Online Payments Security
Online Payments Security
Dear Schools and Parents,
With more and more transactions processed online every day, there is an ever increasing need to remain vigilant when making payments online. We at SchoolMoney feel it is important to inform our users of the safety measures implemented on the system and some of the steps we’ve taken to provide our users with a safe, secure, and reliable experience when making payments. Below we have outlined steps that we would advise you to take should anything suspicious occur during your experience.
Should your card be declined we would advise you to take the following actions:
Verified by VISA / Mastercard SecureCode and 3-D Secure requests
When you make a card payment online, after entering your card details you are presented with a Verified by VISA page, or if using a Mastercard, you will be taken to a MasterCard SecureCode page. These are the schemes’ proprietary 3 Domain Secure (aka 3-DS or 3-D Secure) services.
3-DS provides an additional layer of security for eCommerce transactions prior to authorisation and fulfils the requirements of the latest Payment Service Directive (PSD2) through Strong Customer Authentication (SCA). The three parties involved in the 3-DS process are:
And, when necessary, the consumer will be asked to validate that the transaction is being initiated by the rightful owner of the account. 3-DS does this by supporting the requirements of the SCA, where two of the three requirements below must be met:
Through using EMV® 3-D Secure (formerly known as 3DS 2.0) to authenticate Card-Not-Present transactions. PSD2 SCA can be fulfilled.
You should never be asked for an ATM PIN.
3-DS will never ask for your card’s ATM PIN.
If you are prompted to enter an ATM PIN or anything other than a username or password, DO NOT enter anything. This will ensure that your money and bank details remain safe.
Take a screenshot of the page before closing it and delete the entry from your browser history.
Log out of the SchoolMoney system and close your browser completely.
Please choose another time and possibly another device to make the payment.
Following the above steps will ensure that your bank details and money remain safe.
Next, contact your Issuing Bank to report what happened.
This ATM PIN request is linked to a phishing attack and likely occurred through clicking on an unsecure or malicious link, pop-up or email un-related to SchoolMoney on your device recently.
The phishing attack is not caused by using SchoolMoney and is a standalone incident targeting your device alone. However, this does not mean your device is at risk. This situation is rare and unfortunately is not something that can be resolved by SchoolMoney or their partners.
Devices at risk include mobile phones, tablets, laptops and computers.
If you have any questions, please contact firstname.lastname@example.org
More information about 3-DS can be found via the following links: