Our eStore is offering its consumers secure bank card payment provided by CIB Bank. The security relies on the separation of data. With the use of the system the eStore  receives only the quantity of the ordered commodity and the delivery address from the consumer, while CIB Bank the card data on a 256-bit TLS secured payment page. The eStore will not be informed about the payment-side data content, they are accessible for CIB Bank only. The bank will inform the eStore if the transaction was successful or not. Your internet-browser must support TLS encryption to use bank card payment solution.

The counter-value of the purchased goods, the paid amount will be promptly blocked on your card account. Please read this information carefully.

---

You are welcome in this eStore operated with CIB Bank’s secure, Internet payment solution.

 

You will find below a short description about how you can shop in a safe and reassuring way.

When shopping, you should pay attention to the following matters:

• Read through the eStore’s information leaflet, the conditions of the purchase and delivery terms.
• Study the eStore’s security conditions since these will guarantee the security of your data.
• Note your data relating to your purchase.
• Keep a record of the transaction data connected to your payment. (transaction ID, Authorisation code)
• Make sure that unauthorised person does not have access to the secret data of your card
• Use a browser that recognises the option needed to TLS encryption

 

About security

TLS is an abbreviation for an accepted encryption method called Transport Layer Security. This Bank has a 256-bit encryption key to protect the communication channel. A firm named VeriSign makes possible for CIB Bank the use of the 256-bit key, with which we ensure the TLS-based encryption. For the time being this encryption method is used in 90% of global e-commerce. Before transmission, the browser used by the buyer encrypts the card holder’s data with the help of TLS which means they are passed to CIB Bank in a coded form, this way they are indecipherable for unauthorised persons.

Acceptable cards

CIB Bank’s Internet payment system allows the use of cards like Mastercard/Maestro and VISA and VISA Electron (the use of the last one is subject to the permission of the issuing bank), and cards for only internet use.

Payment steps

1. On the page of the eStore you select the goods/services, for which you intend to pay with your bank card.
2. Following that you’re redirected to the webpage of CIB Bank guaranteeing secure payment, where you have to enter your card data to begin the payment.
3. Following this, you’re redirected to CIB Bank’s page guaranteeing secure payment, where you have to enter your card data to start the payment process.
4. Following the payment, you’re directed back to the Store page, where you receive a confirmation about the result of the payment.

 

In the case of bankcard payments, following the successful transaction – this means the approval after the expiry date of the bank card and the coverage are controlled – CIB Bank debits the account of the Card Holder with the countervalue of the goods/services.

 

If you’re not directed back from the payment page to the Store’s website, the transaction qualifies as unsuccessful. If you click on the „Back” of „Refresh” buttons of the browser on the bank’s payment page, or close the browser window before you could be redirected to the store, the payment will qualify as unsuccessful.

If you wish to receive more information about the outcome of the transaction, or learn about the causes and details of unsuccessful transactions, please contact your account keeping bank.

Questions and answers about card payments made on the internet

What types of card can be used for making payment?

VISA and MasterCard embossed cards and certain VISA Electron cards. Whether you can use VISA Electron cards for online transactions depends on the bank that issued the card. The VISA Electron cards that are issued by CIB can be used for making purchases online.

Which bank cards are suitable for making online payments?

All embossed VISA cards and MasterCards/Maestro that have been enabled for online payment by the card-issuing bank, as well as webcards that are specifically designed for online use.

Is it possible to pay with shopping cards?

It is not possible to make payments online using points-based loyalty cards issued by merchants or service providers.

Is it possible to pay with co-branded cards?

It is possible to pay using any co-branded card, provided that it is a MasterCard or VISA card suitable for making payments online.

THE PAYMENT PROCESS

What happens at the bank in terms of support processes for online payment?

After selecting ‘card’ as the method of payment on the merchant’s/service provider’s website, the person making the purchase initiates the payment, as a result of which he or she is redirected to the bank’s payment page equipped with a secure communication channel. In order to make the payment, you will need to enter the card number, the expiry date of the card, and the 3-digit validation code that is on the signature strip on the reverse side of the card. It is you who starts the transaction; after that, the card undergoes a real-time authorisation process in which the genuineness of the card data, the funds coverage and the purchase limit are checked. If all the data is satisfactory, the transaction can be continued and your account-keeping (card-issuing) bank blocks the payable amount on your card. The amount will be charged to (debited from) your account within a few days, depending on the account-keeping bank.

How does buying on the internet using a card differ from conventional card purchases?

There are important differences between what are known as ‘card-present’ transactions and ‘card-not-present’ transactions. Card-present transactions take place using a POS terminal. After the card is swiped and the PIN code is keyed in, the terminal contacts the cardholder’s bank via the authorisation centre and, depending on the type and the issuer of the card, through the VISA or MasterCard network. This is where the validity of the card is verified and the coverage check is performed (i.e. where authorisation takes place). The response is sent back along this same path, and thus the POS terminal (or the merchant) receives the authorisation or the rejection. The buyer then signs the sales slip. Card-not-present transactions are where the bankcard is not physically present at the time of processing. These include transactions initiated by way of a posted letter, by phone or electronically (over the internet), where the buyer (cardholder) initiates the transaction by entering the requested card data on a (256-bit encrypted) payment page. Here, you receive an authorisation number related to the successful transaction, which is the same as the number you find on a paper-based sales slip.

What does reservation mean?

As soon as the bank is informed of the transaction, reservation (blocking) follows, since for the actual debiting to take place the official data must first arrive, which takes a few days and during this time the money earmarked for the purchase could otherwise be spent on something else. For this reason, the money that has been used for the purchase or withdrawn in cash is separated and ‘reserved’. The reserved amount remains part of the balance of the account, that is, it continues to earn interest, but it cannot be spent again. Reservation ensures that any transactions for which there are no longer sufficient funds are rejected, even though the account balance would otherwise allow the transaction to go through. If the debit instruction does not arrive within the space of a few days, the bank may release the reserved amount, which thus becomes spend able again.

UNSUCCESSFUL PAYMENTS AND WHAT TO DO ABOUT THEM

When might a transaction be unsuccessful?

Generally, these are payment orders that are not accepted by the card-issuing bank (i.e. the bank from where the customer obtained the card), though where bankcards are used, the reason could also be that due to a telecommunication or computer error, the request for authorisation has not reached the card-issuing bank.

Possible problems related to the card

• The card is not suitable for making online payments.
• The use of the card online has been prohibited by the account-keeping bank.
• The card has been blocked.
• The card data (card number, expiry date, code on the signature strip) has been incorrectly inputted.
• The card has expired.

Possible problems related to the account

• There are insufficient funds on the account for the transaction to be executed.
• The amount of the transaction exceeds the purchase limit set for the card.

Possible problems in the connection

• There may have been a break in the connection during the course of the transaction. Try again!
• The transaction was unsuccessful because you were timed out. Try again!

Possible ‘technical’ problems

• If you are not returned from the payment page to the merchant’s or service provider’s website, this means that the transaction has not gone through successfully.
• If you have been returned from the payment page, but you then go back to the payment page using the browser’s ‘back’, ‘reload’ or ‘refresh’ function, the system will automatically reject your transaction for security reasons.

What should you do if the payment procedure is unsuccessful?

For all transactions, a transaction identifier is generated, which we recommend you note down. If during the payment attempt the transaction is rejected from the bank’s side, please contact your account-keeping bank.

Why do I have to contact my account-keeping bank if the transaction is unsuccessful?

During the card-verification procedure the account-keeping (card-issuing) bank sends a note to the merchant’s bank collecting the amount (i.e. the ‘acquirer’ bank), asking if the transaction can be executed. The acquirer bank is not allowed to disclose any confidential information to the customer of another bank, only the bank that identifies the cardholder has the right to do so.

What does it mean if I get a text message from my bank about the reservation/blocking of the amount, but the merchant/service provider indicates that the payment was unsuccessful?

This can happen if the card was verified on the payment page but you did not return to the merchant’s/service provider’s website. If this is the case, the transaction is regarded as incomplete and is thus unsuccessful. In such cases your card is not debited with the amount and the reservation is released.

SECURITY

What do VeriSign and an ‘TLS communication channel with 256-bit encryption’ mean?

TLS (which stands for Transport Layer Security) is a widely accepted encryption procedure. Our bank has a 256-bit encryption key, which protects the communication channel. The company VeriSign enables CIB Bank to use the 256-bit key, which in turn allows us to provide TLS-based encryption. Currently this encryption method is used in 90% of all e-commerce trade worldwide. With the TLS functionality, the browser software used by the shopper encrypts the cardholder’s data prior to transmission, and thus the data is sent to CIB Bank in a coded form, which ensures that it cannot be deciphered by unauthorised persons.

After the payment my browser warned me that I was about to leave the security zone. Is the security of my payment still guaranteed?

Yes, absolutely. The payment process takes place on a 256-bit encrypted communication channel, so it is completely secure. After the transaction, you get back to the merchant’s website, and if the merchant’s website is not encrypted, your browser warns you that you have left the encrypted channel. This does not mean that the security of the payment is in any way jeopardized.

What is the meaning of the CVC2/CVV2 code?

In the case of MasterCard, the ‘Card Verification Code’, and in the case of Visa, the ‘Card Verification Value’, is a coded numerical value stored on the magnetic strip of the card, with which it can be established whether a card does in fact exist and is valid. When shopping online you need to give the CVC2 code, which is the last three digits of the row of numbers that you’ll find on the reverse side of your MasterCard.

What does Mastercard SecureCode mean?

Holders of MasterCard cards who are registered in the Mastercard SecureCode system choose a password at the card-issuing bank, with which they can identify themselves when shopping online and which helps ensure that their MasterCard cards are not used by unauthorized persons. CIB Bank accepts cards that have been issued within the Mastercard SecureCode system.

What does Verified by Visa mean?

Holders of Visa cards who are registered in the Verified by Visa system choose a password at the card-issuing bank, with which they can identify themselves when shopping online and which helps ensure that their Visa cards are not used by unauthorized persons. CIB Bank accepts cards that have been issued within the Verified by Visa system.

What is the UCAF code?

This is a unique code you may have been given by your card-issuing bank in the case of a MasterCard. If you did not receive such a code, leave the field blank.