All the reliability and information required for your business
Discover the Nexi tools and services that make your purchases secure, and that keep you updated on benefits and informed of the latest news.
By activating the Email Alert service from your Nexi Private Customer Reserved Area, you will receive an email, as often as you like, with information on the available credit of your Card and the latest transactions made.
You can activate the free notification service from the Nexi Pay App to receive a notification every time you spend more than € 2.00 with your payment card. The App notifications allow you to constantly monitor purchases made with your Card and immediately report to Customer Services any purchases that you do not recognise and request the immediate blocking of the credit or prepaid card by simply touching the screen of your smartphone.
To activate the app notification service, you should first register for the Text Alert service from your computer so that the service will also work abroad if you are not connected to the internet or if your mobile device goes into roaming.
With the free Text Alerts and information services:
- Receive a Text Alert every time you make a payment with your credit card for a higher amount than the amount you set and keep your spending under control, if you have any transactions you don’t recognise as yours you can contest the charge, and once Nexi has carried out the necessary verifications, you will be refunded the sum by bank transfer
- Request, with a text message, information on the Card’s latest transactions, the balance and the available credit
- See, if you have subscribed to #iosi, your updated #iosi points.
If you are registered for the 3D Secure service, you will receive a text, on the mobile phone number you registered for the text services with the security code to be used to confirm online purchases. To activate the free information text services, log in to your Private Customer Reserved Area and activate the service.
3D Secure is the Visa (Verified by Visa) and Mastercard (Mastercard SecureCode) system that protects your online purchases.
The 3D Secure service provides extra protection against the fraudulent use of your credit card for online purchases.
Even if you do not usually make purchases online, registering for the 3D Secure service protects your Card from being used for online payments without your knowledge.
You can activate the 3D Secure service online from the Nexi reserved area* after having subscribed to the text information services.
The activation process is quick and easy: set your authentication phrase and enter your mobile phone number with which you registered for the text services.
You can change your authentication phrase at any time by accessing the reserved area and following the instructions.
You can activate 3D Secure on all your Cards. If you have more than one Card, subscription to the service is required for each Card.
How does 3D Secure work
When you shop online, after having inserted the data requested by the retailer for the payment, the authentication phrase, set at the time of activation of the 3D Secure service, will be displayed in a window and you can be sure that you are on a secure 3D Secure certified website.
At the time of payment, if foreseen by the system, you will receive a text from Nexi to the mobile number registered upon activation of the Text Alert service with the dynamic 6-digit security code, usable only once, to be entered online to complete the purchase.
*If you reside in the Republic of San Marino and have a Nexi card, you will have to go to a tax office in Italy (Agenzia delle Entrate), request a tax number and notify Nexi Customer Services to be able to register for the reserved area. After about two days, you can register on the reserved area and activate the text and 3D Secure fraud protection services.
The CV2 security code (CVV2 for Visa, CVC2 for Mastercard) is the last 3 digits on the back of the credit card.
All retailers who sell at a distance (online, telephone and mail order) are obliged to request the CV2 code at the time of payment and destroy it as soon as the request for authorisation has been made.
Requesting the CV2 code offers a more effective guarantee that the person who is paying is actually in the possession of the credit card, contributing to a reduction in fraud.
Phishing is an illegal practice carried out by fraudsters (phishers) who, by sending emails similar in content and graphics to emails from well-known companies, attempt to steal confidential, sensitive data (access codes, credit card numbers or other personal information) through links to websites similar to the real sites.
In order to protect yourself, make sure your browser is up-to-date by checking the website of the Company that produces it for updates. If it is not up-to-date, download and install the updates. In addition to upgrading your browser, you should always use licensed, regularly updated software, antivirus software and a toolbar with a free anti-phishing filter.
Finally, regularly check your statements to make sure that you actually made the transactions shown. If you did not, contact Nexi Customer Services immediately.
How to recognise a phishing email
Phishers create emails almost identical to emails from well-known institutional websites, leading the unsuspecting user to fall into the trap. To evaluate the reliability of an email, follow these rules carefully:
- Email address sender suspicion: beware of unsolicited emails with very long email addresses containing unusual characters and that do not have @nexi.it in the address. Beware of any emails asking you for confidential data regarding payment card codes, home banking access codes or other personal data
- Errors in the text of the message: formatting, grammar or translation. Often the emails sent regularly by companies are altered by phishers and contain links to clone websites where the user will be asked to enter personal data. Frequently grammatical, formatting or translation errors are made in these messages (phishers often operate in foreign countries). Therefore, it is a good idea to read the text of the email: the presence of even a small mistake should raise suspicions
- Links to external pages: in Nexi institutional emails, there are no links to external pages and applications where the user is asked to enter sensitive data and access credentials
- Other possible errors: check whether the Nexi company name has been used correctly. You can check if the company name is correct on the site www.nexi.it.
How to recognise a phishing website
If a phishing email has been written particularly well, you could be persuaded to click on the link and find yourself on a website that is identical to the one you were expecting to find. Some valuable advice to avoid unpleasant surprises if you are prompted to enter data:
- Anti-phishing Toolbar Alert: normally we are very careful, trawling the internet with advanced IT tools, looking for clone websites of potential harm to our Customers. We report suspect websites (sometimes because our Customers have notified us), so that toolbars with anti-phishing functions (in this case Google Toolbar) can notify users. Therefore, it is very important that you install a toolbar with anti-phishing features on your browser.
- Counterfeit website address: it is very important to check the website address of the page the link takes you to. Even if the website has been counterfeited by an expert phisher, in most cases the address is the aspect that should alert you to not enter personal information. A website address that is different from what you expect to see is a sure sign of a serious problem.
How do you recognise a potentially dangerous website address? It must start with "https": which means that the site uses secure protocols for the management of personal data.
A secure site is certified for data management security protocols, and always displays, in the bottom right of the browser window, the padlock icon, proof that the site is secure. Beware of sites requesting the insertion of sensitive data (login or password, credit card number or other personal data) that do not display the padlock icon; data entered can be stolen easily.
To be sure of the reliability of the website, double click on the padlock icon; a certificate will help you to verify if the security credentials are those of the site you are visiting.
Let us know about phishing
Phishers are becoming more skilful at creating websites and writing emails so similar to the originals that sometimes even the most careful user can fall into their trap. If you think you may have entered your data on a counterfeit website write to firstname.lastname@example.org, specifying in the text the address of the site and enclose the text of the email you received.