Our PYXIS webshop is offering its consumers secure bank card payment provided by CIB Bank (bank of Intesa Sanpaolo). The security relies on the separation of data. With the use of the system the PYXIS webshop receives only the quantity of the ordered commodity and the delivery address from the consumer, while CIB Bank the card data on a 256-bit TLS secured payment page. The PYXIS webshop will not be informed about the payment-side data content, they are accessible for CIB Bank only. The bank will inform the PYXIS webshop if the transaction was successful or not. Your internet-browser must support TLS encryption to use bank card payment solution.
The counter-value of the purchased goods, the paid amount will be promptly blocked on your card account. Please read this information carefully.
You will find below a short description about how you can shop in a safe and reassuring way.
When shopping, you should pay attention to the following matters:
• Read through the PYXIS webshop’s information leaflet, the conditions of the purchase and delivery terms.
• Study the PYXIS webshop’s security conditions since these will guarantee the security of your data.
• Note your data relating to your purchase.
• Keep a record of the transaction data connected to your payment. (transaction ID, Authorisation code)
• Make sure that unauthorised person does not have access to the secret data of your card
• Use a browser that recognises the option needed to TLS encryption
TLS is an abbreviation for an accepted encryption method called Transport Layer Security. This Bank has a 256-bit encryption key to protect the communication channel. A firm named VeriSign makes possible for CIB Bank the use of the 256-bit key, with which we ensure the TLS-based encryption. For the time being this encryption method is used in 90% of global e-commerce. Before transmission, the browser used by the buyer encrypts the card holder’s data with the help of TLS which means they are passed to CIB Bank in a coded form, this way they are indecipherable for unauthorised persons.
CIB Bank’s Internet payment system allows the use of cards like Mastercard/Maestro and VISA and VISA Electron (the use of the last one is subject to the permission of the issuing bank), and cards for only internet use.
1. On the page of the PYXIS webshop you select the goods/services, for which you intend to pay with your bank card.
2. Following that you’re redirected to the webpage of CIB Bank guaranteeing secure payment, where you have to enter your card data to begin the payment.
3. Following this, you’re redirected to CIB Bank’s page guaranteeing secure payment, where you have to enter your card data to start the payment process.
4. Following the payment, you’re directed back to the PYXIS webshop page, where you receive a confirmation about the result of the payment.
In the case of bankcard payments, following the successful transaction – this means the approval after the expiry date of the bank card and the coverage are controlled – CIB Bank debits the account of the Card Holder with the countervalue of the goods/services.
If you’re not directed back from the payment page to the Store’s website, the transaction qualifies as unsuccessful. If you click on the „Back” of „Refresh” buttons of the browser on the bank’s payment page, or close the browser window before you could be redirected to the store, the payment will qualify as unsuccessful.
If you wish to receive more information about the outcome of the transaction, or learn about the causes and details of unsuccessful transactions, please contact your account keeping bank.
What types of card can I pay with?
You can pay with all embossed VISA and MasterCard cards, and certain VISA Electron and V Pay cards. Whether or not you can use VISA Electron cards for internet-based payments depends on the bank that issued the card. VISA Electron bank cards issued by CIB can be used for internet-based purchases.
Which banks’ cards are suitable for internet-based payments?
All VISA and MasterCard/Maestro cards that the card-issuing bank has authorised for internet payment, as well as ‘web cards’ issued specifically for internet use.
Can I pay with a shopping card?
Point-collecting cards, used for storing loyalty points, issued by merchants/service providers, cannot be used to pay via the internet.
Can I pay with a co-branded card?
All co-branded cards that are MasterCard or VISA-based cards suitable for internet payments can be used to pay.
THE PAYMENT PROCESS
How does the background process for online payment work?
After choosing ‘bank card’ as the method of payment on the website of the merchant/service provider, the shopper initiates payment, and is then diverted to the Bank’s payment page, which is equipped with a secure communication channel. For payment, you need to give your card number, card expiry date, and the 3-digit security code on the signature strip on the reverse side of the card. The transaction is launched by you, and then the card undergoes a real-time authorisation process, in which the authenticity of the card details, the available funds and the spending limit are all checked. If all the data necessary for continuing the transaction is in order, your account-keeping (card-issuing) bank blocks the payable amount on your card. The debiting (deduction) of the amount from your account takes place within a few days, although precisely how long it takes will depend on the account-keeping bank.
How does a card-based purchase via the internet differ from a conventional card-based purchase?
We distinguish between transactions where the card is actually presented in the store (Card Present), and those where it is not physically present (Card Not Present). Card Present transactions take place using a device called a POS terminal. After the card has been swiped and the PIN keyed in, the terminal makes contact with the card holder’s bank via the authorisation centre and, depending on the type of card and its issuer, either the VISA or the MasterCard network. This is where the validity and funds verification check (authorisation) takes place. The POS terminal (and the merchant) receives the approval or rejection via the same route, only in reverse order. The shopper signs the card receipt. Card Not Present transactions are transactions where the bank card is not physically present. These include transactions executed by post, telephone or electronically (via the internet), in which case the shopper (card holder) launches the transaction by giving his or her requested card data via a secure (256-bit encrypted) payment site. If the transaction is successful, you receive an authorisation number, which is the same as the number that would be shown on the paper receipt.
What does reservation mean?
As soon as the transaction comes to the bank’s attention, it is followed by reservation (blocking), because the actual debiting can only take place once the official data arrives, which can take a few days, in which time it would otherwise be possible to spend the amount of the purchase again. This is why, through reservation, the money used for a purchase or cash withdrawal is segregated and blocked. The reserved amount is still part of the account balance, so it earns interest, but cannot be spent again. Reservation ensures that transactions for which there aren’t enough funds are refused although the account balance would, in principle, still permit them.
UNSUCCESSFUL PAYMENTS AND WHAT TO DO
When might a transaction be unsuccessful?
Usually this happens when the payment order is not accepted by the card-issuing bank (i.e. the bank that gave you the card), or it might be due to a telecommunication or IT fault that prevent the authorisation request from reaching the card issuer when using a bank card.
- The card is not suitable for internet payments.
- Use of the card over the internet is blocked by the account-keeping bank.
- Use of the card is blocked.
- Incorrect card data (card number, expiry date, security code on the signature strip) has been given.
- The card has expired.
- There are insufficient funds to execute the transaction.
- The amount of the transaction exceeds the card spending limit.
- The connection was probably lost in the course of the transaction. Please try again.
- The transaction timed out. Please try again.
- If you are not returned from the payment site to the website of the merchant/service provider, the transaction was unsuccessful.
- If you have left the payment site, but return to the payment site using the browser’s “back”, “reload” or “refresh” function, the system will automatically refuse the transaction for security reasons.
What should I do if the payment procedure is unsuccessful?
A transaction ID is generated for every transaction, and we recommend that you make a note of this. If in the course of the payment attempt the transaction is refused by the bank, please get in touch with your account-keeping bank.
Why do I have to get in touch with my account-keeping bank if the payment was unsuccessful?
In the course of the card check, the account-keeping (card-issuing) bank notifies the (accepting) bank of the merchant collecting the amount whether the transaction may be executed. The accepting bank cannot give out confidential information; only the bank that identifies the card holder is entitled to do so.
What does it mean if I get an SMS text message from my bank on the reservation/blocking of the payable amount, but the merchant/service provider indicates that payment was unsuccessful?
This can happen if the card check has taken place on the payment site, but you have not returned to the website of the merchant/service provider. In this case the transaction is classified as incomplete, and as such it is automatically deemed unsuccessful. When this happens, the amount is not charged to your card, and the reservation is lifted.
What do VeriSign and 256-bit encrypted TLS communication channel mean?
TLS is the abbreviation for the Transport Layer Security, the approved encryption process. Our bank has a 256-bit encryption key, which protects the communication channel. The company VeriSign enables CIB Bank to use the 256-bit key with which we ensure the TLS-based encryption. At present, 90% of the world’s electronic commerce uses this method of encryption. The browser program used by the shopper encrypts the card holder’s data using TLS prior to sending, so that all the information is transmitted to CIB Bank in encrypted form, rendering it undecipherable for unauthorised persons.
After the payment, my browser warned me that I’m leaving a secure zone. Is the security of my payment still assured?
Absolutely. The payment process takes place via a 256-bit encrypted communication channel, so it’s totally secure. After the transaction, you’re returned to the merchant’s website, and if the merchant’s website isn’t encrypted, your browser will warn you that you’re leaving the encrypted channel. This doesn’t represent a threat in terms of the security of the payment.
What’s the CVC2/CVV2 code?
At MasterCard this is short for Card Verification Code, and at Visa, for Card Verification Value, and it is a numerical value coded onto the magnetic stripe of the bank card, which can be used to determine the authenticity of the card. The CVC2 code, which is the last three digits of the number printed on the reverse of MasterCard/Maestro cards, must be provided in the course of internet purchases.
What does Verified by Visa mean?
Visa card holders who are registered in the Verified by Visa system can choose a password at the bank that issues the card, which they use to identify themselves when making internet-based purchases, and which protects against the unauthorised use of Visa cards. CIB Bank accepts cards issued under the Verified by Visa system.
What does MasterCard SecureCode mean?
Mastercard/Maestro card holders who are registered in the Mastercard SecureCode system can choose a password at the bank that issues the card, which they can use to identify themselves when making internet-based purchases, and which protects against the unauthorised use of Mastercard/Maestro cards. CIB Bank accepts cards issued under the Mastercard SecureCode system.
What is the UCAF code?
If you have a MasterCard/Maestro card, you may have received an individual code from your card-issuing bank. If you didn’t, just leave the field blank.