ASSISTENZA CLIENTI

IL MIO ACCOUNT

Methods of payment

Dopo aver inserito i prodotti nel carrello procedi allo step successivo, potrai scegliere la modalità di pagamento che preferisci.

Queste le possibilità:

  • Payment Cards (Credit, Debit and Rechargeable)
    Visa / MasterCard / American Express / Maestro / Postepay

  • Payment on delivery

  • Bank transfer

New Procedures for PostePay

Please note, since November PostePay has introduced a Double OTP Verification for all e-commerce sites, to be done either in the app or via SMS by answering YES to authorize the transaction.

This double verification is often limited to payments from significant amounts, usually from €100 and up.

What is 3D Secure?

3D secure is a secure standard for online payments, maintained by major payment circuits such as Mastercard, American Express, Maestro and VISA (which was the first to make it available, also known as Verified by VISA), and invented by the company Arcot System (now CA Technologies).

Thanks to this technology, a very important thing is possible: a form of protection from frudulent online purchases, such as those made against our will or without our knowledge.

There are four main implementations of 3D securi available in today’s online marketplace:

  1. Verified by Visa from the VISA circuit
  2. MastercardSecureCode
  3. JCB’s J/Secure
  4. American Express SafeKey

 

How can I authorize my Online Purchases with 3D Secure?

How to pay online with 3D-Secure

To give an example, let’s imagine paying online with a PostePay on which the 3D-Secure service is enabled; in this case the operations to be performed will be as follows.

  1. Go to a site on which HTTPS is enabled to purchase a service or product (VISA or VISA Electron credit card payment must be available on the site, in this case).
  2. At this point, we need to select VISA or VISA Electron (American Express / JCB or Mastercard if we use different cards, depending on the brand name on it) as the payment method;
  3. By clicking on continue, we will go to a web page where the card information will be requested, and we will go and copy it from the front and back. Specifically, it is necessary to copy the 16-digit code, the expiration date and the three-digit CVC code on the back.
  4. Now you need to confirm the payment, and (if 3D Secure is active) at this point an intermediate screen will appear that says Verified by VISA (or similar for your card); the payment, as of yet, has NOT been made.
  5. After a few seconds, if the card is yours and it works, you will get a text message on the phone on which you enabled the service earlier (the payment has not yet been made, we reiterate);
  6. Take your smartphone, open the message that came to you, make a note of the code they sent you (it is usually a random 6-digit number), and copy it into the text box inside the page where requested;
  7. at this point you confirm the transaction and, if you have entered the code correctly, the payment will be made and you can return to the merchant ‘s site with the payment made.

 

How can I activate 3D Secure on my card?

3D secure activation

All major cards issued in Italy support 3D-Secure, but requireexplicit activation by the user. Here are some examples we are aware of for what concerns activation proceeds:

Activation of 3D-Secure is, therefore, strongly recommended for all holders of prepaid, debit and credit cards, and otherwise used for online purchases.

3D Secure Mastercard – Mastercard Secure Code: how to activate it?

On Mastercard circuit cards, the possibility of activating 3D Secure is available by following a very simple procedure. Once activated, again we will have activated custom protection linked to our smartphone, so all transactions will have to be authorized through it. The Nexi prepaid card, for example, offers the option of being used through Mastercard SecureCode.

As a first step, one must go to the official site that enables Mastercard SecureCode, and enter all the required data step-by-step, following the directions on the site. At this stage you will be asked for a cell phone number that you own, a working and valid email address, your first and last name (they must match those on the card, as a rule); then you will have to provide your biographical information with first name, last name, address, city, and, finally, you will have to provide your card information (number, CVC, expiration date).

At this point, once you have passed all the various checks, you will need to create your Securecode, then an alphanumeric code that only we know and that will serve, when accepting the payment (when we make the next online payment by card, in essence), will help us understand that we are proceeding in a secure manner and will prevent others from making unwanted transactions.

How Does 3D Secure Work?

How does 3D Secure work?

3D Secure is technically based on the XML format, and requires an authorization request forwarded by a payment card owner to a merchant. Then, through an authentication mechanism known as ActiveAccess, those who are paying will receive a generated and valid one-time OTP or authenticated numeric key, which will be useful to enable the payment in concrete.

In this regard, see diagram shown, taken from Wikipedia, in which we see the main players involved:

  1. the cardholder(Cardholder) can interact directly with the seller(Merchant) by leveraging a protocol called the Interoperability Domain, which guarantees communication and decides the rules;
  2. on the bottom side of the figure, a card-issuing institution(Issuer) pertains to a credit card circuit that the ecommerce payment gateway will refer to;
  3. inside, a complex mechanism makes sure to authenticate the transaction and authorize it so as to issue a unique OTP code that serves to ensure that the payment was indeed authorized by the card owner and holder.

 

3D Secure in practice

On a practical level, 3D Secure prevents attackers from making credit card transactions without our knowledge, limiting instances of credit card scams and phishing, for example. In fact, the 3D Secure system enables an extra level of security for all online transactions, which must (following its activation) be enabled in advance through a unique, randomly generated code sent to the phone associated with the card. Without 3D Secure, in fact, it is enough to know the data on the front of any card to carry out, at least in theory, fraudulent transactions even without any additional data in the cardholder’s name.

All of this will be helpful in limiting the possibility of fraud, such as an attacker who has our card information available and tries to make online movements or purchases without our knowledge.