Terms and conditions for the use of digital banking service



1. Introduction


The Terms and Conditions for Use of Digital Banking (hereinafter referred to as “Terms and Conditions”) regulate the rights and obligations of the Bank as the service provider and the Customer in relation to the contracting and use of digital services banking (hereinafter referred to as the “Service”).


2. Definitions


Website: www.intesasanpaolobank.al;

Contact: tel: +355 4 2276000; 0800600 (free form Albtelecom and Eagle), +355 692080903;

Banks' branches, whose list is available on the Bank's website www.intesasanpaolobank.al;

The User can use biometric methods depending on the technological capabilities of the mobile device he uses.

It is performed using the Smart login authentication / authorization system - as an authorization by sending an automatic Push message. In case it is impossible to use these procedures for technical reasons, it is sent as an SMS.


3. Terms of Use of Digital Banking Services


The contract on the use of the Service can be concluded at the Bank's branches and through direct banking services or online public portal, when the Bank enables it.

Every customer with at least one opened current account is eligible to contract the digital banking service.

In the case of several account holders, the Bank shall only provide the service to each account holder only when each of the holders has the right to operate with the account/s independently (single signatures)– with the provision that the Bank concludes the Agreement for the service with each account holders which requests the service.

In the case of jointly held bank accounts, account holders with joint disposal rights are not eligible for using the digital banking service.

To use internet banking, the User is required to access the service from a personal desktop or laptop computer, tablet or other appropriate device (meeting technical conditions specified in the Bank’s Internet Banking User Manual) and should be connected to the Internet. To use the mobile banking application, the mobile application needs to be downloaded from the specified stores and on a device meeting technical conditions specified in the ISPA Mobile Banking User Manual) and should be connected to the Internet.


4. Technical Conditions


When contracting the Service, the User is obliged to provide the Bank with the telephone number of the mobile device to which the Bank will provide part of the registration code (identification code) necessary for the activation of mobile banking application. The User should also provide the Bank with an e-mail address to which the Bank may provide documents related to the Service, if the need be.

The Customer shall ensure that the parameters of the browser are set appropriately, in accordance with the required technical conditions.

The Bank shall not be liable for any damages that result if the User did not use the devices, or software required for the digital banking service in the appropriate manner, that is, the Customer did not access and use the service from the sites or web stores specified in the manual but with the intermediation or assistance of another site or platform (software), or did not  exercise appropriate care in selecting a suitably secure environment in which to use the digital banking service. The Bank is not liable for damage arising from virus contamination in the User’s IT system.      

The Bank shall accept no liability for any damages caused by the fact that the parameters of the browser are different from the required technical conditions.


5. Access and use of the service through the mobile banking application


Downloading the application         

To access and use the Service through the Mobile Bank application, the User should use a mobile device compatible with technical requirements and using the identification method selected by the Customer and specified in the Agreement.

The user downloads the mobile banking application through the virtual store App Store or Google Play store, depending on the mobile platform it uses.


For first login into the mobile application, upon contracting the Services, the User shall download the Mobile Bank application and install it on its mobile device and perform the registration process by entering into the respective fields in mobile application the registration code required for the activation of the Mobile Banking Application: the code received from the Bank's branch office and the code received by SMS in the mobile phone number of the Customer.

After the installation and activation of the mobile application by a one-time entry of the registration code assigned to the User, the User defines the personalized security element – the PIN (as well as activates other biometric security elements such as fingerprint or face id or other biometric methods made available from time to time), which he will later use to access and use the mobile banking application. The PIN serves the User for Authentication when accessing the Service in mobile and might also be used when applicable to provide customer’s consent to execute payment transactions, and product contracting or for any other purpose offered and supported within the Service, in accordance with the applicable regulations.


If the installed Mobile Banking application is locked, deleted or the User wants to install on another mobile device instead of the existing one, the new registration code (identification and activation code) is required to reactivate the application again. The new registration code for activating the mobile banking application can be requested by the Service user in branch or through Call center. Through the latter, only if successful identification is achieved.

The use of the authentication methods is in keeping with the procedures applied at the Bank for Customer identification and the verification of disposal rights over the bank account. Beyond this, the Bank does not examine the entitlement of a User to use the credentials in accordance with the above, or the circumstances of such use.

The Customer bears full liability in respect of all such banking transactions, and instances of use of supplementary services, as are initiated by the User with the application of one of the above identification methods made available to the User


6. Access and use of the Services through the Internet Banking application


To access and use the Services through the Internet Banking application, the User accesses the web site.

Access and use Services through the Internet Banking application are possible using one of the following - authentication / authorization systems:

#withKEY – If the customer has chosen the software token, he can log into Internet Banking only after the he has downloaded and registered the mobile application into which is embedded the #withkey which will generate the one time passwords for authentication and authorization if applicable. The user accesses the internet banking home screen and is authenticated by entering in the “User ID” field the User ID provided by the bank and by entering a one-time password generated by #withkey in the "One-time password" field of the internet banking.

Authorizing transactions and giving consent where required, is done by entering a one-time password generated by the #withKEY authorization system into the predicted field in internet banking. An exception to this procedure is the TDS authorizations, which are authorized using the smart login authorization system.

Hardware token - If the customer has chosen the hardware token, the user accesses the internet banking home screen and is authenticated by entering in the “User ID” field the User ID provided by the bank and by entering a one-time password generated by the Token.

Authorization is done by entering into the provided field in the Internet Banking a one-time password generated by a token. An exception to this procedure is the individual TDS authorization of the order.


7. User Rights, Obligations and responsibilities


User rights

With his electronic signature, the Customer may request additional, not yet used services or the modification of the used Services via the Bank’s Internet Banking or the Bank’s mobile application. The acceptance (confirmation) of the application by the Bank constitutes a conclusion of the Agreement or a modification of the original Agreement.

Through the Service the Customer will be able to access all products and services he has with the bank and which the bank has enabled to be viewed, contracted and closed through these channels.

User is obligated to:

The security obligations of the User are as follows:


8. Obligations and responsibilities of the Bank


Any successful access to the service, authorization made is deemed to have been made by the User. The Bank will regard the payment orders given using the above methods of identification as approved by the User, and will fulfill the instruction given with respect to a service specified in the User Manual using the above methods of identification as an instruction given by the User, and the agreement related to the service shall be established, amended or terminated through the confirmation of the instruction by the Bank. The Bank does not examine the entitlement of a user to use the User ID or the password, or the circumstances of use.

The Bank reserves the right to modify the range of services associated with the various digital service. The Customer may find detailed information on the range of services, on the way in which they may be used, and on the technical requirements, in the relevant User Manual or may be informed through the digital banking service or in the banks website.

The Bank shall not be liable for any damage to the User due to:


9. Fees


When concluding a Service Agreement, the User is obligated to pay the relevant fees for the execution of a Payment Order through the Service, and other fees contained in the Terms and Conditions of the Bank for the duration of the Service Use Agreement.

Should the User not have sufficient funds available in the designated account, then the Bank has the right to retain the incurred charges/commissions from any other bank account/product the customer has in the bank.

The amount and types of fees and other costs that may be incurred through the performance of the Services Agreement are defined in the Bank’s Terms and Conditions.


10. Limits


To use the digital banking service, daily and monthly payment limits for payment transactions in national, international and cross-border payments are applied. Information on the amount of daily and monthly limits are available to the User in both Mobile Banking and Internet Banking Services.

The User may increase/decrease limits within the default value assigned by the Bank either via branch or via the digital banking service. The daily and / or monthly limit specified at the User's request is applied immediately.

When using the Daily and Monthly Service, payment transactions for foreign currency transactions are reduced to foreign currency equivalent, according to the buy exchange rate of the Bank.

The Bank determines which types of transactions do not affect the reduction of daily and monthly limits, namely:


11. Execution of Payment Transactions


The Bank through the Services enables the User to execute domestic and cross-border payment transactions when enabled. Payment orders authorized by the Service are executed in accordance with the information published in the Terms and Conditions.

Depending on the type of authentication system and authorization used by the User, the consent to execute a payment transaction is provided by the User through authentication / authorization systems in accordance with the methods described in this document.

The Bank allows the User through the service to activate the so-called Fast Transfers procedure. Once the User independently or via ISBA’s Internet Banking Application Services chooses and authorizes the use of this functionality through the authentication / authorization system that he / she uses, when initiating payment orders, the system will not require the individual authorization of the order from the User. The user independently through the digital service may deactivate this functionality.

The Bank allows the Customer through the Service to determine the so-called trusted account, for which the system will not require the execution of authorization procedure. A trusted account can be any account in favor of which the User decides to initiate payment orders without undergoing the authorization process. The Customer may deactivate this functionality through the Digital Service.

The Bank allows the Customer to activate through the Service the #withPAY payment functionality.

The Bank will send to the Customer the statement of account/s and or other banking products which the Customer has with the Bank only through the digital banking platform whenever this option is enabled. Other alternative means of receiving the bank statements may be configured from the Customer himself in the digital banking service.


12. Operating hours of the Digital Service


The systems are available 24 hours a day except for the periodical closing and system maintenance periods. The bank shall inform the Customer about maintenance times accordingly.

During the regular maintenance of the Service, the User will be partially or completely disabled in using the Service. Regular Maintenance Services are performed at a time when, according to the Bank's estimate, is the lowest frequency of use of the Service.

The transaction timelines are as defined in the Bank’s Terms and Conditions.       

In the event of technical breakdown or malfunctions the bank shall commence work on correcting the fault within 1 Banking Day from the detection of the fault.


13. Change, restriction or suspension of the service


The Bank reserves the right to change, restrict or suspend the Service. The changing of the Service may especially, but not exclusively, take place in the event of a technological or interface-related upgrading or modernization of the Service, while a suspension may especially, but not exclusively, take place in the event of technical problems or serious malfunctions. The Bank shall notify the Customer through channel or any other means at its disposal not excluding in writing about the completion of the above. The Bank shall not be liable for any damage suffered by the Customer as a result of such change or suspension.

The Bank is entitled to restrict the Service for security reasons (security restriction) in the following instances:

The Bank shall notify the Customers of the start and end of the restriction on the Electronic Service, by simultaneously providing such information via the Service and displaying it in the Branches and on the website. The Bank shall not be held liable for any direct or indirect damage suffered by the Customer as a result of the security restriction.


14. Other provisions


These Terms and Conditions apply in conjunction with the Agreement on the Use of Digital Banking Service, and the Terms and Conditions of Intesa Sanpaolo Bank Albania. The Terms and Conditions are available at the Bank's branches and at www.intesasanpaolobank.al.


15. Privacy Policy


Intesa Sanpaolo Bank Albania, to better protect your bank account from the risk of fraud and/or identity theft, will analyze, anonymously, the data concerning your behavioral characteristics on the web and within the mobile banking App. This is done via third party provider (the “Third Party”) that provides behavioral authentication and malware detection solutions to combat cybercrime, subsequently improving customer safety and security. This solution allows the Bank to enable the detection of anomalies in online banking sessions for fraud detection and prevention purposes.

In order to perform the analysis of the data concerning your behavioral characteristics, the third party will produce a pseudoanonymised profile that helps to confirm the genuine user behind the online banking session. A combination of behavioral factors is used to create the pseudoanonymized profile, without relying on personal identifiable information (PII), including, for instance, a) cognitive traits such as eye-hand coordination, device interaction patterns; b) physiological factors such as left/right handedness, press-size, hand tremors, arm size and muscle usage and c) contextual factors such as transaction, navigation, device and network patterns, hereinafter indicated as the “Data”.

The Data are collected and processed by the Third Party for the purpose to protect the data subjects, during their online sessions, against cyber threats and fraudulent activity such as identity theft, fraud and malware.

The solution will be used in your interest as client; with the aim that you are not victims of fraud or to have someone else assume your identity.

Your Data is retained, for a period of time not exceeding that necessary to achieve the purposes for which it is processed, without prejudice to the retention terms required by law and/or in order to protect certain rights before the competent courts.

In particular, the Data collected by the Third Party, in order to create unique biometric profile, will be retained by this latter for the duration of the Customer’s relationship with the Bank and use of the Banks’s mobile app or online banking website as necessary to provide the Bank with the fraud prevention services.

To achieve the purpose indicated in the Section 1 above, the Bank shall communicate your Data to the Third Party in encrypted way using a hashed identifier, ensuring your security and confidentiality. The Data will only be used for the purposes of fraud prevention and will not be communicated to any other entities outside of the Third Party.