Our eStore is offering its consumers secure bank card payment provided by CIB Bank. The security relies on the separation of data. With the use of the system the eStore receives only the quantity of the ordered commodity and the delivery address from the consumer, while CIB Bank the card data on a 256-bit TLS secured payment page. The eStore will not be informed about the payment-side data content, they are accessible for CIB Bank only. The bank will inform the eStore if the transaction was successful or not. Your internet-browser must support TLS encryption to use bank card payment solution.
The counter-value of the purchased goods, the paid amount will be promptly blocked on your card account. Please read this information carefully.
You will find below a short description about how you can shop in a safe and reassuring way.
When shopping, you should pay attention to the following matters:
TLS is an abbreviation for an accepted encryption method called Transport Layer Security. This Bank has a 256-bit encryption key to protect the communication channel. A firm named VeriSign makes possible for CIB Bank the use of the 256-bit key, with which we ensure the TLS-based encryption. For the time being this encryption method is used in 90% of global e-commerce. Before transmission, the browser used by the buyer encrypts the card holder’s data with the help of TLS which means they are passed to CIB Bank in a coded form, this way they are indecipherable for unauthorised persons.
CIB Bank’s Internet payment system allows the use of cards like Mastercard/Maestro and VISA and VISA Electron (the use of the last one is subject to the permission of the issuing bank), and cards for only internet use.
In the case of bankcard payments, following the successful transaction – this means the approval after the expiry date of the bank card and the coverage are controlled – CIB Bank debits the account of the Card Holder with the countervalue of the goods/services.
If you’re not directed back from the payment page to the Store’s website, the transaction qualifies as unsuccessful. If you click on the „Back” of „Refresh” buttons of the browser on the bank’s payment page, or close the browser window before you could be redirected to the store, the payment will qualify as unsuccessful.
If you wish to receive more information about the outcome of the transaction, or learn about the causes and details of unsuccessful transactions, please contact your account keeping bank.
What types of card can be used for making payment?
VISA and MasterCard embossed cards and certain VISA Electron cards. Whether you can use VISA Electron cards for online transactions depends on the bank that issued the card. The VISA Electron cards that are issued by CIB can be used for making purchases online.
Which bank cards are suitable for making online payments?
All embossed VISA cards and MasterCards/Maestro that have been enabled for online payment by the card-issuing bank, as well as webcards that are specifically designed for online use.
Is it possible to pay with shopping cards?
It is not possible to make payments online using points-based loyalty cards issued by merchants or service providers.
Is it possible to pay with co-branded cards?
It is possible to pay using any co-branded card, provided that it is a MasterCard or VISA card suitable for making payments online.
THE PAYMENT PROCESS
What happens at the bank in terms of support processes for online payment?
After selecting ‘card’ as the method of payment on the merchant’s/service provider’s website, the person making the purchase initiates the payment, as a result of which he or she is redirected to the bank’s payment page equipped with a secure communication channel. In order to make the payment, you will need to enter the card number, the expiry date of the card, and the 3-digit validation code that is on the signature strip on the reverse side of the card. It is you who starts the transaction; after that, the card undergoes a real-time authorisation process in which the genuineness of the card data, the funds coverage and the purchase limit are checked. If all the data is satisfactory, the transaction can be continued and your account-keeping (card-issuing) bank blocks the payable amount on your card. The amount will be charged to (debited from) your account within a few days, depending on the account-keeping bank.
How does buying on the internet using a card differ from conventional card purchases?
There are important differences between what are known as ‘card-present’ transactions and ‘card-not-present’ transactions. Card-present transactions take place using a POS terminal. After the card is swiped and the PIN code is keyed in, the terminal contacts the cardholder’s bank via the authorisation centre and, depending on the type and the issuer of the card, through the VISA or MasterCard network. This is where the validity of the card is verified and the coverage check is performed (i.e. where authorisation takes place). The response is sent back along this same path, and thus the POS terminal (or the merchant) receives the authorisation or the rejection. The buyer then signs the sales slip. Card-not-present transactions are where the bankcard is not physically present at the time of processing. These include transactions initiated by way of a posted letter, by phone or electronically (over the internet), where the buyer (cardholder) initiates the transaction by entering the requested card data on a (256-bit encrypted) payment page. Here, you receive an authorisation number related to the successful transaction, which is the same as the number you find on a paper-based sales slip.
What does reservation mean?
As soon as the bank is informed of the transaction, reservation (blocking) follows, since for the actual debiting to take place the official data must first arrive, which takes a few days and during this time the money earmarked for the purchase could otherwise be spent on something else. For this reason, the money that has been used for the purchase or withdrawn in cash is separated and ‘reserved’. The reserved amount remains part of the balance of the account, that is, it continues to earn interest, but it cannot be spent again. Reservation ensures that any transactions for which there are no longer sufficient funds are rejected, even though the account balance would otherwise allow the transaction to go through. If the debit instruction does not arrive within the space of a few days, the bank may release the reserved amount, which thus becomes spend able again.
UNSUCCESSFUL PAYMENTS AND WHAT TO DO ABOUT THEM
When might a transaction be unsuccessful?
Generally, these are payment orders that are not accepted by the card-issuing bank (i.e. the bank from where the customer obtained the card), though where bankcards are used, the reason could also be that due to a telecommunication or computer error, the request for authorisation has not reached the card-issuing bank.
Possible problems related to the card
Possible problems related to the account
Possible problems in the connection
Possible ‘technical’ problems
What should you do if the payment procedure is unsuccessful?
For all transactions, a transaction identifier is generated, which we recommend you note down. If during the payment attempt the transaction is rejected from the bank’s side, please contact your account-keeping bank.
Why do I have to contact my account-keeping bank if the transaction is unsuccessful?
During the card-verification procedure the account-keeping (card-issuing) bank sends a note to the merchant’s bank collecting the amount (i.e. the ‘acquirer’ bank), asking if the transaction can be executed. The acquirer bank is not allowed to disclose any confidential information to the customer of another bank, only the bank that identifies the cardholder has the right to do so.
What does it mean if I get a text message from my bank about the reservation/blocking of the amount, but the merchant/service provider indicates that the payment was unsuccessful?
This can happen if the card was verified on the payment page but you did not return to the merchant’s/service provider’s website. If this is the case, the transaction is regarded as incomplete and is thus unsuccessful. In such cases your card is not debited with the amount and the reservation is released.
What do VeriSign and an ‘TLS communication channel with 256-bit encryption’ mean?
TLS (which stands for Transport Layer Security) is a widely accepted encryption procedure. Our bank has a 256-bit encryption key, which protects the communication channel. The company VeriSign enables CIB Bank to use the 256-bit key, which in turn allows us to provide TLS-based encryption. Currently this encryption method is used in 90% of all e-commerce trade worldwide. With the TLS functionality, the browser software used by the shopper encrypts the cardholder’s data prior to transmission, and thus the data is sent to CIB Bank in a coded form, which ensures that it cannot be deciphered by unauthorised persons.
After the payment my browser warned me that I was about to leave the security zone. Is the security of my payment still guaranteed?
Yes, absolutely. The payment process takes place on a 256-bit encrypted communication channel, so it is completely secure. After the transaction, you get back to the merchant’s website, and if the merchant’s website is not encrypted, your browser warns you that you have left the encrypted channel. This does not mean that the security of the payment is in any way jeopardized.
What is the meaning of the CVC2/CVV2 code?
In the case of MasterCard, the ‘Card Verification Code’, and in the case of Visa, the ‘Card Verification Value’, is a coded numerical value stored on the magnetic strip of the card, with which it can be established whether a card does in fact exist and is valid. When shopping online you need to give the CVC2 code, which is the last three digits of the row of numbers that you’ll find on the reverse side of your MasterCard.
What does Mastercard SecureCode mean?
Holders of MasterCard cards who are registered in the Mastercard SecureCode system choose a password at the card-issuing bank, with which they can identify themselves when shopping online and which helps ensure that their MasterCard cards are not used by unauthorized persons. CIB Bank accepts cards that have been issued within the Mastercard SecureCode system.
What does Verified by Visa mean?
Holders of Visa cards who are registered in the Verified by Visa system choose a password at the card-issuing bank, with which they can identify themselves when shopping online and which helps ensure that their Visa cards are not used by unauthorized persons. CIB Bank accepts cards that have been issued within the Verified by Visa system.
What is the UCAF code?
This is a unique code you may have been given by your card-issuing bank in the case of a MasterCard. If you did not receive such a code, leave the field blank.