SAFETY Pay fast and easily for your secure transactions
CONTROL For all your purchases
ACCESSIBILITY Your Mastercard or Visa card is automatically enrolled in the 3D Secure service
I want to know more
Starting with September 14th 2019, the provisions of the European Regulation 389/2018, a normative act supplementing the European Directive 2366/2015 on PSD2 Payment Services, which, for convenience, we will continue to call RTS (Regulatory Technical Standards), came into force. The RTS contains rules regarding Strong Customer Authentication, namely:
Strong Customer Authentication for online payments:
Use at least two of the three methods of authenticating the customer's identity in order to authorize an e-commerce payment
The authentication methods are based on: something that the client KNOWS (e.g. PIN, password), something he OWNS (e.g. eToken, SMS OTP) or something that IS (biometric authentication, e.g. fingerprint, facial recognition).
In order to complete online payments, you may use the following methods:
Biometric Authentication or PIN code for eToken, by accessing the eToken application, Pending Transactions menu
Static password plus dynamic password received via SMS (at the telephone number registered at the Bank)
Authentication with static password plus dynamic password received via SMS
For the first transaction, you must follow the next steps:
Enter the initial password *, consisting of the last 6 digits of the card number with which you want to make the payment plus the last 4 digits / letters of your CNP (no spaces between digits / letters)
You set a final password, known only by you, which should contain only 4 digits
Enter the unique code received via SMS and confirm the transaction
For the next online payments, you will use the final password set by you and the unique code received via SMS.
Example: The card number is: 1234 5678 1234 5678 CNP: 1234567890123
The initial static password is: 3456780123
The initial static password must be changed at the first online payment with the card, as follows: in the transaction authorization page you will enter the initial static password, then you will set your final static password by entering and reconfirming the new static password in the dedicated fields.
The final static password must consist of 4 digits.
* You can find out details about the initial password by contacting the BCR Info service available 24 hours a day at * 2227, (number with normal callable rate from the national fixed and mobile networks Telekom, Orange, Vodafone, RDS-RCS) or +4021.407.42.00 (callable from abroad with normal rate)
To update the phone number on which you receive the password, you have the following options:
Access George Web in the Settings / Contact Details area
Call Info BCR: * 2227 or 021 407 42 00 international call number
Come to any BCR unit
Good to know
Online payments cannot be made only by using the the initial password. This needs to be changed.
For security reasons, your static password will be locked after five consecutive unsuccessful attempts.
After the 5th consecutive unsuccessful attempts, in order to authorize a new payment, depending on the type of authorization, it is necessary to re-enter the initial static password and set a new static password.
The static password can be reset by accessing Forgot your password? on 3D Secure page