Rules on the use application

1. General Terms

1.1. These Rules (hereinafter referred to as the Rules) constitute a proposal of IBA Group a.s. (hereinafter referred to as IBA Group) to an mobile device user (hereinafter referred to as the User) to use Mobile tapXphone application (hereinafter referred to as the Application).

1.2. The User’s work with the Application is subject to these Rules and the following documents of IBA Group:

(hereinafter referred to as the “Regulatory Documents”).

1.3. When starting using the Application / its certain functions, the User is deemed to have accepted these Rules and the terms of the Regulatory Documents, in full, without qualification or exception. If the User disagrees with any provision of the Rules and/or Regulatory Documents, the User shall not use the Application.

1.4. IBA Group may, at any time without notice to the User, amend these Rules, and IBA Group may, at any time without notice to the User, amend the Regulatory Documents. The current version of these Rules can be found at: https://tapXphone.com The risk of failing to read a revised version of the Rules and Regulatory Documents shall be borne by the User; continued use of the Application once the Rules or Regulatory Documents were amended shall constitute consent to the revised version thereof.

1.5. The User shall stop using the Application, if it disagrees with any amendments to these Rules made by IBA Group in the manner prescribed by cl. 1.4 hereof.

1.6. The Application provides the User, within the framework of a contract with his acquiring service provider, the ability to accept payments made by Сardholders using bank cards. All currently available functions of the Application as well as any developments thereof and/or newly added functions are subject to these Rules.

1.7. Depending on the payment scheme, to which the bank card belongs, acquiring service provider, the User’s region, any or all functions of the Application can be inaccessible or restricted. The functions are deemed to be inaccessible (restricted) for the User, if such User is unable to use them explicitly. It is prohibited to apply any technical and software-based methods to circumvent these restrictions. The provisions of these Rules governing functions of the Application that are inaccessible (restricted) for the User shall not be applied until such functions become explicitly accessible for the User.

1.8. By using the Application, the User gives its consent to receive advertising messages.

1.9. IBA Group does not guarantee that Application will work without interruptions, promptly, sustainably and without errors.

1.10. IBA Group does not responsible for a complete stop of the Application that arose as a result of actions taken by the acquiring service provider.

1.11. The Application can only be used on mobile devices running the Android 8.0 operating system and higher (but strong recommendation to use Android 10.0 or higher, due to the fact that Google stopped supporting Android 8 and 9), that equipped with NFC interface (NFC module with an antenna are native to and embedded in a an mobile device) and supported Google Play services.

1.12. The User independently bears the risk for the quality of the used mobile device, its hardware components, which can lead to errors, interruptions in work, slow and low-quality operation of the Application or its individual components and / or functions.

1.13. The User is notified that the IBA Group can stop using the Application on mobile devices on which operating systems that do not meet the requirements are installed:

  • international payment systems Visa and Mastercard within the framework of the programs "Tap to Phone" and "Tap on Phone" solutions, respectively;

  • Payment Card Industry, as part of the Contactless Payments on Commercial Off-the-Shelf program

and that have hardware components that create vulnerabilities in the use of the Application.

1.14. The User understands that IBA Group may temporarily or completely stop the use of the Application on mobile devices, the state of which or because of the actions of the User creates a threat to secure payment acceptance.

1.15. If the User suspects that an unauthorized access to a mobile device or mobile application has occurred, as well as in the case the mobile device is lost or stolen, the User must report the incident to the aсquiring service provider.

2. User authentication function and MPIN changing

2.1. The User may be able to access the authentication function by login and password (hereinafter referred to as “MPIN”), in which case the User must enter the appropriate details.

2.2. At the first login, the Application may suggest to change the default MPIN. The User can skip this step and change the MPIN later.

2.3. The User shall be responsible for security (resistance to selection) of the password of access to User’s account, and also ensures it confidentiality. The User shall be responsible for any actions (and their consequences) in and with Application through the User’s account including voluntary transfer by the User of information required to access the User account to third parties on any conditions (including by contracts or agreements). Any actions in or with Application performed through the User’s account shall be considered done by the User.

3. Mobile device initialization function

3.1. In order to use the Application / its certain functions, the User must pass the initialization procedure for registering User’s mobile device and activating it as a payment terminal for banking cards.

3.2. In order to successfully complete the registration of a mobile device and activate it as a payment terminal, the User needs to enter a verification code in the verification form. The way the User receives the verification code is determined by the acquiring service provider.

4. Function of Contactless Payment

4.1. Before accepting a cashless payment, the User is required to enter the payment amount. To make a payment, the User must suggest the Consumer (hereinafter referred to as “Cardholder”) to tap a contactless bank card to the side of the mobile device on which the NFC module with the antenna is located.

4.2. The User must request Cardholder verification by the Personal identification number (hereinafter referred to as “PIN code”) entering if the amount of the payment exceeds the relevant limits established by the acquiring service provider. In this case:

4.2.1. the User must give the mobile device to the Cardholder to enter the PIN code using the virtual keyboard;

4.2.2. before Cardholder enters PIN code, the User must pay his/her attention to the fact that for security purposes a keyboard with a random arrangement of digits is used, as well as to be careful so that there are no third parties nearby who can spy on the entered data. For this, the Cardholder can be recommended to cover the screen with his/her hand when entering data;

4.2.3. the User must monitor the timely entry (without long pauses) of the PIN code by the card holder;

4.2.4. the User is prohibited from:

• to require the Cardholder to provide a PIN code; • to look at the input data; • to take an external photo, video shooting of the process of entering a PIN code;

4.2.5. if the Cardholder refuses to enter the PIN code or the Cardholder makes long pauses during entry, the User or Cardholder must interrupt the operation.

4.3. Depending on the established permissions by payment systems, the User may be able to make a cashless payment by entering the details of a bank card. In this case:

4.3.1. the following card details are indicated:

• Personal account number (hereinafter referred to as “PAN”); • expiration date.

4.3.2. the User must give the mobile device to the Cardholder to enter the card data using the virtual keyboard;

4.3.3. before the Cardholder enters card data, the User must pay his/her attention to the fact that for security purposes a keyboard with a random arrangement of digits is used, as well as to be careful so that there are no third parties nearby who can spy on the entered data. For this, the Cardholder can be recommended to cover the screen with his/her hand when entering data;

4.3.4. the User is prohibited from:

• to require the Cardholder to provide the card data (except for the data necessary for reconciling information with a receipt); • to look at the input data; • to take an external photo, video shooting of the process of entering a card data;

4.4. The Application may allow the User to send a receipt, with the payment result send to the mobile phone number, email address of the Cardholder or display it on the screen of the mobile device.

4.5. The User must verify the card information on the receipt on the screen of the Application with the data on the card (first 6 digits and last 4 digits of PAN).

5. Reversal and refund functions

5.1. The payment cancel operation (hereinafter referred to as “Reversal”) by the User can be performed before closure of a shift in the following cases: • by the Cardholder’s initiative; • an error was made when the sum was entered, but the transaction has been over; • data mismatch in the card and in the identity document (name and surname); • the card number in the receipt differs from that indicated in the card.

5.2. Operation “Refund” by the User can be performed, in case if a Cardholder returns the article/service paid with the use of the card already after the end of a shift, or if only a part of the amount should be refunded to the Cardholder for the fulfilled transaction. Being so, the mandatory condition of the aforesaid transaction performance includes reconciliation of the card number (first 6 digits and last 4 digits of PAN), which will be used for fulfillment of this transaction with the card number in the check for the respective payment transaction.

5.3. If the operation Reversal or Refund was rejected due to any reason, in this case an attempt of transaction performance should be repeated, or the required sum should be return by another form of payment (for example, in cash).

6. The end of a working shift (business day) function

6.1. Viewing the list of completed transactions in the current work shift can be done by the User using the Application.

6.2. According to the results of operations performed per day (shift), the User must close the business day (shift), as a result of which the electronic registry of operations will be sent to the processing center.

IBA Group a.s 2583/13 Petrzilkova St., Prague 5, 158 00, Czech VAT No. CZ27365824

Publication date 06/01/2020

Last updated