CNP Processing GmbH pays great attention to the issues related to non-disclosure of information. According to the Company’s policy payment cards data and clients’ personal data are confidential.
The aim of the Non-Disclosure Policy is informing our clients on which data is stored at the moment of web-site visit, when and for which purposes such information may be disclosed to third parties. This Non-Disclosure Policy applies to www.processing.kz web site and online services of the systems
Non-Disclosure Policy is applied only to the CNP Processing GmbH system, but not to the companies and organizations linked with www.processing.kz web site.

The system of CNP Processing GmbH stores information that requires being saved for the operation of the system. Such information is not subject to disclosure, unless disclosure is required by competent governmental agencies in case of initiation of any civil or criminal proceedings related to such information.
In order to pay for goods and services with a payment card you need to provide your CVV2/CVC2 code (it is printed on the back side of payment card). CVV2/CVC2 code is not stored in the CNP Processing GmbH system and is not subject to disclosure. Under no circumstances you are required to provide your PIN code.
CNP Processing GmbH system also collects data on IP address you use to visit www.processing.kz web site, duration of your visit, type and version of your browser and operating system.
Such information is used by our monitoring system for identifying and blocking possible unauthorized transactions with your payment card.
Collected information may be used for marketing purposes or for performing statistical analysis aimed at optimization of the work of CNP Processing GmbH payment gateway. Information handled by our employees may then be disclosed to third parties. CNP Processing GmbH Company does not collect data on web sites visited by you before or after visiting our site.

Employees of CNP Processing GmbH Company sign an Agreement on Trade Secrets Non-Disclosure. Access to critical information (such as technical data on transactions or clients) is provided only to employees, who have a real necessity of such information for payment gateway operation. CNP Processing GmbH is audited by external auditors annually for compliance with standard of security of critical data storage and handling (PCI DSS Certificate).

PCI DSS (Payment Card Industry Data Security Standard)

Payment Card Industry Data Security Standard is a document that describes the rules for ensuring cardholders information security upon processing, transmission and storage. This standard was created by international payment systems Visa and MasterCard. The company is audited annually in accordance with the requirements of PCI DSS compliance audit established by the international payment systems. PCI DSS contains detailed requirements for information security, divided into 12 thematic sections. CNP Processing GmbH complies with all the requirements of PCI DSS.

Secure Sockets Layer (SSL)

CNP Processing GmbH uses SSL protocol ensuring secure transmission of data over the Internet.
Secure channels used for exchange of encrypted information between the server and client for prevention of interception and distortion of information in the process of transmission ensure enhanced security of online payments.

Three-Domain Secure (3-D Secure)

3-D Secure technology is a unique security system used for making payments for goods/services in online shops. It is a part of global Verified by Visa (VbV)/MasterCard Secure Code program. VbV Secure Code enables you to make payments in real time, providing additional security for your transactions.
VbV Secure Code reduces risk of fraud almost to zero through authentication of cardholders, which is performed on a special server of issuing bank. Authentication of buyers is performed with a special code known only to cardholder. Thus number of card alone is not enough to make payment. Additional security of transmission of data over the Internet is ensured by SSL encryption protocol.

• Buyer chooses goods and services on online store’s website. Online shop directs him to secure payment page of Processing.kz. Buyer enters data of his payment card and initiates process of payment for goods or services;
• Processing.kz. sends an enquiry to payment system to verify whether buyer’s payment card is covered by 3-D secure program. If card is covered by the program, buyer is directed to the special authentication server of issuing bank (bank that issued buyer’s card). On the server of issuing bank buyer enters his personal 3-D secure password, which is known only to him.
• Issuing bank verifies buyer’s (cardholder’s) personal password;
• In case of successful authentication Processing.kz initiates request for authorization of purchase made by buyer on online store’s website through one of the acquiring banks. Transactional request specifies payment card’s data, purchase sum, currency and results of 3-D Secure authentication of buyer;
• Acquiring bank redirects transaction for authorization to issuing bank through payment system (Visa, MasterCard);
• Issuing bank authorizes request, blocks purchase amount on buyer’s account and sends confirmation of successful authorization to acquiring bank;
• Acquiring bank sends confirmation of successful authorization to Processing.kz processing center;
• Processing.kz sends confirmation of successful completion of the process to online shop. Online shop can send goods or provide services to buyer.

                                                                                                Merchant's website                                                                           Acquiring bank

Shopper

                     Issuing bankа                      Directory VbV/                            Payment system                                                                       Secure Code                             (Visa/MasterCard)