Protect: Security for bank cards
You don't have to enter your card details every time you make an online payment. You can store your card data encrypted in the the Yandex Browser beta version or on the Yandex server. Yandex Browser protects your payment data by warning you if you enter your card number on an unsafe website.
Saving your bank card info
When you enter your bank card details in Yandex Browser for the first time, the browser asks whether you want to save this information and use it for autofilling online payment forms in the future.
You can also link your card to your Yandex ID.
- In online stores that are integrated with Yandex Checkout.
- In Yandex services.
- In Yandex mobile apps.
- In online stores that are integrated with Yandex Checkout.
- In Yandex services.
- In Yandex mobile apps.
Properties | Yandex ID | Yandex Browser |
---|---|---|
Where can I pay? | | In any online store or online payment service. |
How is my data protected? | Your data is protected by the PCI DSS standard developed by VISA and MasterCard. | AES-256-GCM encryption is applied with a key used for password encryption. For better protection, create a master password. A key protected with a master password is almost impossible to decipher. |
Can any online stores or other online payment recipients access my card data? | No. | Yes, just like when you enter your card details manually. |
Properties | Yandex ID | Yandex Browser |
---|---|---|
Where can I pay? | | In any online store or online payment service. |
How is my data protected? | Your data is protected by the PCI DSS standard developed by VISA and MasterCard. | AES-256-GCM encryption is applied with a key used for password encryption. For better protection, create a master password. A key protected with a master password is almost impossible to decipher. |
Can any online stores or other online payment recipients access my card data? | No. | Yes, just like when you enter your card details manually. |
Select the storage for your card data:
- Click.
- Open Settings.
- Under Bank cards, select the option from the list in the Offer to save card information by default field.
Managing your bank cards
You can manually add, change, or delete your bank card details in the Bank card manager.
- Click.
- If you have already created a master password, enter it to access your vault.
- Open Yandex Pay cards.
- Click Add in the upper-right corner.
- Fill in the form fields.
- Click Add.
- Click.
- If you have already created a master password, enter it to access your vault.
- Open Yandex Pay cards.
- Click the card you want to edit.
- Enter changes.
- Click Save.
- Click.
- If you have already created a master password, enter it to access your vault.
- Open Yandex Pay cards.
- Hover your mouse cursor over the card you want to delete.
- Click Delete.Note. If you have deleted your card by mistake, click Restore in the lower-left corner of the screen. If you reload the page or go to a different tab, you won't be able to do it.
Card syncing
For security reasons, card data is synced if you're using a master password. Card data is securely protected during synchronization.
Card syncing stops if syncing is fully disabled. To disable only password and card syncing:
- Click.
- Deselect the Passwords and cards option.
Disabling the Bank card manager
- Click.
- Open Settings.
- Under Bank cards, click Turn off bank card autofill.
The browser will no longer suggest bank card details in payment forms or offer to save cards. Previously entered data will remain encrypted on your computer and will become available if you enable the bank card manager again.
To do this, go to Bank cards and click Turn on bank card autofill.
Security warning
Hackers may try to get your payment information (card number, name, expiration date, and CVV2) and use this data to steal money from your account. Your payment information may be at risk in the following situations:
- The online payment form was published on a fraudulent website.
- The site accepts payments by card but it doesn't use a secure HTTPS connection.
- The site uses a certificate that Yandex doesn't recognize.
- The payment form is hosted on a domain that's different from that of the main site.
When you enter your bank card number, there are two types of warnings that Yandex Browser may display:
- There is a clear risk that your data could be stolen. In this case, the SmartBox displays the icon and a warning window opens.
- There is no clear risk of data theft, but there may be a potential security problem. In this case, the SmartBox will display the icon.
When you enter your bank card number, there are two types of warnings that Yandex Browser may display:
Click the card icon in the SmartBox to learn more about the problem. You will see one of the messages:
Message | What it means |
---|---|
You are entering card number **** on example.com, which doesn't use reliable encryption. Your payment details may be intercepted by hackers. | Yandex considers the site to be suspicious or the site uses the non-secure HTTP protocol during payment processing. Don't proceed with payment, otherwise hackers may get access to your payment data. |
“Certificate name” can see your bank card information. | Yandex does not recognize the site certificate (certificates confirm a site's authenticity and are part of the data encryption process over HTTPS). Check the origin of the certificate and decide if you trust it. |
The connection with this site is not encrypted, but your bank card data will be sent to example.com, which is secure. | The form you use to enter your payment information is located on a different site from the one where the payment is actually made. It's likely that you ended up on a phishing page. Make sure that you trust the site where the payment form is located. |
Your bank card data will be sent to a different site, example.com, which is secure. |
Message | What it means |
---|---|
You are entering card number **** on example.com, which doesn't use reliable encryption. Your payment details may be intercepted by hackers. | Yandex considers the site to be suspicious or the site uses the non-secure HTTP protocol during payment processing. Don't proceed with payment, otherwise hackers may get access to your payment data. |
“Certificate name” can see your bank card information. | Yandex does not recognize the site certificate (certificates confirm a site's authenticity and are part of the data encryption process over HTTPS). Check the origin of the certificate and decide if you trust it. |
The connection with this site is not encrypted, but your bank card data will be sent to example.com, which is secure. | The form you use to enter your payment information is located on a different site from the one where the payment is actually made. It's likely that you ended up on a phishing page. Make sure that you trust the site where the payment form is located. |
Your bank card data will be sent to a different site, example.com, which is secure. |
Disabling card protection
If you want to disable card protection in Yandex Browser, follow these steps:
- Click .
- Go to the Protect tab at the top of the page.
- In the Threat security section, deselect Phishing protection for bank cards.