Choose province (Canada) or state (United States), and language

Online services – AccèsD, AccèsD Affaires, online brokerage, full service brokerage.

Log on to Desjardins online services.
 

You are here:

Your browser is configured to not accept cookies. Some features of the site are not available or will not work correctly without cookies. Also, some information presented might not apply to your situation.
See How to enable cookies

Your browser is not supported by our website. Some features of the site are not available or will not work correctly.
See the procedure to update your browser.

Microsoft Edge causes problems on AccèsD. To fix the issue, please install the most recent Windows update.

Report a potential vulnerability

Desjardins Group is highly committed to protecting your information and ensuring the availability of its services. Despite our best efforts to ensure our site is secure, some vulnerabilities may still be present.

The Desjardins security team understands the significant role that people with advanced security knowledge can play.

If you discover a potential vulnerability on our site or applications, report it to divulgation-responsable@desjardins.com.

A Desjardins technical team will examine your findings and make any required corrections within 30 days of confirmation of receipt.

Responsible Disclosure Program rules

During your investigations, make sure you follow these rules:

  • Do not damage our systems.
  • Do not use any technique that could affect the availability of our services.
  • Never disclose the personal information or card information of our members.
  • Do not use a social engineering technique to get access rights to our systems.
  • Do not use the brute force technique to get passwords.
  • Do not make any changes to our systems (e.g., install a backdoor).
  • Do not send an automated scan report.

Vulnerabilities you can report

Here are some examples of vulnerabilities you can report:

  • Cross-site scripting (XSS)
  • SQL injection
  • Failed encryption

Forbidden actions

You must not use the Responsible Disclosure Program to:

  • share your comments and suggestions on Desjardins products or services.
  • report a lost or stolen card.
  • mention that a Desjardins service is unavailable.
  • forward a phishing email. Send it to protection@desjardins.com.
  • perform actions that are unlawful or against regulations.

Applicable laws and regulations

Under certain circumstances, your investigations on our site and applications may be considered a crime under applicable laws and regulations and you could face legal action. Applicable laws and regulations take precedence over the terms and conditions of our Responsible Disclosure Program.

How to report a potential vulnerability

  • Confidentially share your vulnerability findings with Desjardins by writing to divulgation-responsable@desjardins.com.
  • Provide the potential vulnerability details to allow our security team to investigate.

To protect your communications with us, you can use our public PGP key - Cet hyperlien s'ouvrira dans une nouvelle fenêtre..

The Desjardins security team's commitment

We ask that you not share or divulge an unresolved vulnerability to third parties. If you report a vulnerability, the Desjardins security team will reply to you as soon as possible by sending an acknowledgment of receipt of your email.

Toolbar