Professional Documents
Culture Documents
3
3
3
Please carefully read this Agreement before agreeing to use the Interac
verification service (the “Service”). The Service allows you to authorize Identity
& Data Providers to provide certain User Information about you to Relying Parties
chosen by you. This Agreement is between you and 2859824 ONTARIO LIMITED
(“Interac”, “us”, "we” or “our”), a subsidiary of Interac Corp.
By clicking “Agree”,
• you are agreeing to be bound by this Agreement; and
• you are confirming either that you have reached the age of majority in the
province in which you reside or that you are a minor and your parent or legal
guardian has had an opportunity to review this Agreement and has consented to your
use of the Service.
This Agreement takes effect on the date that you click “Agree”.
If you do not agree to this Agreement, click “Cancel” and you may not use the
Service.
DEFINITIONS:
• “Agreement” means these Interac verification service Terms and Conditions and the
Interac verification service Privacy Notice, which is incorporated into this
Agreement, as may be amended by Interac from time to time upon notice to you in
accordance with section 12.
• “Credentials” means the credentials that you use for authentication purposes to
access services at your Financial Institution or which are otherwise required by
your Financial Institution to access the Service, such as username, password, card
number, biometric identifiers (including fingerprints, voice patterns and facial
recognition), one-time passcode or other information.
• “Electronic Access Device” means a cell phone, smart phone, mobile device,
desktop or personal computer, tablet or other electronic device that you may use to
access the Service.
• “Financial Institution” or “FI” means the financial institution in Canada with
which you have a current banking relationship that has agreed to be an Identity &
Data Provider and that you have chosen to act as your first Identity & Data
Provider.
• “Identity & Data Provider” (which may sometimes be referred to as a ‘connection’)
means an eligible organization in Canada that participates in the Service and that
generates or holds User Information, including a financial institution, credit
bureau, telecommunications provider, government departments and agencies and other
eligible third parties.
• “Modification” has the meaning set out in section 4.
• “Personal Information” means information about an identifiable individual,
including: name, email address, mobile or home phone number(s), mailing address,
date of birth and certain of your account, profile or other information.
• “Privacy Notice” means the privacy notice located at
https://www.interac.ca/en/verification-service/terms-and-conditions-and-privacy-
notice/#privacy-notice or any successor URL.
• “Released Parties” means Interac, your Financial Institution and all other
Identity & Data Providers and Relying Parties that participate in the Service, and,
as applicable, their respective affiliates, subsidiaries, divisions, suppliers and
service providers, and all of their respective directors, officers, employees and
agents, and “Released Party” means any one of them.
• “Relying Party” means an eligible organization in Canada that participates in the
Service and that asks you to provide User Information through the Service to
facilitate its interactions with you, for example, to help verify your identity or
eligibility for Third Party Offerings. When adding a new Identity & Data Provider
as a connection, you may be asked to share User Information with that new Identity
& Data Provider; for the purposes of that sharing transaction, that Identity & Data
Provider will be deemed to be a Relying Party.
• “Third Party Offerings” has the meaning set out in section 7.
• “Third Party Terms” has the meaning set out in section 7.
• “User Information” means all Personal Information and other information about
you, that is generated or held by Identity & Data Providers and that is available
to be shared through the Service.
• “you” or “your” means the person who wishes to use the Service, and whose
Credentials have been used to register for the Service.
SERVICE CLAUSES:
1. THE SERVICE
The Service is provided and operated by Interac. Interac will not charge you a fee
to use the Service.
In order to register to use the Service, you will be required to select a financial
institution with which you have an online banking relationship to create your
Interac verification service account.
During your initial registration to use the Service and prior to each use of the
Service, your Financial Institution will authenticate you using your Credentials.
The use of your Credentials to authenticate you is subject to and governed by the
terms of your agreement with your Financial Institution.
This Financial Institution will then, for the purposes of the Service, become your
first Identity & Data Provider. The Personal Information your Financial Institution
has about you and which may be shown as part of the registration process will be
your initial User Information for the Service. If any of your displayed initial
User Information is incorrect, you must discontinue the registration process and
contact your Financial Institution to update your information. After updating your
information, you may attempt to register for the Service again.
After registration, (1) you will have an opportunity to add additional Identity &
Data Providers as connections, and (2) additional User Information from your
Identity & Data Providers, including your Financial Institution, may be added to
your Interac verification service account.
The Service allows you to authorize your selected Identity & Data Providers to
share certain of your User Information with a Relying Party to facilitate your
interactions with the Relying Party (or if that Relying Party is another Identity &
Data Provider, to facilitate its addition as a connection and enable your future
sharing transactions). No User Information will be shared without your
authorization, except to the extent such User Information may be shared with your
mobile telecommunications provider or its authorized agent for the purposes of (1)
verifying your mobile number associated with your Electronic Access Device, if any,
or (2) completing certain security assessments associated with your Electronic
Access Device.
Except (1) in connection with a specific transaction where you expressly agree, (2)
where the identity of the Identity & Data Provider or Relying Party is evident due
to the nature of the transaction, the User Information that you agree to share or
the then current participants in the Service, (3) as required by law, or (4) if an
investigation is required (for example, as a result of an actual (or suspected)
unauthorized transaction):
• an Identity & Data Provider will not know which Relying Party receives your User
Information, and
• a Relying Party will not know which Identity & Data Provider(s) provide your User
Information.
Certain aspects of the Service may differ depending on whether you use the Interac
verification service mobile app or the Interac verification service web
application. Certain features or functionality may also be limited or not
available in the web application. For example, your list of connections and
activity log will not be accessible via the web application.
If you subsequently use the Interac verification service mobile app after
registering for or using the Service via the web application, your profile
information, including any of your connections and activity log, will be accessible
to you in the Interac verification service mobile app.
If you register for or use the Service using the Interac verification service
mobile app, and subsequently try to use the web application, you will be redirected
to the mobile app and will not be able to complete transactions using the web
application.
2. YOUR RESPONSIBILITY FOR USE OF YOUR ELECTRONIC ACCESS DEVICE, YOUR CREDENTIALS
AND THE ACCURACY OF YOUR USER INFORMATION
Your obligation to protect your Electronic Access Device, your Credentials, and the
other information that you use to access and use your Electronic Access Device may
be governed by your agreement with your Financial Institution. You will not be able
to access the Service if your Financial Institution suspends or revokes your
Credentials. If you suspect unauthorized use of your Credentials to access the
Service, you should immediately notify your Financial Institution. Once the Service
has been accessed using your Credentials, you are responsible for any instruction
or consent given regarding your User Information, including any sharing transaction
where your User Information has been provided to a Relying Party or another
Identity & Data Provider. You must close the browser session of the Interac
verification service web application upon completion of an Interac verification
service transaction.
You will have an opportunity to review certain of your User Information maintained
by the applicable Identity & Data Provider(s) that the Relying Party has requested
be shared before you agree to share information with that Relying Party. You are
responsible for ensuring that any such User Information is accurate and up to date.
You are also responsible for ensuring the accuracy of your User Information in the
systems of the applicable Identity & Data Provider(s) before you share it. If any
User Information is inaccurate, you agree to notify the Identity & Data Provider
that maintains such User Information before you agree to share that User
Information through the Service. In addition, you agree that you will not knowingly
use the Service to share any inaccurate User Information.
3. PERSONAL INFORMATION
When you agree to share User Information from your Identity & Data Provider(s) with
a Relying Party through the Service, you are providing express consent to share all
Personal Information that is included in such User Information. Although your User
Information was originally collected by or on behalf of your Identity & Data
Provider(s) under their respective terms and privacy policies, when you authorize
your User Information to be shared with a Relying Party through the Service, you
consent to the handling of all User Information shared through the Service
(including all Personal Information) in accordance with this Agreement, including,
for greater certainty, the Privacy Notice.
For more information about the collection, use and disclosure of your Personal
Information as part of the Service, please see the Privacy Notice.
Once your User Information has been sent to a Relying Party through the Service
with your consent (other than to another Identity & Data Provider for the purposes
of adding them as a connection), it is handled in accordance with the Relying
Party’s privacy policy, its agreements with you, and all applicable laws.
When you share your User Information with a Relying Party that is another Identity
& Data Provider for the purposes of adding them as a connection, that Identity &
Data Provider is only entitled to use and handle that User Information for the
purposes of attempting to match that information with information about you in its
or its service provider’s systems or records to facilitate their addition as a
connection and for no other purpose. Subject to this agreed limited use, your User
Information is collected, used, disclosed and retained by the Identity & Data
Provider in accordance with its privacy policy, any agreements it has with you and
all applicable laws.
Neither Interac, nor any Identity & Data Provider is responsible or liable for any
use or disclosure by any Relying Party of User Information provided to that Relying
Party through the Service.
Your access to and use of any Third Party Offering, is governed by the terms and
conditions respecting such Third Party Offering found on or through the applicable
website, application or elsewhere (“Third Party Terms”). This Agreement does not
change any Third Party Terms. You are solely responsible for fulfilling any
commitments you make to the third party making the Third Party Offering available
to you.
9. Limitation of Liability
If you are a consumer within the meaning of applicable provincial or territorial
consumer protection legislation, this section does not limit any legal rights that
such legislation does not allow you as a consumer to waive. In particular, the
limitation of Interac’s liability for the consequences of its acts will not apply
if (1) the Consumer Protection Act (Quebec) applies to this Agreement, and (2) you
are a consumer within the meaning of that Act and you reside or are domiciled in
the Province of Quebec. The liability of each Released Party will be limited to the
fullest extent permitted by applicable law.
Interac is not charging you for the Service based, in part, on the allocation of
liability between you and each Released Party as set out in this section.
No Released Party will be responsible for lost profits, revenues, business or data;
loss of privacy; damage to reputation; indirect, incidental, special,
consequential, exemplary or punitive or other similar damages; or, to the extent
permitted by law, direct losses or damages; in each case, relating to, arising out
of, or in any way in connection with this Agreement or your use of or inability to
use the Service, regardless of the cause of action (for example, contract, tort or
otherwise), even if any Released Party has been advised of the possibility of such
damages.
This Agreement sets forth the entire liability of the Released Parties and your
exclusive remedy with respect to the Service and its use.
GENERAL CLAUSES:
10. Assignment
You may not assign this Agreement. We may assign this Agreement to any successor
provider of the Service by providing notice to you.
If you do not agree to an amendment, you must close your Interac verification
service account as contemplated in section 5. You may not amend this Agreement.
Termination
You may terminate this Agreement at any time for any reason by closing your Interac
verification service account as contemplated in section 5.
This Agreement will terminate immediately without notice from us if you fail to
comply with any provision of this Agreement, if we permanently terminate the
Service or your participation in the Service or if your Interac verification
service account is permanently closed for any reason.
Upon the termination of this Agreement, you will no longer be able to access the
Service.
15. Survival
Sections 2, 3, 5, 6, 8, 9, 10, 11, 13, 14 and this section 15, and such other
provisions that by their nature should survive termination will survive the
termination of this Agreement for any reason.
REGISTRATION
The Service registration process requires you to select the financial institution
in Canada that is participating in the Service (“Financial Institution” or “FI”)
that you have an active and existing business relationship with to create your
Interac verification service profile, which will form the basis of your Canadian
Interac verification service account (the “Interac® verification service”). This FI
will become your first Identity & Data Provider.
As part of the registration process, and prior to each use of the Service, your FI
will authenticate you using your existing banking credentials that you use for
authentication purposes to access services at your FI or which are otherwise
required by your FI to access the Service, such as username, password, card number,
biometric identifiers (including fingerprints, voice patterns and facial
recognition), one-time passcode or other information (collectively, “Credentials”).
Once you are initially authenticated by your FI, your FI will create and store an
individualized Interac verification service account identifier for you which is
distinct from your Credentials and will register this identifier with the Service.
Following your successful authentication using your Credentials during the
registration process, your selected FI will provide a summary of your User
Information available for you to share with Relying Parties. If any of your User
Information displayed during registration is incorrect, you must discontinue the
registration process and contact your FI to update your User Information in its
files, to the extent required.
GENERAL
Interac may, but is not obligated to, monitor the Service in an effort to identify
unauthorized use and to protect users and Service participants (namely, FIs and
other Identity & Data Providers and Relying Parties).
Activity Data collected or generated by the Service also includes information about
activities that occur with your Interac verification service account, including,
for example, your registration with the Service, successful and failed logins from
your electronic access device (as defined below), information about your electronic
access device, such as its model, operating system, device ID and MAC address,
connections established with new Identity & Data Providers, and consents to share
your User Information. (For the purposes of this Privacy Notice, “electronic access
device” includes your cell phone, smart phone, mobile device, desktop or personal
computer, tablet or other electronic device that you may use to access the
Service.) Certain details about these activities are stored and viewable in your
Interac verification service mobile application activity log (which is not viewable
in the web application). This activity log does not contain your Credentials or any
of your User Information that you have agreed to have an Identity & Data Provider
send to a Relying Party through the Service.
MOBILE PHONE NUMBER COLLECTION AND USE BY RELYING PARTY IN RELATION TO THE Interac®
verification service
A Relying Party may collect and use your mobile phone number to send you a link
(via text message) to engage with the Service. The mobile phone number that you
provide for this purpose is collected by the Relying Party (not by Interac) and is
subject to the Relying Party’s privacy policy and any other agreement it may have
with you.
User Information that is made available on your electronic access device for your
review before you consent to having it shared with a Relying Party by the
applicable Identity & Data Provider(s) is maintained within the Identity & Data
Provider’s systems and is not stored locally on your electronic access device.
Other information that we generate or collect in order to provide the Service, such
as account identifiers and other Activity Data, is only retained for as long as
necessary to administer the Service.
Activity Data is stored by the Service for legal, regulatory, suspected fraudulent
activity investigations and dispute resolution purposes in accordance with our
record retention rules.
Personal Information that is stored by the Service is maintained on our servers, or
those of our service providers, and is accessible only by our authorized employees,
representatives and service providers who require access in connection with their
responsibilities.
Notifications
Depending on the FI you select to associate your Interac verification service
account with, you may receive notifications of some of your Service activities from
your FI, such as registration completion and on authentication events occurring
within your Interac verification service account. These notifications are intended
to provide you with information on Service usage so that you may act upon
notifications that you do not recognize as yours. None of the Relying Parties or
Identity & Data Providers that participate in the Service are permitted to send you
unprompted emails or text messages asking for personal details through the Service.