1. General Provisions
CNP Processing GmbH pays great attention to the issues related to
The aim of the
2. Information Storage and Usege
The system of CNP Processing GmbH stores information that requires being saved for the operation of the system. Such information is not subject to disclosure, unless disclosure is required by competent governmental agencies in case of initiation of any civil or criminal proceedings related to such information.
In order to pay for goods and services with a payment card you need to provide your CVV2/CVC2 code (it is printed on the back side of payment card). CVV2/CVC2 code is not stored in the CNP Processing GmbH system and is not subject to disclosure. Under no circumstances you are required to provide your PIN code.
CNP Processing GmbH system also collects data on IP address you use to visit www.processing.kz web site, duration of your visit, type and version of your browser and operating system.
Such information is used by our monitoring system for identifying and blocking possible unauthorized transactions with your payment card.
Collected information may be used for marketing purposes or for performing statistical analysis aimed at optimization of the work of CNP Processing GmbH payment gateway. Information handled by our employees may then be disclosed to third parties. CNP Processing GmbH Company does not collect data on web sites visited by you before or after visiting our site.
3. Information security
Employees of CNP Processing GmbH Company sign an Agreement on Trade Secrets
PCI DSS (Payment Card Industry Data Security Standard)
Payment Card Industry Data Security Standard is a document that describes the rules for ensuring cardholders information security upon processing, transmission and storage. This standard was created by international payment systems Visa and MasterCard. The company is audited annually in accordance with the requirements of PCI DSS compliance audit established by the international payment systems. PCI DSS contains detailed requirements for information security, divided into 12 thematic sections. CNP Processing GmbH complies with all the requirements of PCI DSS.
Secure Sockets Layer (SSL)
CNP Processing GmbH uses SSL protocol ensuring secure transmission of data over the Internet.
Secure channels used for exchange of encrypted information between the server and client for prevention of interception and distortion of information in the process of transmission ensure enhanced security of online payments.
Three-Domain Secure ( 3-D Secure)
VbV Secure Code reduces risk of fraud almost to zero through authentication of cardholders, which is performed on a special server of issuing bank. Authentication of buyers is performed with a special code known only to cardholder. Thus number of card alone is not enough to make payment. Additional security of transmission of data over the Internet is ensured by SSL encryption protocol.
- Buyer chooses goods and services on online store’s website. Online shop directs him to secure payment page of Processing.kz. Buyer enters data of his payment card and initiates process of payment for goods or services;
- Processing.kz. sends an enquiry to payment system to verify whether buyer’s payment card is covered by
3-Dsecure program. If card is covered by the program, buyer is directed to the special authentication server of issuing bank (bank that issued buyer’s card). On the server of issuing bank buyer enters his personal 3-Dsecure password, which is known only to him.
- Issuing bank verifies buyer’s (cardholder’s) personal password;
- In case of successful authentication Processing.kz initiates request for authorization of purchase made by buyer on online store’s website through one of the acquiring banks. Transactional request specifies payment card’s data, purchase sum, currency and results of
3-DSecure authentication of buyer;
- Acquiring bank redirects transaction for authorization to issuing bank through payment system (Visa, MasterCard);
- Issuing bank authorizes request, blocks purchase amount on buyer’s account and sends confirmation of successful authorization to acquiring bank;
- Acquiring bank sends confirmation of successful authorization to Processing.kz processing center;
- Processing.kz sends confirmation of successful completion of the process to online shop. Online shop can send goods or provide services to buyer.
Merchant's website Acquiring bank
Issuing bankа Directory VbV/ Payment system Secure Code (Visa/MasterCard)