Online payments

What data is required for payment

Alert

Online payment doesn't require the customer to provide their address, passport details, or other personal data. Don't enter them in payment forms.

When paying online, you need to specify:

  • Card number.
  • Cardholder's name (not in all cases).
  • Card expiration date: month and year.
  • CVC/CVV code.

This data isn't stored on the seller's site but is sent to the payment system. The system authorizes the user and checks the funds on their account or the credit card limit.

How the bank protects payments

Most banks employ two-factor authentication using the 3-D Secure protocol. Before the transaction, the bank sends the customer an SMS or a push notification with a code. If you enter the wrong code, the transaction is stopped. Some bank cards have 3-D Secure enabled by default, but sometimes you may need to activate it yourself.

Note

Not all online stores support 3-D Secure. Besides, the verification code isn't usually sent if the card is linked to the store.

How to ensure online payment security
Online threats
  • Don't make online payments on public Wi-Fi. There are far more scammers and hackers there.
  • Make sure your connection is secure: you should see a closed lock icon in the address bar. If you see a warning about a malicious website instead of the site's pages, stop the payment and close the page.
  • Enable browser protection, for example, the protected mode of the Yandex Browser Protect system or the Kaspersky Protection extension.
  • Install an antivirus on your device.
Secure payments
  • Only make purchases on trusted sites that support the 3-D Secure technology (payment confirmation with a code).
  • Only install official internet banking apps. Don't download IPA and APK files from file sharing sites.
  • Store your card details in trusted and reliable browsers, services, and apps.
  • Protect your payments with Touch ID or Face ID.
  • Don't register in online stores using social media accounts. Scammers collect personal information in social networks and often hack accounts.
  • Set up notifications about online banking transactions. This way, you can notice malicious actions and react in time.
  • Don't link your main card to an online store. Get a separate card for online payments, set a transaction limit for it, and link it to stores.
Payment data
  • Check the payment amount on the page where you enter your card details.
  • In the payment form, only enter the necessary information (card number, holder's name, expiration date, and security code).
  • When you receive an SMS and push notification with a verification code, check the sender and the amount. Be careful so that you don't become a victim of phone or internet fraud.
  • Don't tell anyone the codes and passwords from notifications. Banks and other legal organizations will never ask you for a verification code or password — only scammers do that.
What to do if money was taken without your knowledge

Contact your bank immediately: call the official number or use the chat in the app. Block the card or account. Within 24 hours, declare that the money was taken without your consent.

Note

If you violated the procedure for using the card (for example, you gave the verification code to phone scammers) and someone used it to perform a transaction without your consent, you won't get a refund.

Previous
Bank card storage
Next
Online fraud