Security Policies

The information for the accounts you have with the Principal Financial Group® is kept secure and confidential through multiple security features and procedures.

Our online security features help protect data

The information you request from our website for your accounts can only be accessed with your username, password and login image and phrase. It is your responsibility to keep your login information confidential.

  • Do not disclose your login information to anyone. Our employees and associates will never ask you for your password.
  • If you write your login information down, keep it locked in a safe place where others can't see it.
  • Contact us immediately to change your login information if you suspect someone has discovered it.

Information you submit through our website, as well as the information we send back to you while you are visiting our website, is protected while passing through the Internet using strong encryption ("scrambling" to make it incomprehensible) when necessary. Our secure server software encrypts information, ensuring that Internet communications through our website stay private and protected.

To enable our customers to process transactions at our website, we use cookies. Your account information is not permanently stored on our web server. The information only resides on our web server while you are viewing the information. It is permanently stored on our secured corporate computer systems.

Security software helps protect your data

To ensure the security of your confidential account information, we use proven security software to encrypt the information before it is transmitted through the Internet. We only allow confidential information to be submitted for transmission if your browser is compatible with TLS, our security software. If your browser is not compatible, you will receive a message indicating your transaction can not be completed because of the security risk.

Transport Layer Security (TLS) establishes a secure connection between two parties (for example, your browser and our web server). It is used to implement HTTPS, the secure version of HTTP, and is an open technology supported across various browsers (for example, Microsoft Internet Explorer). The Principalrequires that you use an TLS-enabled browser to communicate with the secure area of our site. You know you are visiting the secure area of our site when the URL begins with "https://...".

To provide you with a high level of security, the Principal Financial Group recommends you use the most current browsers that support the latest encryption technology.

In addition to protecting communications between your browser and our server, TLS is also used to protect communications between our web server and our mainframe system. We have also implemented a firewall to protect all of our systems that are not part of the Internet from intrusion.

If you have further questions or comments regarding security, please contact us.

Business procedures also help protect your data

Our corporate network systems, which store your account information, use proven security controls. We have data security staff whose sole responsibilities are to ensure the security of the information we process and store.

The Principal Financial Group has policies and procedures in place to limit access to your information to only those who have a business need to view it. In addition, we follow these security practices:

  • Call centers have procedures in place to help validate the identity of callers.
  • Social Security numbers are eliminated from all correspondence, unless legally required.
  • Regular training is conducted with our employees on how to detect fraudulent activities.
  • Follow strict standards that limit access to data.
  • Regularly test our security technology.

You can help protect your data too

In addition to the steps we take at The Principal to secure your account information, your actions are critical in protecting yourself.

Protect your account numbers, PINs, and passwords

  • Never share your PINs, usernames or passwords with anyone. Be cautious of emails or individuals who ask for this information. The Principal will never ask for your personal password via email or telephone.
  • If you do need to write down log in information, put them in a safe and secure place and do not carry them in your wallet.
  • Identify one secure records storage place in your home to keep all of your financial records.
  • Shield the keypad with your hand or body while entering your PIN at an ATM.
  • Always wait for all ATM and credit card receipts. Do not leave them at the ATM or store counter.
  • Change all passwords regularly using a mix of numbers and characters. Your password is more secure and harder for criminals to guess if you include a special character (like an asterisk or an exclamation point).
  • Review and balance your account statements on a regular basis. Watch for any transactions showing unfamiliar payees and amounts you do not recognize. If you have online access to your accounts, including your accounts with The Principal, review the activity in these accounts on a regular basis.

Check your credit report regularly

The Principal recommends that you check your credit rating regularly with each of the three major credit bureaus. Consider ordering a credit report from one of the three nationwide consumer-reporting companies every four months. By rotating from one agency to the next, you can have year-round monitoring.

If you have joint credit with your spouse, you can alternate between you and your spouse and between the three consumer-reporting companies and check your credit bureau report every other month.

An amendment to the federal Fair Credit Reporting Act (FCRA) requires each of the nationwide consumer-reporting companies to provide you with a free copy of your credit report, at your request, once every 12 months, from Additional information, including your credit score, will cost extra but the credit report itself is free.

A credit report contains information on where you live, how you pay your bills, and whether you've been sued, arrested, or filed for bankruptcy. Nationwide consumer reporting companies sell the information in your report to creditors, insurers, employers, and other businesses that use it to evaluate your credit.

Choose a secure password

  • Do not use the same password on other websites that you use for more sensitive, secure sites, such as your online banking. If other sites are not secure, your password could be compromised.
  • Choose passwords that are not a duplicate of other personal information (i.e. social security numbers, birth date, etc.)
  • Choose a password that is easy for you to remember, but that is difficult for others to guess. Do not use information about yourself that others can easily find out.
  • Use at least 8 characters and it is a good idea to vary the types of characters in your passwords, if possible. Using combinations of capital letters, numbers and symbols makes passwords much more difficult to figure out.

If you experience fraud or suspect a breach of an account

Call our fraud hotline at 800-642-3788 or report unethical or fraudulent activity online.