Customer Security Tips

We are constantly improving our cybersecurity to protect your personal data and prevent fraudsters and scammers from exploiting our customers. You can help us create a safe Joompay environment by following some standard precautionary measures.

General tips for your online security:

(*in addition to Section 17 of our General Terms and Conditions that you should be following)

Phishing

There is a common scenario that fraudsters may use to trick you into revealing sensitive information: they may pose as customer support or anti-fraud unit through legitimate-looking means of communications (email, messengers etc.) Then through manipulation and deceit cybercriminals try talking you into giving away your sensitive information, clicking on a malicious URL or opening an attachment that contains malware.

How can you stop being phished?

  • Joompay communicates with customers within your Joompay Account, we never call our customers and never ask to provide any of you Joompay Account/ Card security details, including passcode, card details, or transaction confirmation codes. If someone claims to represent Joompay and asks you for your account or payment details you should immediately shut down the communication and contact our customer support team. The customer support team can be contacted via the in-app chat or help@joompay.com.
  • Always check sender’s email: fraudsters love to use copycat emails substituting certain symbols: e.g., substitute “l” with 1
  • Don’t click on any links, especially shortened ones, and don’t open attachments from the unexpected emails.
  • Question the legitimacy of the sources you are going to visit (there is definitely something wrong with the “bank.bg1.lu” even if it looks similar to the bgl.lu).
  • Customer support never threatens or pressures you into revealing your card number or card security data.

You can report phishing attempts associated with Joompay’s brand through the in-app support chat or via help@joompay.com

Passwords

Protecting your email and social media accounts is essential for cybersecurity, since they contain a lot of your sensitive personal information. Losing control over such accounts may lead to irreparable damage like identity theft.

How to make your passwords strong and unique?

  • Use three or more random but meaningful words in a row (e.g., MartianDogBurger).
  • Avoid using common pop culture or easily guessable personal details like birthdays, family or pets names.
  • If special characters or numbers are required you can substitute certain letters with corresponding characters (e.g. “a” being @, “o” being 0)
  • Opt for the password manager applications instead of saving passwords in your browser.

Multi-Factor Authentication

How to prevent hackers from hijacking your account?

  • Always enable multi-factor authentication (also sometimes called two-factor authentication or 2FA for short). Once enabled, every time you log into your account from a new device it will require you to enter a one time code sent to you via an in-app push or virtual token provider (like Google Authenticator, Authy ot FreeOTP).

Device Security

Hackers use your software weak points to hack into your devices and steal data.

How to protect your devices?

  • Always install the latest version of software and security updates available for your devices regardless of their operating system (Android, iOS/macOS or Windows).
  • Enable the automatic updates to fast track this process.
  • Don’t use pirated, “alternative” or “free” versions of commercial softwares, since they always come with the price of your security.
  • Enable password or pin code protection on all of your devices including phones, tablets, and PCs. In case of theft, no one will be able to access your personal data and payment details.

Safe Browsing

How can you verify that your browsing and on-site communications are secure?

  • Always check for the padlock sign and “https://” in the browser string
  • Never enter your card details on sites without those security signs
  • Keep an eye on the typos in the site address (e.g. jooompay.com) or redirects to uncommon domains.
  • Don’t save or auto-fill your card details in the browser.

Communicating Security Concerns and Issues

What if the device you used to access your Joompay account got stolen?

  • Reset the passcode for your account
  • Lock/erase the device remotely, if such an option exists.

If you notice any misuse, theft or unauthorised use of your Mobile, Joompay Card, Passcode or Card PIN or any other suspicious activity, you should immediately contact the customer services team via the in-app chat or help@joompay.com.

Open your free account
Scan the QR code👇 with your phone to download Joompay app