Nearest branch
Download the NovaPay app Nearest branch
0 800 30 79 79 For Individuals 0 800 30 49 49 For business

Security of online payments

Electronic payment systems such as Google Pay or NovaPay invest considerable resources in making cashless payments convenient and secure. That’s why paying for goods and services online is as safe as paying with paper money at a cash desk. It’s even safer because you don’t risk getting the change with counterfeit banknotes.

However, when a bank cardholder personally gives criminals access to his or her account, financial companies’ efforts are in vain. Just like with cash, secure online payments require the payer to be careful and follow certain rules.

How to pay online by card safely

We asked NovaPay information security specialists about this. Here are their tips.

1. Get a separate card for online payments

Ukrainian banks offer instant virtual card issuing, so this will not be a problem. Top up your card when you plan to make online payments – transfer the required amount just before making a purchase.

2. Refuse the purchase if the store's website does not have a secure connection

How to check it? A lock should be next to the website address , and the address itself should start with 5 letters “https://“. The most crucial letter here is “S“, which means “secure”, i.e. a secure connection. Depending on your computer’s or smartphone’s settings, you may see either a padlock or “https://“. Оn a secure site one of those things will be for sure.

Modern browsers can identify untrustworthy sites and warn users when payment authorization is requested.

It will be helpful to check suspicious sites through the Stop Fraud services from the Cyber Police and the EMA “blacklist”.

3. Limit online payments to a certain amount

Set a limit for online payments. The amount should be calculated based on your own number of online payments.

4. Refuse automatic recurring payments

Read the terms and conditions you agree to when making a payment. They may include repeated charges to your card, even if it’s not obvious at the time of purchase.

Enable notification of payment card transactions via SMS and push notifications in the application on your smartphone.

5. Avoid phishing sites

Attackers create copies of official websites to fraudulently obtain payment data from users’ bank cards. Pay attention to the website address, not just its appearance.

6. Provide only the necessary information

To pay online, you need to enter your card number, expiration date, and CVV2 code (three digits on the back of the card). Some stores, primarily foreign ones, may ask for the cardholder’s name. All other information, such as date of birth or mother’s maiden name, etc., is not required for payment. If the site asks for them, you’re dealing with fraudsters.

We also want to remind you that the CVV2 code should be indicated only in online payment forms. Do not disclose it to anyone, not even a bank or security officer.

7. Never disclose your card's PIN on the Internet

The PIN is used in ATMs. For online payments, you only need:

  • card number;
  • expiration date;
  • CVV2 code (three digits on the back).

If the website supports 3D-Secure technology, you need a one-time password sent via SMS, Viber, or your bank’s mobile application.

8. To transfer money, provide the payer with only your card number

Occasionally, your last name, first name, and patronymic are required.

The card expiration date, CVV2 or CVC2 codes on the back, and one-time passwords from bank messages are never required to credit funds to your account. Keep them confidential.

9. Protect the phone number linked to your bank account

The mobile number to which the cards are linked should be removed from social networks. Do not use it in ads under any circumstances. The fewer people know it, the better.

Link the number to your name or transfer it to a contract service. Prohibit remote SIM card replacement. Register an online account on the mobile operator’s website to manage your number remotely.

How to shop online safely with Nova poshta

NovaPay is a part of the NOVA Group of companies. We support payments for parcels in branches, on the website, and through the Nova poshta mobile application. We transfer money when you choose cash on delivery. So, the security of online shopping is our concern.

Here are some tips on how to pay for your online purchases safely if Nova poshta delivers your goods.

  • Pay for the shipment only on the official website https://novaposhta.ua/. If the seller sends you another payment link, be sure it is a scam. Never leave your payment card details on other websites.
  • Only on the Nova poshta official website and mobile application can you find out whether an invoice has been generated for your order or where the parcel is now.
  • Be suspicious of trading platforms whose prices are much cheaper than similar offers.
  • Keep codes and passwords to your personal account on the website and mobile app secret. Do not disclose them even to Nova poshta employees: this information is not required for payment or checking shipments. If an unauthorized person finds out your passwords, they can even access your money.

 

  • Create a unique password for Nova poshta services and do not use it on other websites. Do not use common passwords such as “qwerty”, “1234567”, etc.
  • Do not give unauthorized persons copies of your documents. According to the financial monitoring requirements, Nova poshta employees scan documents only if you pay more than UAH 5,000 in cash. If someone asks you for photocopies of your documents to place or send an order, they are fraudsters.
  • Nova poshta never holds parcel auctions. Such ads are 100% fraud.
  • You can read a full list of tips on how to use Nova poshta services safely on the company’s website in the “Tips for customers” section.
If you accidentally disclose your payment card details to fraudsters, immediately contact the bank's support and block the card. The hotline number is printed on the back of the card and is also easy to find on the official website.
If you have contacts or any information about a person who tried to obtain sensitive information about payment instruments or sent a link to a phishing site, social media page, or fake mobile application, please report this data to the Cyber Police at 0 800 505 170 or on the website: ticket.cyberpolice.gov.ua.

This website uses cookies, which help us improve it. By staying on the website, you agree to its cookie use.

Accept