GR | EN | RU
Banking Card Service
X
E-mail sender:
E-mail receiver:

Information regarding the secure use of internet payment services

 

                   Use of Passwords

· The use of a strong password as well as its frequent changing, is one of the most important action you can make, in order to protect your accounts from malicious users.
· Keep all your passwords secret, they are private!!
· An officer of the Bank will NEVER ask you for any password.
· Do not use the same password everywhere.

 

 

                   Malware Protection

· Install antivirus software / application.
· Keep the antivirus always up-to-date and do not deactivate it.
· Avoid installing software / applications which are not approved or widely used
· Beware of any email attachments sent to you especially if you don't know the sender.

 

 

                   Attention to Phishing και Social Engineering techniques

· Be suspicious of any unwanted emails, telephone calls or even personal visits.
· Be extra careful when clicking on links sent to you, especially if you don't know the sender.
· Beware of any email attachments sent to you especially if you don't know the sender.
· Try not to use the suggested links but instead type the addresses of the webpages (URL) directly in the browser.
· The Bank's applications will NEVER ask you to submit the secret code (pin) of your Bank Card.
· Never disclose personal information.

 

 

                    Use of the internet

· Pay the necessary attention to non-certified, unknown or suspicious webpages.
· Do not publish personal and sensitive information on social networks and on the Internet in general.
· Avoid using suggested links and type the addresses of the webpages (URL) directly in the browser.
· When handling sensitive information, be sure that the webpages are using encryption technology (e.g. https://....)

 

 

                    Protection of computers, tablets and mobile phones

· Keep the operating system of computers, tablets and mobile phones always up-to-date.
· Keep the firewall activated at all times.
· Protect your computers, tablets and mobile phones with passwords.
· Limit the number of users who have access to your computer, tablet or mobile phone.

 

 

                   Public or unknown networks

· Avoid the use of public computers at least during the execution of internet payments
· Avoid the use of unknown networks (e.g. in coffee shops) during the execution of internet payments.

 

 

                   Reporting of security incident

· Report immediately any incident or suspicion of incident if it includes the following.
· Illegal payments.
· Suspicious incidents or anomalies during the connection to the Internet payment services.
· “Social engineering” attempts.

 

 

 

 

1. Information regarding the necessary hardware and software for the conclusion of internet transactions

What is required for the use of the Internet Payments Service?

For the use of the Internet Payments Service the access to a computer or other fixed or mobile means of communication which are connected to the internet is necessary.

Additionally, the above means must have one of the widely used web browsers (e.g. Internet Explorer, Firefox, Chrome, Safari, Opera). Even though, for maximum security, the final (up-to-date) version of the said software is recommended, for optimal viewing of the said service, the following software/versions are recommended:


Internet Explorer v8 and above.
Mozilla Firefox 8 and above.


In what way can I increase the security of my transactions through the internet?

The access to the internet is recommended to be completed through secure networks (e.g. home, office). The access to the internet through public networks (e.g. coffee shops, restaurants etc.) and/or public computers must be avoided, since it may result in reduced security. It is also recommended to avoid the use of the "Remember Password" utility offered by the web browsers.

In parallel, the hardware used must be protected by antivirus software and/or application. The said software / application must always be up-to-date and in continuous operation.

For more information see 1. Information regarding the secure use of internet payments services.

2. Guidelines on the secure use of personalised security data

Are the procedures implemented by the Bank for payments through the internet with the use of Bank Cards effective and secure?

The Bank maintains a specific security service which governs the conclusion of transactions through the internet with Bank Cards. The security service Safe@Web.

You can find more information in the section Safe@Web on the Bank’s website www.ccb.coop.com.cy.


How is the participation of the merchant certified in the transaction security service?

The participation of the merchant in the internet transaction security service Safe@Web is certified with the presence of the trademark VbV(Verified by Visa) on the merchant’s website.

 


How is authenticity of the internet transaction security service (Safe@Web) verified?

The authenticity of the internet transaction security service (Safe@Web) is verified by:

•    the digital signature of the Bank borne by the website of the service
•    the encryption technology used by the webpage (e.g. https://)
•    the presence of the trademark VbV(Verified by Visa) on the website of the service
•    the fact that the Bank shall never ask for the secret code (pin) of the customer


How does one gain access to the internet transaction security service (Safe@Web) and how is the personalised security data delivered to the customer?

During the completion of a purchase through the internet with a Bank Card and in case where the merchant participates in the specific security service, Safe@Web, the screens of the service are intercepted. It is necessary for the user to register in this service by following the relevant instructions, to receive a One Time Password (OTP) at the mobile phone number which is in the Bank's record. Once the user inserts the correct One Time Password (OTP) the transaction is completed.

You can find more information in the section Safe@Web on the webpage of the Bank www.ccb.coop.com.cy.



What are the minimum security requirements for the creation and protection of a strong password?


The passwords must remain secret.
The passwords must not be revealed to ANYONE (systems administrator, friends etc.).
The passwords must not be written down or stored unless strong mechanisms (encryption) are used for their protection.
The passwords must not be similar to the user names of the users.
The passwords must neither be common words (from a dictionary) nor be based on personal information of the user (e.g. family names, car brand, team etc.).


What is the procedure implemented by the Bank so that, the use of personalised security data, which relates to internet payments is effective and secure?

The procedure implemented by the Bank for the effective and secure use of personalised security data which relates to internet payments is the mandatory inserting of the One Time Password (OTP) which is sent by the Bank to the registered mobile phone of the customer in order to complete a transaction at a participating merchants.

3. Analytic description of each stage of the procedure for the submission and the approval for the conclusion of a transaction

What is the procedure for the conclusion of a transaction through the internet with a Bank Card?

Once you gain access to a computer or other fixed or mobile means of communication which are connected to the internet, at a secure and trustworthy environment (e.g. home, office etc.) you type the address of the webpage (URL) in the browser.

Then, you choose the desired service/product for purchase and during check out, you confirm your order and the personal shipping information.
    
Subsequently, you type the data of the Bank Card: name, card number, expiration date and the three-digit security number (CVV) in the corresponding fields.

In case where the merchant does not participate in the internet transactions security service Safe@Web the transaction is immediately concluded and a notification text message (sms) for this approval is sent to the cardholder.

In case the merchant participates in the transactions security service Safe@Web, the screens for creation of / entering your personalised security data are interposed and with their correct submission the transaction is concluded. You can find more information in the section Safe@Web on the webpage of the Bank www.ccb.coop.com.cy.

In case where the transaction is not concluded you can contact the Customer Service Centre of the Bank by phone at 800 22 000 or 00 357 22 743200 if you are calling from abroad during business hours.

4. Procedure you must follow in case of theft or loss of personalised security data

What is the procedure you must follow in case of theft or loss of personalised security data and/or abuse of your account?

In case of theft or loss of personalised security data or even of suspicion of its abuse you must proceed to the following actions:

1.    Notify immediately the Customer Service Centre of the Bank by phone at 800 22 000 or 00 357 22 743200 if you are calling from abroad during business hours or JCC payment Systems Ltd by phone at 00 357 22 868100 during non-business hours.
2.    Change all your passwords which authorise payments and/or grant access to electronic transactions.
3.    Change all your passwords on your computer/email account.

5. Description of obligations and responsibilities of the Bank and the customer in relation to the use of the Internet Payments Service

What is the Bank’s obligation and responsibility towards the customer regarding the Internet Payments Service and which procedures does it follow for their completion?

The Bank is obliged to provide to the customer the framework for the conclusion of secure transactions via the internet.

According to the existing framework, the Bank provides to its customers the following:

1.    Maintains a secure channel of continuous communication with the customers via its secure webpage https://coopsecure.coop.com.cy through which the customers are updated as to important security issues and on which possible warnings are posted in relation to issues concerning internet transactions security.
2.    Informs via its webpage of any security incidents, after first sending an sms to the customer informing on the existence of important information on the said webpage.
3.    Maintains monitoring mechanisms for executed transactions, using systems for the detection and prevention of fraud, suspicious transactions and/or malware infection.
4.    Places barring on and/or does not grant approvals for the conclusion of particular suspicious transactions and by doing so, notifying the customer with an sms.
5.    Offers the service Safe@Web with strong authentication (One Time Password-OTP via sms). For more information visit the section Safe@Web on the webpage of the Bank www.ccb.coop.com.cy.


What is the customer’s obligation and responsibility towards the Bank?

The customer is obliged and responsible towards the Bank to:

1.    Maintain his personalised data secure.
2.    Take all appropriate measures for the secure use of internet payments services and to maintain all necessary software and applications.
3.    Notify immediately the Customer Service Centre of the Bank as soon as he finds out any security incident including an unauthorised transaction.
4.    Choose to conclude transactions with secure merchants.