Security of using a payment card

Being committed to security of payment card transactions and to prevent fraudulent schemes, UKRSIBBANK in partnership with Visa inc. and Mastercard Worldwide international payment systems has prepared some rules and tips.

Безпека користування платіжною карткою

It is important to follow the following rules:

Personal signature

As you receive your card, make sure you sign it with a ballpoint on the back of the card. The signature must correspond to the specimen signature in your passport.

PIN

Activate your card by changing the PIN at the UKRSIBBANK ATM. Don’t use the same PIN as your previous card. The card having such PIN is an easy give-away for card fraudsters.

Lose PIN

Only you know your PIN as a cardholder, the PIN is not accessible to UKRSIBBANK officials. In case you lose your PIN, you should contact the UKRSIBBANK branch where your card account was opened and request a reissue.

Set spending limits

Set spending limits on your payment cards

More tips

  • Review your account statements and check your transactions on a monthly basis.

  • Switch to chip cards that store classified data on the microcontroller chip and use complex encryption algorithms for maximum safety of your funds.

  • Keep your card inaccessible by third parties and away from electro-magnetic fields (such as mobile phones, TV sets, displays, etc.) that can demagnetize your card.

  • Immediately report your payment card as lost or stolen to UKRSIBBANK (so it can be blocked), or in case of revealing any suspicious card transactions that you did not make so that UKRSIBBANK could promptly investigate the case.

Never disclose your PIN to anyone! Do not write it down where it can be easily accessed by other people, especially on the card itself or on items kept close to the card.

Avoid using easily guessed combinations for PIN such as «1111», «1234» etc.

Do not give your card to third parties.

Never disclose your payments card details such as password, expiry date, CVV2 / CVC2, UKRSIB Online login, as well as passwords notifications from UKRSIBBANK.

Using a payment card at atms

Follow these rules:

  • Before making a transaction, carefully check the ATM for any additional attachments or devices that change how the ATM normally looks like.

  • If you spot any suspicious attachments on the keypad or card slot, avoid using such ATM and, when possible, report it to UKRSIBBANK.

  • Cover the keypad with your hand each time you enter your PIN.

  • Do not ask strangers for help, nor respond to any such requests.

  • If your card is captured by the ATM, contact the UKRSIBBANK Call Center.

Making transaction in outlets

Remember the following:

  • When paying for products and services, keep your card within reach making sure each payment is made in your presence.

  • It is advisable to use contactless cards such as Contactless (PayPass) by MasterCard®. This will allow you to make one touch purchases without having to give your card to the cashier.

  • Check receipts and cheques you sign and keep them.

Using a payment card on the internet

  • Use advanced operating systems and antivirus software

  • Update antivirus software in a timely manner or turn on automatic updates

  • Use only protected PC with restricted physical access by third parties

  • Use secure communication protocol https:// instead of http://

  • Do not give your smartphone to third parties

  • Download apps and tools by authorized companies from official Internet marketplaces

  • Do not open computer attachments or files, nor follow links in emails from untrustworthy sources or unknown or suspicious senders

  • Set and periodically change your workstation and smartphone passwords, never disclose your password information to anyone

  • When installing apps and tools, pay attention to what permissions you give to such apps and tools

Payment by card online

  • Online-notifications enable an automatic and free use of 3D Secure technology to receive an OTP generated via SMS to your mobile phone for authentication.

  • Before transacting online, check the website closely for any misspellings and stylistic errors, accuracy of contacts, date of website creation, relevancy of content, explore reviews and feedback on the website.

  • Give preference to post-purchase payments or secure purchase/delivery services.

  • For online shopping, disclose your full name and your card number only.

Never disclose its expiry date, or CVV2/CVC2, or other details!

Avoid entering your payment card details (card number, expiry date, CVV2/CVC2) on the websites proposing you to take part in various special offers with rewards to be paid into your card, or on other suspicious websites. Such websites are intended for illegitimate collection of payment card details to be further used for fraud.

Protecting your phone number

Follow these rules:

  • Always use PIN to protect your SIM card.

  • If you lost your smartphone or tablet, immediately call UKRSIBBANK to block your cards and access to UKRSIB online.

  • Contact your mobile service provider to block your SIM card.

  • Register your phone number in your name. Contact your mobile operator’s office to request adding your data, passport copy etc. to your phone number.

  • Do not disclose your financial phone number on the Internet.

  • If you got a few calls in a row from different phone numbers from strangers, feel free to contact your mobile operator to block your SIM card.

Social engineering

Social engineering is a way of gaining access to required information by using human psychological features. The main purpose of social engineering is to gain access to confidential information, personal data, card details, passwords, bank details and other secured systems for further fraudulent transactions.

Information can be accessed by fraudsters as follows:

  • Phishing A type of fraud aimed at accessing confidential data (card number, expiry date, CVV2 / CVC2, name of the cardholder, OTPs from UKRSIBBANK). Phishing websites is the most common way on the Internet to trick the user into revealing their data.

  • Vishing, Voice phishing Its main difference is that confidential data is stolen during a phone call.

  • SMiShing Called so similarly to phishing and vishing with data being stolen via SMS and emails.

What data do fraudsters need:

  • card number

  • expiry date

  • CVV2 / CVC2

  • password

  • 3D Secure OTPs

Never disclose your payment card details to those who call you, send you SMS, emails or claim to represent UKRSIBBANK, or Visa Inс. and MasterCard WorldWide, NBU, SSU, etc. and request your personal data, claiming that it is needed for purposes of identification, or to acknowledge your possession of the card, or to deposit money into account, etc.

In such cases, you are advised to contact UKRSIBBANK for confirmation of the call.