What type of cards can I use?
VISA and Mastercard embossed cards, and certain VISA Electron cards. Whether you can use VISA Electron cards in the internet or not depends on the issuing bank. VISA Electron cards issued by CIB can be used for online purchases.

Which banks’ cards can be used for online payment?
You can pay with any VISA or Mastercard/Maestro card that has been authorised by the issuing bank for internet payment, as well as web cards specifically designed for online use.

Can I pay with a shopping card?
Loyalty cards issued by merchants/service providers to collect loyalty points cannot be used for online purchases.

Can I pay with a co-branded card?
You can pay with any co-branded card that is a MasterCard or VISA-based card suitable for online payment.


How does the background process of online payment work at the bank?
After selecting “card” as the method of payment in the website of the merchant/service provider, you initiate payment, as a result of which you are redirected to the bank’s payment page, which is equipped with a secure communication channel. In order to make the payment, you need to enter the card number, the expiry date of the card, and the 3-digit card validation code printed on the signature strip on the reverse of the card. It is you who start the transaction; the card then undergoes a real-time authorisation process in which the authenticity of the card data, the funds available in the account and the purchase limit are checked. If all data are satisfactory for the transaction to continue, your account-keeping bank (the issuing bank) blocks the payable amount in your card. The amount will be debited to (deducted from) your account within a few days, depending on your account-keeping bank.

How does an online card purchase differ from traditional card transactions?
Distinction should be made between “Card Present” and “Card Not Present” transactions. Card Present transactions take place by means of a POS terminal. After the card has been swiped and the PIN code entered, the terminal contacts the cardholder’s bank via the authorisation centre and, depending on the type and the issuer of the card, through the VISA or MasterCard network. This is where the validity of the card and the coverage are checked (authorisation). The response is sent back on the same path, and the POS terminal (or the merchant) receives the authorisation or rejection. The customer then signs the sales slip. In the case of a Card Not Present transaction, the card is physically not present when the purchase is made. Such transactions include purchases made by mail, or on the phone, or electronically (over the internet), where the customer (cardholder) initiates the transaction by entering the requested card data in a secure (256-bit encrypted) payment page. Of the successful transaction, you will receive an authorisation number, which is the same as the number on the sales slip.

What does reservation mean?
As soon as the bank is informed of the transaction, reservation (blocking) follows, since for the actual debiting the official data must first arrive, which takes a few days, and otherwise the amount spent on the purchase could be spent again in the meantime. For this reason, the money spent on the purchase or withdrawn in cash is separated and reserved. The reserved amount remains part of the balance of the account, i.e. it continues to earn interest, but cannot be spent again. Reservation ensures that any transactions for which there are no more available funds in the account are rejected, even though the account balance would still theoretically allow the transaction to go through.


In what cases can a transaction fail?
The usual cause is that the issuing bank (where the customer got the card) does not accept the payment order; however, in the case of card payment another cause may be that the request for authorisation does not reach the issuing bank due to a telecommunication or computer error.

Problems related to the card

  • The card is not suitable for online payment.
  • The use of the card online has been prohibited by the account-keeping bank.
  • Card use has been banned.
  • The card data (card number, expiry date, code on the signature strip) have been entered incorrectly.
  • The card has expired.

Problems related to the account

  • The balance in the account is insufficient to execute the transaction.
  • The amount of the transaction exceeds the purchase limit set for the card.

Problems in connection

  • The connection was probably broken during the transaction. Please try again later.
  • The transaction failed due to timeout. Please try again later.

Technical problems

  • If you are not returned from the payment page to the website of the merchant/service provider, the transaction failed.
  • If you are returned from the payment page, but you go back to the payment page using the browser’s “back”, “reload” or “refresh” function, the system will automatically reject your transaction for security reasons.

What should I do if payment fails?
For each transaction a transaction ID is generated, which you are recommended to note down. If during the payment attempt the transaction is rejected from the bank’s side, please contact your account-keeping bank.

Why should I contact my account-keeping bank if payment fails?
During card verification the account-keeping bank (issuing bank) notifies the merchant’s bank collecting the amount (the “acquiring bank”) whether the transaction can be executed or not. The acquiring bank is not allowed to disclose any confidential information to another bank’s customer, only the bank that identifies the cardholder has the right to do so.

What does it mean if I get an SMS from my bank about the reservation/blocking of the amount, but the merchant/service provider tells me that payment failed?
This may happen if the card was verified on the payment page, but you did not return to the website of the merchant/service provider. In such case the transaction is regarded as incomplete, hence unsuccessful automatically. Your card will not be debited with the amount in such case, and the reservation is released.


What is VeriSign and the 256-bit encrypted TLS communication channel? 
TLS (Transport Layer Security) is a widely accepted encryption procedure. Our bank has a 256-bit encryption key to protect the communication channel. VeriSign is the company that enables CIB Bank to use the 256-bit key by means of which TLS-based encryption is ensured. Currently this encryption method is used in 90% of all e-commerce transactions worldwide. With the TLS functionality, the browser software used by the customer encrypts the cardholder’s data prior to transmission, and thus the data are sent to CIB Bank in a coded form, which ensures that they cannot be deciphered by unauthorised persons.

After payment my browser warned me that I was about to leave the secure zone Is the security of my payment still guaranteed?
Yes, absolutely. The payment process takes place in a 256-bit encrypted communication channel, so it is completely secure. After the transaction you get back to the merchant’s website, and if the website is not encrypted, your browser will warn you that you have left the encrypted channel. This does not mean that the safety of the payment is jeopardised.

What does CVC2/CVV2 mean?
In the case of MasterCard the Card Verification Code, and in the case of Visa the Card Verification Value, is a coded numerical value on the magnetic strip of the card by means of which the validity of the card can be verified. When shopping online you need to provide the CVC2 code, which is the last three digits of the row of numbers that you’ll find on the reverse side of your MasterCard/Maestro card.

What does “Verified by Visa” mean?
Holders of Visa cards who are registered in the Verified by Visa system choose a password at the issuing bank, with which they can identify themselves when shopping online, and which provides protection against the unauthorised use of Visa cards. CIB Bank accepts cards issued under the Verified by Visa system.

What does Mastercard SecureCode mean?
Holders of MasterCard/Maestro cards who are registered in the Mastercard SecureCode system choose a password at the issuing bank, with which they can identify themselves when shopping online, and which provides protection against the unauthorised use of MasterCard/Maestro cards. CIB Bank accepts cards issued under the Mastercard SecureCode system.

What is the UCAF code?
This is a unique code you may have been given by your issuing bank in the case of a MasterCard/Maestro card. If you did not receive such a code, leave the field blank.