MasterPass is a simple, convenient and reliable tool for making fast and safe payments on the Internet. MasterPass allows you to enter the requisites of the card only once during registration, and by making further payments enter only the login and password/PIN-code for authorization in the payment service. All cards that are added to the SharPay application are stored in MasterPass.
The PCI DSS standard provides safe transfer of payment card requisites on the Internet.
3-D Secure is a technology for verifying the authenticity of an online payment. If your card supports 3-D Secure, then in the process of transferring money you will see an additional window, in which it will be necessary to confirm the use of the card by entering the confirmation code, which will be sent to you by your bank in the message.
Use only those services that can be found on the company's official website
If you need to transfer money from Vodafone mobile account, use only those services that can be found on the company's official website.
Our transfer tool is Sharpay mobile application.
It can be used to conduct financial transactions with funds from a mobile account or a bank card:
- top up your mobile account;
- transfer money to another bank card;
- pay for more than 300 different services from the catalogue of services.
You can read more about the application on the webpage https://pay.vodafone.ua/en
There you can also find the download links in Play Market and AppStore.
While registering in the applicaton you will receive an OTP password on your phone. Please, do not inform it anyone – either the «employees of the bank security service» or other people who may be taken as the representative of Vodafone company. No one has the right to ask you this password. You can enter it only in Sharpay application and nowhere else.
You can learn more about the possibilities of payments and transfers from a mobile account on our website
To secure your mobile funds, remember 2 simple rules:
- Never send OTP passwords that come in an SMS from Sharpay to anyone. Neither bank service nor the mobile operator has the right to ask you for this password.
So if you are asked for an OTP in a phone conversation, you can hang up, it is definitely the fraud.
- Do not enter your personal data on the third-party sites: mobile number, card number, OTP password. Sharpay exists exclusively as a mobile application. Also note that we do not cooperate with services that do not officially work in Ukraine, such as Webmoney, Qiwi or Yandex Money.
How you can determine that the site through which you plan to make a transfer is real and official
- Website address. If it looks like this https://www.vodafone.ua/ – has a national top-level domain – .ua, it means that the company has confirmed that it has a registered trademark. Large companies always confirm its existence.
- Design, texts and general structure of the site. Fraudulent sites that try to look like official pages usually have outdated design, not updated logos, pictures, colors may also differ from the colors of the brand. Most likely, no one will make multiple localized versions of the site. Texts can have a many mistakes.
- Contact and feedback block. Large and medium-size companies are unlikely to use popular mail services like Gmail or UKR.NET. Most likely, the mail will look like this (name of department /service/functions, then «@», company name and domain «.ua». For example, email@example.com. In Ukrainian telecom – operators the contact center number is usually one and starts with 0 800.
The most common fraud scenarios are:
The fraudsters phone a person and call themselves bank security officers. The person is told that his/her card has been blocked and compromised. So right now the funds need to be transfered from the card, for example, to the mobile phone. Then the same «employee» asks to inform quickly the confirmation codes with SMS, to make sure that everything went well.
At first glance, everything can look normal, safe, and sometimes, like caring for a client. Let’s see what’s wrong here:
- First, make sure that your bank was named. If the «employee» correctly gave your card number, it does not mean that he actually works at the bank.
- Secondly, the security service does not call its clients on this subject and banks do not send SMS with such information.
- Banks never allow a customer to withdraw money into a mobile account, even if it is a client’s mobile account.
What’s really going on in this situation.
The card is not blocked, the person communicates with fraudsters. While the person is transfering all funds from the card to his/her mobile account, fraudsters register it in the application. The person receives an SMS with an OTP password for registration and for the first operation. In stress, a person may fail to read the text of the SMS, where it is written that no one has the right to ask his/her for this password, pass it to fraudsters, and they transfer the funds from a mobile phone to their card or phone in a few minutes.
How to protect yourself.
Remember that the fraudsters’ tactic is to keep the person “on the phone” as long as possible, not to give him/her an opportunity to get over it and to think. They urge on and frighten with the consequences of what happens if you don’t follow their instructions. Of course, each of us, when we hear that our card has been compromised, will panic and do whatever it takes to prevent a loss of money, but that’s when we have to stop and try to figure out what is going on.
- You can save your bank number in the phonebook to see when you get a call from your bank.
- You need to hang up, find the hotline number on the official website of the bank and call back to find out if their employees have really contacted you.
- In the Му Vodafone application you can deactivate the possibility to pay and transfer funds from your mobile account. Full information is on the link
- Carefully read the SMS you receive and pay attention to the sender. If the SMS is from a bank or from an application, it will be indicated as the sender. Ignore the messages from unnamed senders and if the name only resembles the official name of the bank or application, but is misspelled.