FAQs

• What is the Safe@Web service?

  The Safe@Web is a service offered by Bank of Cyprus which adds security to your online purchases, by authenticating your identity at the time of a purchase via the 3D Secure Technology platform. The platform has been developed by Visa and Mastercard and is called (a) Visa Secure and (b) Mastercard® Identity Check™ service. The Safe@Web service applies to online purchases made at merchants participating in the Visa Secure and/or Mastercard® Identity Check™ services.

• How does the Safe@Web service work?

  When you make purchases online, you will be required to enter your card number, expiry date and CVV2 the CVV ("Card Verification Value") is a 3-digit number at the back of VISA and Mastercard cards}. Subsequently, a Safe@Web screen will appear where you will be requested to authenticate yourself. Choose one of the following two authentication methods:

  a) OTP via SMS in combination with your Internet Banking passcode: In the case of this method, an OTP is generated by the Safe@Web system and sent to your registered mobile number. You will be required to enter this OTP in the designated box on the Safe@Web screen. Subsequently, you will need to enter your Internet/Mobile Banking (1bank) passcode to complete the transaction.

  b) Authentication via BoC Mobile Banking App: In the case of this method, you will receive a Push Notification on your registered trusted device, that has the BoC Mobile App installed, with the details of the transaction. Then you will be requested to confirm your transaction details, and if you agree and acknowledge the transaction, you must select “Accept” to proceed. In order to use the authentication process, you must be a registered subscriber to the Internet/Mobile Banking (1bank) service.

• Do I need to accept the Safe@Web service Terms and Conditions?

  It is not required to accept the Safe@Web Terms prior to making a transaction through the Safe@Web service. By confirming your transaction through the Safe@Web service, you agree that you have read, understood and accepted the Safe@Web Terms & Conditions.

• Do I need to register my card at Safe@Web?

  All cards issued by Bank of Cyprus are automatically enrolled and participate in the Safe@Web service. It is not required to register to the service prior to using the card online.

• Can I opt-out from the Safe@Web service?

  No, you cannot. All online transactions made by the Bank of Cyprus cards at merchants that participate in the Visa Secure and Mastercard® Identity Check™ service require authentication with the use of Safe@Web. However, you may still make online purchases from merchants that do not participate in the Visa Secure and Mastercard® Identity Check™ service.

• Do I need to apply for a new card in order to use the Safe@Web service?

  No. You are able to use any of your existing Bank of Cyprus cards.

• How are transactions authenticated with the use of ‘OTP via SMS’, in combination with the Internet/Mobile Banking (1bank) passcode?

  The OTP will be sent to the mobile number you have registered with the Bank. You will be required to enter this OTP in the designated box on the Safe@Web screen that will appear automatically. You will then need to enter your Internet/Mobile Banking (1bank) passcode on the next screen to complete the authentication of the transaction.

• What is required in order for transactions to be authenticated via the Bank’s Mobile Banking App?

  You will need to download the Bank’s Mobile Banking App and enable the Push Notifications on your trusted mobile device. ‘Activation of Notifications’ in the ‘Security & Digipass’ settings on the app will be enabled automatically. For more information regarding the BoC Mobile Banking App, please visit www.bankofcyprus.com.cy

• How does authentication via BoC Mobile Banking App work?

  If you are a registered Internet/Mobile Banking (1bank) subscriber and a user of the Bank’s Mobile Banking App, and you have enabled the ‘Activation of Notifications’ option in ‘Security & Digipass’ settings of the Bank’s Mobile App, 4 then the ‘Authentication via BoC Mobile Banking App’ option will appear on your mobile display. By selecting “Continue”, you will receive a Push Notification on your mobile phone or other communication device that has the Bank’s Mobile App installed. By selecting “Push” or by opening the App, your transaction details will appear. Once you confirm the transaction details and select “Accept” on your mobile’s display, the transaction is forwarded to the Bank for authorization.

• Why is authentication not required for certain transactions?

  For merchants that do not participate in the Visa Secure and/or the Mastercard® Identity Check™ service, you will not be required to authenticate yourself. Sometimes, even for merchants that participate in the Visa Secure and/or the Mastercard® Identity Check™ service, for a small percentage of transactions, you may not be asked to authenticate yourself and the transactions may be forwarded for authorization directly.

• Why might a transaction be declined prior to authentication?

  For a small percentage of transactions, a transaction may be declined even prior to authenticating yourself, for security and prevention purposes. Should this occur, it does not necessarily mean that any subsequent authentication requests you make will be declined as well. For more information, you may contact the Call Centre at 800 00 800 (+357 22 128000 for international calls) during the working hours.

• What should I do if the displayed mobile number is incorrect?

  If the authentication method you use is ‘OTP via SMS’, in combination with your Internet/Mobile Banking (1bank) passcode, and the mobile number is incorrect, or you wish to register a different number, please contact your servicing branch.

• What should I do if I do not receive the SMS that contains the OTP?

  If you have not received the SMS that contains the OTP and you are sure that the masked displayed mobile number is correct, then maybe this is due to a system error or due to a delay from the telecommunications side while sending the SMS to your mobile number or due to a dysfunction of your mobile. Please click on “Resend SMS OTP (Code)” to try again. If the problem persists and you 5 are certain that your mobile is functioning properly and your mobile SMS settings are correctly configured, please cancel the transaction and contact the Call Centre at 800 00 800 (+357 -2128000 for international calls) during the working hours.

• Does the OTP expire?

  Yes. The OTP has a temporary validity timespan after which it expires and cannot be used. In that case, please select the ‘Resend SMS OTP (Code)’, to receive a new OTP.

• What should I do if I do not receive a Push Notification on my Mobile Device?

  If you do not receive a Push Notification on your Mobile Banking App, then this could be either due to incorrect settings on your mobile device or due to a system error. In that case, please exit to the merchant checkout page, and try again. If the problem persists and you still do not receive a Push Notification on your mobile device, contact the Call Centre at 800 00 800 (+357 22 128000 for international calls) during the working hours.

• What if I do not agree with the transaction details displayed during the authentication process?

  If you use the ‘OTP via SMS’ in combination with the Internet/Mobile Banking (1bank) passcode and you do not agree with the transaction details presented on the Safe@Web screen, do not enter the OTP in the designated box and press ‘Exit’. The authentication process will be terminated. If you use the ‘Authentication via BoC Mobile Banking App’ method and you do not agree with the transaction details presented through the Mobile Banking App, press ‘Reject’ on the Mobile Banking App and the authentication process will terminate