Everything is available online, from information to entertainment content. Online shopping with card payment has become a usual way of getting a desired product or service in just a few clicks.
Although online shopping is simple and fun, check what you have to be careful about to protect yourself from frauds: Safe use of cards.
Online payment with a card starts: 1. by selecting a desired product or service 2. by entering your personal details, such as your name and surname, as well as your delivery address 3. and by entering your card details: card number, expiration date and/or the three-digit number from the back of the card (so-called CVC).
All Zagrebačka banka cards support the 3-D Secure security standard, i.e., reliable authentication is ensured when making online payments with Zaba cards.
After entering your card details, the transaction authorization method depends on whether the point of sale accepts the security standard or a certain exception applies (e.g., small-value transactions, subscriptions - recurring transactions, etc.).
It is recommended to make payments at retail stores supporting 3-D Secure (Mastercard Identity Check, Visa Secure).
For paying with cards at online shops supporting the security standard, you need a Bank PS m-token. If you do not have a PS m-token, you can request it from your Relationship Manager/Corporate Banker. The PS m-token service itself is free of charge.
Mastercard and Visa are discontinuing support of the old version of the security standard for online card payment authentication.
As of October 18, 2022, authentication of online payments made with Visa and Mastercard cards issued by Zagrebačka banka will, therefore, no longer be performed based on an APPLI1/OTP generated by or an m-tokenPS. Payment authentication based on a PUSH notification or a token-generated APPLI2/MAC will continue to be performed.
The 3-D Secure security standard is a cardholder identification service which allows secure online shopping using Visa debit cards and Mastercard and Visa credit and charge cards. When using your corporate card to make an online payment, you confirm your transaction by using the bank’s PS m-token.
Which Zagrebačka banka cards can be used for online payments?
All corporate cards may be used online and they support the 3-D Secure security standard. Only an authorised representative of the relevant entity may arrange online usage and have limits defined for corporate debit cards made available to authorised users.
How to pay using a card if the 3-D Secure security standard is implemented?
1. 3DS PUSH METHOD (biometric authentication) For PS m-token users if the push message option is activated.
The screen on which you are shopping a product or service will immediately display an authorisation screen, where you need to click “Continue”. After opening a push message on your phone, check the payment details and select CONFIRM or REJECT the purchase.
More information on biometric authentication is available
here.
2. AUTHENTICATION USING THE APPLI2/MAC METHOD ON THE TOKEN The method is available to physical token and m-token users (if the push message option is not activated or if the purchase is rejected in the push message).
After you enter your PIN in the PS m-token, select MAC/APPLI2;
Enter the series of numbers appearing on the web shop’s screen in the MAC/APPLI2 field on the token to confirm payment;
Enter the MAC generated by the token in the designated field on the web shop’s screen, confirm your entry, and your payment will be completed.
How to shop online using my debit or credit business cards?
On online shops supporting the 3-D Secure security standard, you confirm your payment using your PS m-token by following the instructions appearing on the screen. If you do not have a PS m-token, you can request it from your Relationship Manager/Corporate Banker (
more information). The PS m-token service itself is free of charge.
Only a duly authorised person may arrange corporate cards and enable the online shopping limit option for end users of the card.
At online stores that have not implemented 3D Secure, no token authorisation screens will be displayed.
Why is the security standard enabling screen not displayed?
This screen is not displayed at retail stores that have not implemented the 3-D Secure security standard or where a certain exception from the implementation of reliable authentication applies (e.g., for small-value transactions or recurring transactions - various subscriptions, etc.). The security of using a card for online payments
depends on the security standards implemented by retail stores. Zagrebačka banka ensures that card payments remain secure and has implemented the 3D Secure security standard for all cards issued by Zagrebačka banka.
In addition to the security standard implemented, which other card security measures are taken?
For security reasons, Zagrebačka banka additionally defines
daily spending limits and the maximum number of transactions for different cards. Such defined limits may be changed at the cardholder’s request, depending on the needs and habits associated with using payment cards. Please contact the company’s authorised representatives to check the agreed card limits.
What is important to check before using websites where cards are used for payment (PayPal, Google, Amazon, etc.)?
Before using an online shop where cards are used for payment or where your card number is saved for future payments, please thoroughly examine and check all terms and conditions, save your username and password, and always sign out when you are finished.
In addition to the card number expiration date, online shops ask for my CVV or CVC or a security code. Where can I find this information?
CVV (Card Verification Value) or CVC (Card Verification Code) is a 3-digit number appearing on the back of your card.
What should I be careful about when booking accommodation (hotel, apartment, etc.) online?
Each time they shop online, including booking and/or paying for accommodation using their payment card, the user must read the accommodation service provider’s business terms and conditions and whether or not any payment will be required in case of failure to appear or early departure. In certain situations, the offer is particularly favourable precisely because the accommodation service provider does not provide the option to subsequently cancel the accommodation or modify the terms of the reservation, in which case the customer will not receive a refund of the advance payment made using their card. It is also recommended to only use your card at sites known to be secure and, in case you do not know the service provider’s language, retain the service from a local travel agency.
What should I do if I want to cancel a card-based subscription for a service arranged online (for example, a daily/monthly/annual subscription to an online magazine or professional portal, online game subscriptions, etc.)? Do I need to block the card and submit a complaint to Zagrebačka banka?
As this service was arranged with an online store,
please read the terms and conditions of using the service available on their website, which should include information about the options of cancelling the service and the relevant notice period, if any. You should submit your subscription cancelation request to the online store. As an exception, if you are unable to have your service cancelation request processed (the website is no longer available or the service provider denies your request), you can contact the bank for advice. In that case, please attach your service cancelation request and all correspondence between the service provider and you as the cardholder and their customer and we will try to help.
The zaba.hr website uses cookies. Necessary cookies are required for the functioning of the website. Other cookies enable visitor tracking in order to improve our services and provide a better marketing experience. If you reject other cookies, our website may work differently and its use may be less convenient. More about cookies and settings change
HR
