The purpose of this novelty is to facilitate the identification of people who have the Pix key. “This feature makes it possible for institutions to check whether a phone or email that is in the customer’s cell phone agenda is Pix keys, with the intention of making it easier and safer for the payer to choose the Pix recipient”, says Ivo Mósca, coordinator of the Subcommittee on Instant Payments and spokesperson for the Febraban Security Group (Brazilian Federation of Banks).
In addition, this functionality is intended to minimize possible errors involving data for transfers.
“This novelty avoids typing errors and speeds up payment, since it is possible to verify that a certain Pix key is already registered”, comments Breno Lobo, head of the sub unit responsible for managing Pix at the Central Bank.
The system is simple: the institution’s application that the user is logged in will collect the phone or email information from their contact list, and send this list to the Central Bank. The return of this query will reveal which of the data sent is a Pix key or not. Thereafter, the transaction proceeds in the same way as it has been done since the beginning of Pix’s operation, which came into force at the end of 2020.
The tool will be available to the payment service provider (financial and payment institutions) that adheres to the functionality, and the customer will need to make an update in the bank’s own application to have access. After that, the financial institution may or may not create a widget (a shortcut that facilitates access to the tool on the cell phone).
The functionality is optional and users can request the deletion of their Pix key, if they wish. The interconnection with the agenda will occur when the customer registers the key, and agrees with the consent form. If the user does not want this data to be shared, it is better to choose another key, such as the random key (a sequence of numbers generated by the system).
“The integration of the contact list of the customer’s mobile phone with Pix is not a mandatory feature of the instant payment system. Its offer to the user is recommended by the Central Bank to provide a better experience for customers, but it will be an individual decision of each institution. participant “, emphasizes Ivo Mósca.
The novelty will also allow greater security for the user. “The contact list is made up of people you know, so the option becomes safer because you reduce the chances of payment being mistaken,” says Emilio Simoni, director of dfndr lab, PSafe’s cybersecurity lab.
In any case, the PSafe specialist asks for attention to customers who adopt the tool. “It is possible for scammers to find some way to be registered in your contact list to explain a possible vulnerability. Therefore, we always indicate that the person confirm all the data of who will receive the money, to avoid problems”, adds Emilio Simoni.
Another important point is that only the cell phone and email will enter this functionality, the other keys and data will not be shown.
“No other information, such as, for example, the account data linked to this key, will be exposed in this consultation. There will only be the return of which cell numbers or email are Pix keys”, highlights Mósca.
Another novelty that will also start operating in April is that end users will be able to request changes to the information, such as full name, business name and title of the establishment, without the need to delete and re-register the key. This will facilitate, for example, people who changed their name after the wedding or companies that changed the name of the establishment.
In addition, the regulation now prevents institutions from setting limits on the number of Pix transactions, whether sending or receiving.
This prohibition, according to the Central Bank, is necessary to guarantee a level playing field between different payment instruments.
Contact list integrated with payments – How does it work?
– Launched at the end of 2020 by the Central Bank, Pix is a system of bank transactions made on the spot
– It allows payments and money transfers 24 hours a day, seven days a week
– From April 1st, Pix users will be able to integrate their cell phone contact lists into the new payment method
– This feature makes it possible for institutions to check if a phone or email that is in the customer’s phone book is a Pix key
Customer can choose
– The new modality is optional, that is, banks and other institutions that offer Pix may or may not provide this ease of integration of contacts to their customers.
– Probably, for those who choose the new way of organizing payment contacts, an update of the application of your financial institution will be necessary.
– The option to link cell phone contacts to Pix is recommended by the Central Bank, but the final word is from the consumer
– The integration of contacts will facilitate the identification of who has registered their cell number as a Pix key
– With the new tool, the customer will know if that phone or email that is in the calendar of his cell phone is a valid key
– The intention is to make it easier and safer to choose who pays and who receives by Pix
– In addition, it avoids typing errors and speeds up the payment, since it is no longer necessary to include all the data to discover that the key will not work
Consent is required
– The way in which each financial institution will make this consultation available is free and optional
– The Central Bank’s only determination in relation to the user experience with the new functionality is that the customer will have to give their consent to access the cell phone’s contact list
– The integration of contacts is already quite common in several applications that we currently use How it works
– The logged-in bank application will collect phone or email information from your contact list, after consenting
– The institution will send this list to the Central Bank and the return of the consultation will reveal which of the data sent is a Pix key or not.
– From there, the transaction proceeds in the same way as it was done since the beginning of Pix’s operation, but with the direct shortcut in the contact list of the cell phone.
Attention: No other information, such as, for example, account data linked to this key, will be exposed in this query, there will only be the return of which cell numbers or email are Pix key. Data integration does not pose a risk, but it does not replace the need to confirm the data of the user who registered the phone or email as a Pix key. Always be aware before finalizing a transaction: it is necessary to check if that key belongs to who you really are. wants to send a Pix, carefully checking all the data of who will receive the money, such as name and CPF or CNPJ. When registering the cell phone or email as a Pix key, the user will have to consent to the permission for other users to know about the existence of the registered key. If the customer wants, he can request the deletion of the information from the institution. One of the factors that lessens the risks is that the user’s contact list is made up of known people.
Another novelty that will also come into operation in April is that users can, in the event of a name change, request changes to information such as full name, business name and title of the establishment, without the need to delete or re-register the key. It will also be allowed that the end user who is the holder can request the linking of his name to the Pix key.
Sources: Ivo Mósca, coordinator of the instant payments subcommittee and spokesman for the Febraban Security group (Brazilian Federation of Banks); Breno Lobo, head of the subunit responsible for managing Pix at the Central Bank; and Emilio Simoni, director of the dfndr lab, PSafe’s cybersecurity laboratory.
Sony Music officializes purchase of Som Livre, Marília Mendonça record label
BB’s chairman resigns from his post and attacks Bolsonaro’s interference
Get the latest news delivered to your inbox
Follow us on social media networks