A payment card is a universal, convenient and secure payment instrument. Security level depends mainly on the knowledge and behaviour of the user. To minimize the existing risks, it is necessary to use the card in a conscious, responsible manner and follow certain rules.
Conotoxia Sp. z o.o. as a payment card issuer provides its customers with innovative and safe solutions. It enables, through a dedicated app and a user panel at conotoxia.com, independent management of elements such as:
- PIN code,
- card status (blockage and restriction),
- transaction limits,
- payment options (enable or disable cash, contactless, online, or foreign transactions).
The active and conscientious use of available functions and possibilities has a direct effect on increasing the comfort and safety of card use.
Below we present the so-called good practices. Understanding and following them will make the use of the payment card more comfortable and safe.
The most important security principle is the protection of payment card data, such as:
- PIN,
- card number,
- expiration date,
- CVV2 or CVC2 code,
- OTP (one-time password) codes, used to 3D Secure verification for online transactions.
The user should adopt the necessary steps to protect these data and not disclose them to unauthorized people.
Remember:
- Do not give your card number to anyone who calls you, even if the caller informs you that they are employees of the card issuer and ask to verify the information (card issuers do not use this practice).
- If you initiate the contact, share the card details (necessary to carry out a remote transaction - card number, expiration date, CVC/CVV2 code) only if you are certain about the Recipient and if it is directly related to the execution of a payment transaction with a trusted Merchant.
- Never reply to messages in which the sender asks you to provide card details.
- Never respond to messages that invite you to visit a website and provide card details for "verification purposes".
- Do not give your card details on sites you are not sure about and trust.
- Do not provide card data on sites offering branded goods at attractive prices, participation in testing of branded equipment, participation in various types of sweepstakes.
- Be extra careful when using the card on websites offering erotic or gambling content, etc.
- Protect the card data in such a way that unauthorized persons cannot get into their possession, e.g. by recording the card image using digital devices or in any other way.
- Never make the cards available to unauthorized persons.
- When using the card, apply the principle of limited trust, verify what and where you pay for, read the regulations, verify suppliers.
- Do not publish the card image.
- Use transactions LIMITS for online payments. You can easily manage them yourself using our app or portal. Set them at a level appropriate to your current payment needs. You can always scale them up or down for a one-time payment.
- Keep your card account balance at a level appropriate to your current transaction needs, and manage it responsively from the app or portal.
- When paying on websites, provide your card details only on encrypted websites, i.e. those where the address starts with https:// (instead of http://) and a closed padlock icon is visible in the browser window. Check that the website certificate is correct and up-to-date (data can be displayed by clicking on the padlock icon).
- If possible, verify the website identity.
- Apply the principle of limited trust to unknown stores and payment systems.
- Be cautious of sites offering attractively priced electronic goods and services. Verify that providing your card details does not trigger a paid subscription.
- When you save your card as a payment method for your online profiles, be careful, use appropriate passwords and protect access to confidential information.
- Wherever possible, use services offering payments based on the 3D Secure standard, providing additional user verification and a high level of security.
- Protect the devices on which you have saved the card as a form of payment from unauthorised access.
- Make sure you always carefully check the content of notifications from the 3D Secure service (the message in the Conotoxia app or the text message content) - pay attention to the amount, the date of the transaction and the name of the merchant (seller), whether they match the payment you want to make.
- Use virtual cards for online payments.
- At any time in the app or portal, in Payment Options, you can enable or disable "online transactions" yourself - manage these settings actively. This way, you increase the security of your card and your funds.
- Do not send your card details (number, expiry date, CVV code) to people you do not trust if they declare that they will make a deposit to your card on a service providing P2P (person-to-person) transfers.
The Personal Identification Number (PIN) is the basic security feature of a payment card. It is an element of user verification, required when performing transactions in ATMs and stores (depending on the type of transaction). According to the Terms and Conditions for issuing and using payment cards, the user is obliged to protect the PIN properly. For this purpose, the following rules should be applied:
- Keep your PIN code confidential, do not disclose it to anyone.
- Protect your PIN from loss or disclosure.
- Do not keep your PIN with your card.
- It is unacceptable to keep the PIN code in your phone or on a piece of paper in your wallet, for example.
- Avoid using a simple combination of PIN numbers.
- Learn your PIN by heart.
- Change your PIN if you think that its confidentiality may have been compromised. You can do it yourself at any time, in the app or Conotoxia.com portal.
- Do not share your PIN with anyone. Remember that disclosing it to a third party is a violation of the rules specified in the Terms and Conditions.
REMEMBER! Issuers and card organisations NEVER ask for your PIN.
When paying by card in stores, service points and restaurants, remember about safety rules. In such places, do not lose your card from sight and pay attention to unusual behaviour of the merchants (the CVV2/ CVC2 code may be stolen, e.g. by taking photos with the phone). If the payment terminal is out of your sight - demand to have it presented at the payment, and if this is not possible, resign from shopping in such a store.
When entering the PIN code on the terminal, make sure that it is not visible to outsiders.
You can enable or disable the "foreign transactions" option in the app or portal in Payment Options section at any time. Take active use of the available options, adjust the settings to current needs, increasing the security of the card and accumulated funds.
When using an ATM, it is important to maintain basic safety rules. This will minimize the risk and consequences of possible fraud.
Nowadays, the criminals who carry out crimes with the use of ATMs usually use devices which cannot be detected by an unauthorized person. Nevertheless, before you use the device, it is worthwhile to look at the elements of an ATM most frequently used by fraudsters:
- Card reader slot - a miniature scanner can be placed in the slot to copy the contents of the magnetic stripe of the card inserted into the ATM;
- a bold keyboard that overhangs the counter surface - in fact, it can be a special overlay to capture and register the PIN codes entered by customers;
- upper wall of the ATM - in which, for example, a camera recording PIN numbers entered by customers can be installed in a fake panel (with logos of payment organizations).
In addition to copying cards, one should pay attention to the signs in the operation of an ATM, which may indicate the occurrence of so-called cash or card trapping, i.e. actions aimed at intercepting money (paid out by an ATM) or a payment card by the offenders. If you find that the ATM has stopped your payment card for no apparent reason, block it yourself in the app or contact our Customer Care Department.
Suppose the ATM did not give the money, even though the situation shows that it should (messages on the screen, sound system work). In that case, it is necessary to verify the external side of the dispenser modules (flip-flops), through which funds are given for collection regarding some external interference, presence of non-original elements, etc. In case of any irregularities, contact the ATM operator (number provided on the device) and Customer Care Department. If necessary, please also notify the police.
If you do not perform cash operations, disable this option in the Payment Options in the app or portal.
According to the provisions of the Terms and Conditions for issuing and using payment cards, the Card Holder is obliged to report its loss or theft immediately. When such situation occurs, the Card Holder should firstly block the card on his/her own, using the app or our portal, and if this is not possible, by contacting the Customer Care Department.
The fast response is essential to minimize the risk of unauthorized use of the card and its possible costs.
The customer, when using the payment card, is obliged to keep it with due diligence, limiting the possibility of its loss and access by third parties.
Regularly review your statements and transaction history. Look for unusual operations, e.g. a series of small transactions for similar amounts, purchases in stores where you have never been, etc. In case of identification of irregularities or any doubts, contact our Customer Care Department immediately.