bd44d912a17/original/Functionalities-Lock_Confirmation_Outline.svg","extension":"svg"},"title":"Safe banking"},"textLinks":[{"url":"/en/bank/safe-banking/report-fraud","text":"Report fraud to the Hotline"},{"url":"/de-ing/veilig-bankieren/soorten-oplichting-fraude","text":"More types of scams and fraud"},{"url":"https://zowerktfraude.nl/","text":"Recognising & preventing fraud"},{"url":"/en/bank/safe-banking/5-bs/update-your-browser-and-operating-system","text":"Which browser, even with screen reader"}]},{"componentType":"linkList","iconTitle":{"title":"Learn more"},"textLinks":[{"url":"/en/bank/safe-banking/report-fraud","text":"Report fraud immediately"},{"url":"/de-ing/veilig-bankieren/wat-wij-doen/houd-je-aan-de-veiligheidsregels","text":"ING's security policy"},{"url":"/de-ing/toegankelijkheid","text":"Need banking help?"}]}]}}}