Safety when using the payment card

Useful advices for payment card holders:

  1. Keep the card away from unauthorized persons; do not leave it unattended in the public places, such as restaurant, hotel, and job.

  2. To avoid card damage, do not expose the card to heat, electromagnetic or mechanical stress. If, owing to damage, the card cannot be used for transaction performance, immediately contact the Bank to reissue the card.

  3. Write down the Bank telephone numbers and always have this information in your possession.

  4. When withdrawing funds, it is recommended to use ATMs of banks known to you.

  5. Keep private the PIN number, card validity and CVV2 / CVN2 / CVC2 / CVP code.

  6. Do not transfer the card to any third parties. If necessary, issue additional cards to relatives.

  7. Do not inform personal information to any unauthorized persons – this is the information agreed with the Bank in order to identify you as the cardholder: code word, identity document data, card number and account number, passwords, PIN number. The Bank does not recommend disclosing personal information to any persons unknown to you, whether they pass themselves off as someone else, as these data can be used to commit illegal actions, whereby material and moral damage may be caused to you.

  8. Do not use personal information to participate in lotteries, etc., even if you are promised that participation is free. Do not report personal information over telephone in public places and in the presence of any unauthorized persons, who may hear this information and use it for their own purposes in future. Do not leave documents containing your personal information unattended in public places: including office, hotel, and airport – wherever they may be accessible to any unauthorized persons.

  9. Refrain from keeping personal information open in your computer, mobile phone, and pocket computer. This information can be made accessible to any persons maintaining this equipment, or to malicious users, who have managed to gain access to it via network by stealing it. Before discarding paper documents with personal information tear them into small pieces or use a shredder. To guarantee the information removal from electronic media, you must use special programs, and if impossible, we recommend destroying the media physically.

Please note!

If your personal information has become known to any third parties, you should immediately notify the Bank of this by calling the phone numbers specified on back of your payment card.

Safe payments in Internet Verified by Visa/ MirAccept / MasterCard SecureCode

Dear owners of MIR, Visa and MasterCard payment cards of VTB Bank (Kazakhstan)!

Paying particular attention to the transaction security in the Internet world network using MIR, Visa and MasterCard payment cards, the VTB Bank (Kazakhstan) has connected all its payment cards (including corporate) of the International Payment System MIR, “Visa International and MasterCard Worldwide” to the service “Verified by Visa, MirAccept and MasterCard SecureCode” .

The Security System “Verified by Visa, MirAccept and MasterCard SecureCode” is based on 3-D Secure technology that allows you to identify the MIR, Visa and MasterCard holder when making Internet payments using additional password that is known only to the cardholder. 3-D Secure is XML protocol that is used as the enhanced security level for payment cards, which uses two-factor user authentication. This technology ensures high security when paying for goods (work, services) via payment cards in the Internet.

How the Service “Verified by Visa/ MasterCard SecureCode” operates

For security purposes, Visa / MasterCard holders are provided with the Service “Verified by Visa / MasterCard SecureCode” and the access to card transactions in the online shops, which support 3-D Secure technology. Wherein:

- before automating the connection to the Service “Verified by Visa / MasterCard SecureCode”, the holders of Visa / MasterCard payment cards are advised to connect the Service “Verified by Visa / MasterCard SecureCode” themselves by contacting the Bank branch / via the Bank’s remote channels (ATMs, Internet banking and mobile banking) and to use the Online shop website that supports the Service “Verified by Visa / MasterCard SecureCode” (Verified by Visa / MasterCard SecureCode logo must be available on the Online shop website);

- after automating the connection to the Service “Verified by Visa / MasterCard SecureCode”, this service will be connected automatically, when the payment card is issued / reissued.

Customers, who have previously connected to the SMS-notification service, are not required to make separate connection of the Service “Verified by Visa / MasterCard SecureCode” due to the fact that the Service “Verified by Visa / MasterCard SecureCode” is automatically available for all types of cards.

When making payment in the online shop supporting the Service “Verified by Visa / MasterCard SecureCode” (Verified by Visa / MasterCard SecureCode logo must be available on the Online shop website), you shall enter the following data:

  1. card number;
  2. card expiration validity;
  3. upon request – name and surname in Latin transliteration (as specified on back of the card);
  4. CVV2 / CVC2 code (three-digit number is specified on back of the card).

After entering the required information, you will be redirected to the Bank's website, where one-time password must be entered in a specialized form containing the details of card transaction, in order to confirm the payment.

This password consists of 4 digits and comes via SMS-message to mobile phone. The message also specifies the password validity and the time of password activation in the system.

Please note that the password can be used only for 5 minutes from the moment of receiving the SMS-message and only to confirm the card transaction, during which it was generated.

Having received the one-time password with your mobile phone, you need to check the transaction details on website and to enter the password in the respective field.

If the password is entered correctly, the Customer’s authentication was successful (transaction is considered as an operation performed personally by the cardholder) and you will return to the online shop website.

Following the positive result of transaction authorization, the online shop website should specify that the purchase payment using the card was successful.

If you have entered the one-time password incorrectly, the respective information message will appear, and SMS-message with a new password will be sent to you.

The allowable number of incorrect entries of Dynamic password is 5 (five) times / day.

* SMS-notification service cost – according to the valid Bank service rates


• You can enter your one-time password only, if the browser address bar contains the following address:;

It is prohibited to enter the password in any other addresses in the Internet.

Dear Clients,

Subsidiary VTB Bank JSC (Kazakhstan) informs you that after using the card in countries of substandard risk of fraud, you need to contact the Bank to reissue the card. In case of non-compliance with this requirement and in the event of fraudulent card transactions on the card, all Bank expenses, as well as damage caused to the Bank, shall be reimbursed by the Client to the Bank.

List of countries of substandard risk of fraud

1. Albania 2. Argentina 3. Australia
4. Brazil 5. Bulgaria 6. People's Republic of China
7. Taiwan 8. Croatia 9. Czech Republic
10. Dominican Republic 11. Hong Kong 12. Indonesia
13. Japan 14. Republic of Korea 15. Malaysia
16. Malta 17. Mexico 18. Netherlands
19. Nigeria 20. Pakistan 21. Peru
22. Philippines 23. Poland 24. Portugal
25. Romania 26. Singapore 27. South Africa
28. Spain 29. Thailand 30. UAE
31. Turkey 32. Ukraine 33. Great Britain