2023-04-12 12:43:25.0

NBS warns of unauthorised production of replacement payment cards

With reference to the offers published on social networks and websites concerning the production of payment cards against metal background and with different design, by transferring security features of existing payment cards issued by authorised banks, the NBS cautions the users of payment cards issued in Serbia not to leave their cards to third persons or replace the existing cards with new ones with changed design and material.

Such services induce users to act contrary to contracts and expose them to additional risks, while at the same time infringing the rights of payment service providers, intellectual property rights and payment card system rules. The security of issuance and use of payment cards is one of the most important aspects of payment card operation, which is why standards, rules and procedures are applied and adhered to by all participants in the system.

Pursuant to the Law on Payment Services, payment service users must use a payment instrument in line with the contracted conditions governing its issuance and use. The payment instrument issuer must also specify in the master agreement concluded with the payment service user (which also includes the use of payment cards) the measures that the user must undertake to protect the payment instrument, and the manner of informing the payment service provider about the loss, theft or abuse of the payment instrument.

By sending his payment card to a third person, the user may act contrary to obligations stipulated by the Law (use of the payment card in line with prescribed and contracted conditions, protection of security features and information about the theft or abuse of the payment instrument) as he thus shares the personalised security features of that instrument, important for its use, which is why he may bear responsibility for potential abuse.

A user would therefore bear full responsibility for damage inflicted to him by potential abuse of the payment card. In place is the unauthorised production of payment cards, which may lead to other abuses that may arise due to intentional giving of one’s payment cards and the card data.

To support users, the NBS reminds them of safe usage methods. For the sake of maintaining confidence and security of this cashless payment instrument, the NBS advises users of the following:

  • Payment cards are a means, i.e. instruments of payment, and should be kept and used accordingly. A card can be used exclusively by the person whose name is printed on the card, apart from cases of special types of cards, such as pre-paid gift cards, when the user’s name is not printed on the card.
  • After receiving an envelope with PIN, this number must be remembered. PIN must be known only to the card user, who should not say it to anyone else. PIN should in no way be written down on the card nor should it be carried together with the card (e.g. in the wallet). When taking money from an ATM, it is recommendable that the user covers the keypad with his hand while typing his PIN.
  • In case of the card theft or loss, the card issuer should be informed thereof in the shortest time possible. The issuer will immediately block the card and eliminate the possibility of its unauthorised use. The card user carries the risk of potential abuse arising until the moment of reporting the card theft/loss up to the amount defined by valid regulations. If he subsequently finds the card reported as stolen/lost, the user must not use it and is required to return it to the issuer.

Rules of online card usage:  

  • One should always check whether the website containing the form for entering card data begins with “https”;
  • During payment, one should always carefully read all notifications and messages appearing on the screen as these messages should never be neglected or closed without prior reading;
  • PIN is not needed for online payments; even if PIN is requested, one should never enter it as it is probably an abuse attempt;
  • The card should never be photocopied or multiplied, and the data on the card used for online purchases – name, surname, card number, date of expiry and CCV code on the back should never be sent to anyone by email (or otherwise in writing).

Payment System Department