Documente Academic
Documente Profesional
Documente Cultură
Transaction Security
3D Security
3D security is main part of our Risk management policy. There are three dimensions from where our whole transactional system will be secured and there is no room for threat and vulnerability.3D security mean. 3D security even considers the opportunity behind the potential attacks and Support technical controls with appropriate policies, procedures and training. Our 3D security overcome all of following threats
Physical threats Electronic threats Technical failures Infrastructure failures Human error
A. Proactive Monitoring
1. KYC scams
To ensure that our merchants and customers are legitimate and real we develop KYC policy. In this way risk of fake customers is secured. We identify our merchants or customers by using reliable and independent documents. In this way no merchant or customer misuse our services. We pertain following points for KYC policy.
Acceptation of merchants:- Merchants have to accept our KYC policy and fill
prescribed form for opening account
iSarif Ecommerce (Pvt) Ltd General Policy Documents 4.9. Any results of any acts of Government or authority, any act of God or force majeure. 5. ISARIF Ecommerce Ltd. 's service is limited to providing Customer with a payment facility and does not ensure the quality, safety or legality of the transaction Customer is undertaking. ISARIF Ecommerce Ltd. does not have any responsibility for any goods or services for which Customer pays using the ISARIF Ecommerce Ltd service and will not be liable for any charges, taxes or other duties in relation to such goods or services. 6. Customer agrees to release, indemnify, and hold ISARIF Ecommerce Ltd harmless against any claim brought against ISARIF Ecommerce Ltd. by a third party resulting from Customer's use of ISARIF Ecommerce Ltd payment services in respect of all losses, actions, proceedings, claims, damages, expenses or liabilities whatsoever suffered and howsoever incurred by ISARIF Ecommerce Ltd in consequence of Customers non observance or breach of these terms and conditions.
Page 3 of 10
Privacy Policy
You accept this Privacy Policy when you sign up for or use our products, services or any other features, technologies or functionalities offered by us on our website, application or through any other means (collectively the iSarif Services"). If you open an account or use the ISarif Services, we may collect the following types of information: Contact information - your name, address, phone, email, Skype ID and other similar information. Financial information - the full bank account numbers that you link to your ISarif account or give us when you use the ISarif Services. We may also obtain information about you from third parties such as Security and Exchange commission of Pakistan, NADRA etc. Our primary purpose in collecting personal information is to provide you with a secure, smooth, efficient, and customized experience. We may use your personal information to: provide the iSarif Services and customer support you request; process transactions and send notices about your transactions resolve disputes, collect fees, and troubleshoot problems; prevent potentially prohibited or illegal activities, and enforce our User Agreement; customize, measure, and improve the iSarif Services and the content and layout of our website and applications; deliver targeted marketing, service update notices, and promotional offers based on your communication preferences; Compare information for accuracy and verify it with third parties. We don't sell or rent your personal information to third parties for their marketing purposes without your explicit consent. To process your payments, we may share some of your personal information with the person or company that you are paying or that is paying you Regardless, we will not disclose your bank account number to anyone you have paid or who has paid you through ISarif or with the third parties that offer or use the ISarif Services, except with your express permission or if we are required to do so to comply with banking requirements, subpoena or other legal process. We may share your personal information with: Service providers under contract who help with parts of our business operations such as fraud prevention, bill collection, marketing and technology services Companies that we plan to merge with or be acquired by Law enforcement, government officials
Take key points from privacy policy doc and put it here.
Page 4 of 10
2. Transactions first authorized then captured after delay of 48 hours, giving enough time to bank to resolve problem if there is. 3. Take security money with respect to ratio of charge back. You can explain how it is being used in different countries and how it has avoided charge backs etc
4. Standard Banking Portal 128 encryption, Secure Socket Layer, and RSA security OTP and E-token system to excess info for support staff and software improvements. Banking software has already built-in this kind modules, sop mechanisms, least required modifications. Security control
Page 5 of 10
iSarif Ecommerce (Pvt) Ltd General Policy Documents Establish and display a comprehensive privacy policy to reassure customer when they provide personal data Offer free telephone customer service as it can help preserve sales and increase the relationship you have with our customer Provide "Email Customer Service" so customer can ask questions online. For customer service by email you are required to have a standard response and time frame for responding to a customer query. Do not dispatch goods by whatever means (including online delivery) to a third party address (that is, an address other than the cardholder's address); this is considered very high risk. Deliver goods/services on a timely basis and advise customer when they can expect delivery. Notify the customer of any delay of delivery. Retain documentary evidence of the delivery, together with a description of the goods/services supplied, for a minimum of 12 months. Never estimate charged amounts, and be sure the customer sees the final total (including tips and other add-ons) before the account is charged. Be sure the transaction information on the receipt is legible. Ship merchandise before processing account transactions. Disclose return and refund policies clearly before a sale, and be prompt about cancelling transactions when customers request it.
Secure technologies for ISARIF server ISARIF server is behind state of the art security firewalls to ensure maximum protection of our customer's details. This guarantees that our information is inaccessible to any third party. ISARIF uses industry-standard VeriSigns 256 SSL (Secure Sockets Layer) Technology, which is used worldwide, for data encryption. ISARIF also follows strict in-house security guidelines for ensuring confidentiality of user information. ISARIF is using banks secure server for payments. Isarif is implementing Fraud Detection Engine that provides an unprecedented level of risk detection that can help us to convert more valid orders automatically and reduces both expenses and potential chargeback losses. The robust risk management tools and fraud filters listed below help control risk effectively: 1) Risk Management Rules and Parameters 2) Negative Files 3) Risk Management Queries, thereby making ecommerce transactions safe and confidential.
Page 6 of 10
iSarif Ecommerce (Pvt) Ltd General Policy Documents Software made by internationally and experienced software companies. Shopping cart by Phpprobid UK based companies and payment software by PCI compliant software makers like Iconfsd. Password security, general internet security and privacy guidelines for users
Emails
Be alert for scam emails. These may appear to come from a trusted business or friend, but actually are designed to trick you into downloading a virus or jumping to a fraudulent website and disclosing sensitive information. Don't reply to any email that requests your personal information. Be very suspicious of any business or person who asks for your password or other highly sensitive information. Open emails only when you know the sender. Be careful about opening an email with an attachment. Even a friend may accidentally send an email with a virus. Be careful before you click on a link that is contained in an email or other message as it may not be trustworthy. Do not send sensitive personal or financial information unless it is SSL encrypted on a secure website as regular emails are not encrypted. Protect your identity theft by using encryption on your Wi-Fi network.
Password
Use strong passwords or PINs for your Internet accounts. Choose passwords that are difficult for others to guess. Use both letters and numbers and a combination of lower case and capital letters if the passwords or PINs are case sensitive. Use a different password for each of your accounts. Ensure that you change your passwords & PINs regularly at least once a month. For maximum security, we would advise you to memorize your PINs or passwords, keep it secret.
Here you can explain about our dedication for keeping up-to-date
Page 7 of 10
We are in compliance with The Network for Consumer Protection Consumers Association of Pakistan Consumer Rights Commission of Pakistan (CRCP) Directorate of provincial consumer protection council
Write down about the above said organizations and our plans to work together with them to empower customer
the transaction has been completed per terms set, the money is released. If at any point there is a dispute between the parties in the transaction, the process moves along to dispute 2resolution. The outcome of the dispute resolution process will decide what happens to money in escrow.
Elaborate this
3. 24/7 hotline, ticket system to resolve problems in timely manner, Elaborate this
iSarif Ecommerce (Pvt) Ltd General Policy Documents product will govern the procedure and cost but buyer will have to pay for any reshipping of goods. Goods must be returned to the place from where they were initially dispatched and same is true for seller name info. Seller must be notified electronically through message board prior to shipping an item and expecting to be reimbursed. However if goods are to be returned right after opening the box when courier representative shows up then products can be returned without noticing the seller. For each item, there will be two options available depending upon the seller. Some sellers may pay for shipping items, while others may require buyer to pay the shipping cost, but it will be clearly known to buyer during shopping process that who pays for shipping. Funds will only be refunded in the funding option that was initially used to make payment for purchase. Buyer pay reshipping fee if products not received due to wrong address or courier guy went to deliver but nobody received. Goods are to be carried by Courier Company, buyer opens it and checks it and if find problem then give back to courier guy. No fine need to pay and refund will be 100% of product price but shipping cost will be deducted. Products are to be sent to seller through pre-approved courier companies only.
Volume of transactions
1. Compact population, city sizes and % of population 2. Demographics of society (age groups using computer) 3. Demographics far away in distances, companies need to render their goods and services at far distances, payment problem 4. Expand horizon of bank and give account holders one more reason to have net-banking account. 5. Scope/ Possible list of clients (govt, private registered entities, smes) expand it as much as possible to tell them that how much scope we have. 6. Lump sum # of transactions per year. Even if we dont meet the target, we will pay for those number of transactions. 7. Two kinds of sellers, Verified sellers (govt and secp registered entities) and others unverified, they will be able to list their item but will not be able to use payment system. It is upto buyer, if buyer trust them then buyer pays directly to their bank account or any other mechanism they want to be paid to. Isarif has nothing to do with them. But this does encourage legal businesses as verified seller will have high trust level among buyers. Page 9 of 10
Page 10 of 10