Contact us
Search
Close this search box.

Category: Security

Posted on

Basic safety information

Because we work with corporate finances, it is important to respect certain security rules.

Safety Ten Commandments

We’ve put together a safety ten to help you navigate your way to a safer zone.

Ten Commandments of the Fidoo Card Security

Secure login

Logging in to our web and mobile app has several features that enhance the overall security of your business finances.

  1. Two-factor login – combines login with a username and password, plus an SMS code.
    Two-factor login to Fidoo
  2. Biometrics – login with fingerprint, TouchID or FaceID.
    TouchId to Fidoo

Mobile app

  • Another great security feature is the Fidoo mobile app itself.
  • You receive a push notification every time you make a card payment or ATM withdrawal.
  • You can lock or block Fidoo cards directly in the app.

You can find the mobile app on Google Play or the App Store. The app is free.

Download the Fidoo mobile app

Security FAQs

Yes, you will. Strong authentication for login only requires the receipt of an SMS message, which any mobile phone can handle.

  1. Enter your login details in the login window and confirm with the Login button. A new window will appear to enter the six-digit authentication code (shown below).
  2. Enter the six-digit code you received on your mobile phone and activate the Login without SMS verification for 90 days button on this device by clicking on it below the fill-in field.
  3. Confirm with the Confirm button and the app won’t prompt you for an SMS code for the next 90 days.

You can find out what strong authentication is for and how to set it up on this page.

Feel free to enter your private phone number. It will only be used to receive SMS authorisation codes and we at Fidoo will not use it to send you any commercial or marketing messages unless you have given us your consent to do so. Your phone number is information that only you and your company’s Fidoo Application Lead Administrator have access to.

You can’t access the Fidoo app without a mobile phone. If you don’t need to log in to the app or pay online, you can use your Fidoo card to pay at merchants or withdraw from ATMs without access.

It must always be a mobile phone number that can receive SMS messages.

In principle, there are no technical limitations; the device can be, for example, a desktop computer, a laptop, but also a tablet or a mobile phone with internet access.

Cookies are one element of identification of such a device. Therefore, after deleting them, you need to mark the device as trusted again.

Yes, a single device can designate any number of different users as trusted under its user accounts.

If you’re logging into the app from a device (computer, tablet, laptop, mobile phone, etc.) that isn’t added as trusted, we’ll offer you the option to add it as trusted right on the login screen. Just activate this setting in the window where you enter the SMS verification code. The next time you log in from this device, all you have to do is enter your app ID and password.

Posted on

Two-factor verification of Fidoo card payments on the Internet

Confirm Fidoo card payment online in the Fidoo mobile app

The moment you enter your details in the merchant’s payment gateway zFidoo cards, you can be prompted to confirm payment in the mobile or desktop version of the app Fidoo.

  1. After entering your Fidoo card details in the merchant’s payment gateway, you will receive a notification on your mobile phone to confirm the card payment.
  2. When you open the notification, you will see details of the payment you are making and options to reject or approve the payment.


    Click on “Approve Payment” to proceed to authorize and verify the payment.
    Click on “Reject Payment” or the cross in the top corner of the window to reject the payment.
  3. Now comes the verification, which you can do using:
    a) fingerprint, facial scan – follow the instructions on your phone as you are used to.

    b) entering your PIN     – if your phone does not support biometrics or you have chosen not to use it, follow the instructions on your mobile phone. Your authentication will be done using the PIN or other code you use for your authentication.
  4. After successfully verifying all required elements on your mobile phone, confirm the payment.

Failure to make payment

We will not make payment if one of the following situations occurs:

  • Select “Reject payment” or close the payment confirmation window with a cross.
  • 5 minutes have passed since the payment confirmation started and you have not decided whether to confirm or reject the payment.
  • The correct PIN has not been entered and you have already exhausted five attempts.

In this case, we will show you information about the refusal of payment. This information can also be found in the merchant’s payment gateway.

In the event that you receive to confirm a payment that you have not entered, we recommend the card immediately lock or block, or contact our client centre.

Confirm Fidoo card payments online in the Fidoo web app

The moment you enter the details from the merchant’s payment gatewayFidoo card, you will be prompted to confirm the payment in the mobile or desktop version of the app Fidoo. In this tutorial you will find out how to confirm your payment in the computer application Fidoo available at

https://fidoo.com/app


.

  1. Log in to Fidoo as you are used to at https://fidoo.com/app.
  2. After logging in, you will be presented with a window where you have the option to approve or reject the payment.

    Click on “Approve Payment” to proceed to verify and confirm the payment.
    Click on “Reject Payment” or close the window using the cross at the top right to reject the payment.

  3. In the next step of the payment confirmation, you will be asked to enter your Fidoo password and the one-time code from the SMS. We will send you an SMS to your phone number listed in the Fidoo app.

    Click on “Confirm” to proceed to payment confirmation.
    Click on “Reject Payment” or close the window using the cross at the top right to reject the payment.

  4. After you have successfully entered the password to the app and the code from the SMS, you will successfully confirm the payment.
  5. Now proceed to the merchant’s website.

Failure to make payment

We will not make payment if one of the following situations occurs:

  • Select “Reject payment” or close the payment confirmation window with a cross.
  • 5 minutes have passed since the payment confirmation started and you have not decided whether to confirm or reject the payment.
  • You have not entered the correct app password and/or SMS code and have already exhausted five attempts.

In this case, we will display a message to reject the payment or the time limit for payment confirmation has expired.

V

If you receive a payment for confirmation that you have not entered, we recommend that you lock or block the card immediately



, or contact our client centre




.


Frequently asked questions about two-factor authentication for online payments

Notifications to confirm a card transaction in the web app will appear on your profile at the company whose card you want to pay with. You can switch the company in the top right corner.

In the mobile app, confirmation notifications appear regardless of the profile you have set up at the time, so you don’t have to switch between companies.

Confirmation by notification is only done in the current version of the Fidoo mobile app for both iOS and Android. We recommend downloading the latest version and having notifications enabled.

The second reason may be that the merchant (the e-shop) does not require this method of verification.

Contact the Main Application Administrator and check the accuracy of your phone contact.

Posted on

Two-factor login to the application

What is two-factor login

Two-factor login helps you increase the security of access to the Fidoo app and prevents abuse.

This means that the user must pass through two security factors to log into the application.

  • The first factor is your password, which you set when you first log in. You can change your password in the app.
  • The second factor is either a one-time SMS with an authentication code sent each time you log into the Fidoo app or logging in from a trusted device. When you add a trusted device, a one-time authentication via SMS code is performed, after which the code is no longer required. However, if you log in to the Fidoo app from another device, you will again be prompted to authenticate via SMS code.

This whole login security system is called Strong Customer Authentication (SCA) and we are required by law to strongly authenticate every user when they enter the Fidoo application.

What strong authentication login looks like

Frequently asked questions about two-factor login

Yes, you will. Two-factor authentication for login requires only the receipt of an SMS message, which any mobile phone can handle.

If you do not want to fill in a verification code in addition to your login name and password every time you log in to Fidoo, you can enable the Login without SMS verification feature in the app for 90 days.

  1. After entering the login details and confirming with the Login button, a new window will appear for entering the six-digit verification code (shown below).
  2. A code has been sent to your mobile device, which you enter in the fill-in box.
  3. Below the fill-in box, you will see the option to Login without SMS verification for 90 days on this device.
  4. Click on it – instead of the grey box saying No, you now see a green box saying Yes. Confirm the action with the Confirm button and the app won’t prompt you for an SMS code for the next 90 days.

You can find out what strong authentication is for and how to set it up on this page.

Feel free to enter your private phone number. It will only be used to receive SMS authorisation codes and we at Fidoo will not use it to send you any commercial or marketing messages unless you have given us your consent to do so. Your phone number is information that only you and your company’s Fidoo Application Lead Administrator have access to.

You can’t do it without a cell phone. If you haven’t needed to log into the Fidoo app or pay online yet, then nothing has really changed for you.

We recommend entering your private mobile phone number.

In principle, there are no technical limitations; the device can be, for example, a desktop computer, a laptop, but also a tablet or a mobile phone with internet access.

Cookies are one element of identification of such a device. Therefore, after deleting them, you need to mark the device as trusted again.

Yes, a single device can designate any number of different users as trusted under its user accounts.

If you are logging into Online Banking from a device (computer, tablet, laptop, mobile phone, etc.) that is not added to your trusted devices, we will offer you the option to add it to your trusted devices directly on the login screen. You can then just confirm this by SMS. The next time you log in from this device, all you have to do is enter your internet banking ID and password.

Contact the Main Application Administrator and check the accuracy of your phone contact.

We will consider the device you designate as secure (trusted) and for 90 days you can log in with your username and password without having to enter the SMS verification code sent to your mobile phone. After 90 days, you must re-designate the device as trusted and confirm this choice with an SMS verification code.

Contact us

Expense Management

FX and foreign payments

Coming soon

Direct Fidoo

Nastavení cookies

© Direct Fidoo Payments s.r.o. 2023 Powered by Mastercard. Mastercard is a registered trademark of Mastercard International Incorporated. The Fidoo card is issued under license from Mastercard International Inc. Direct Fidoo Payments s.r.o. is a payment institution registered in the list of payment service providers maintained by the Czech National Bank with the authorization to provide payment services pursuant to Section 3 par. 1 lit. b), (c) and (e) of the Payment Act.