Your cards in the wallet

With wunderbon, we have created a platform that is characterized above all by its connections with other networks. Our top mission is to “build bridges” and bring together other platforms and alliances. For you as a user, it should be possible in the near future to receive your digital receipt and other digital added value from any store, anywhere – without any intervention – whether here in Germany or in Bora-Bora. We are working intensively on partnerships to create the largest stationary retailer and bonus network association. For you, this means the greatest possible comfort and a great user experience.

We offer you the possibility to register your different cards and loyalty cards or bonus cards in the wunderbon app, so that your merchants can send you a digital receipt in the wunderbon app. For example, if you shop at a retailer who provides you with their own customer card (bonus card, loyalty card, etc.) or one from a network, they can easily find you on wunderbon using this and reach you that way – the only prerequisite is that you have securely added the corresponding customer card to the wunderbon app beforehand. To find out how this works, what you need to do and how we guarantee the security of your data, read on.

Supported networks

We are constantly implementing new networks and currently we support the following networks:

wunderbon (native)
Bank-, Giro-, Maestro®-, Credit-Card (PAN ISO/IEC 7812)

This list is updated at irregular intervals (current status 04.03.2022).
See the developer documentation for more details about the supported networks.

Add your card in the app

Within the wunderbon app under “My Identifiers” you can add or remove your cards at any time. The recording is done optically, with the help of your smartphone camera. After capture, the captured card is validated on your smartphone. This is to protect integrity, prevent fraud (capturing stolen credit card data from the Internet or similar), ensure that cards are as easy to add as possible, and avoid incorrect entries.

After the pure capture, a checksum of your card data is calculated on your smartphone and only this calculated checksum is transmitted to us. This checksum can be safely assigned to your wunderbon account and at the same time it is not possible to recover your card data from it. Your readable card data never leaves your device at any time! Again, we’ve put special emphasis on your security and privacy and found a safe and efficient way for everyone.

Purchasing usage

When you shop at one of our partners, you have the option to receive your digital receipt without using the wunderbon app. For this, however, the partner must support one of the partner networks mentioned further above. The following chart will visually bring the use in purchasing a little closer:

The diagram shows tokenization when using a card from a connected network. — **Tokenization** when using a card from a connected network

Security of your card data

Your data is safe with us, just like in a bank. We store only part of the data on the card, so no payment can be made with the part we use. Furthermore, we convert the data so securely that it is virtually impossible to reverse this conversion.

Privacy and data protection

When using your loyalty cards and bonus program cards, as well as your bank cards, you automatically waive the benefits of the wunderbon Privacy Relay. Whenever you use one of the aforementioned cards, for example, to participate in a merchant’s bonus program, or whenever you make a non-cash payment by card at a merchant, you always leave a “digital fingerprint,” even today. We cannot influence this or the Privacy Relay cannot play out its advantage here, since it is not the wunderbon QR code (WAN) that is used, but a feature of another network that is beyond our technical control.

Even though merchants today only receive your card data (unless you also participate in personal rewards programs – in which case this data can often be analyzed together and purchases attributed to you), it is always the same. These are so-called static characteristics or attributes, e.g. of your credit card. There it always comes to the use of the so-called PAN (Primary Account Number), the validity date, as well as the security code (CVV and the like). Due to the data that only changes when the card is exchanged (e.g. validity date), a merchant already has the possibility to allocate purchases pseudonymously.

We cannot technically change these previously mentioned facts. However, this does not mean that this then initiated connection is not just as secure and end-to-end encrypted as usual. It simply means that you are not completely anonymous in this process, but appear pseudonymized. If you are interested in the difference between anonymized and pseudonymized, you can find more information here.

Cookie	Duration	Description
__gads	13 months	Some cookies help Google display advertisements on third-party websites. These cookies are set in the domain of the website you visit. For example, "_gads" cookies allow websites to display advertising from Google, including personalized advertising.
__hssrc	session	Whenever the HubSpot software changes the session cookie, this cookie is also set. This determines whether the visitor has restarted the browser. If this cookie is not present when HubSpot manages cookies, it is considered a new session. It contains the value "1" if present.
__hstc	13 months	These are non-essential cookies that are controlled by the cookie banner. If you are a visitor to a HubSpot-supported website, you can opt out of these cookies by not providing consent. The main visitor tracking cookie. It contains the domain, the user token (utk), the first timestamp (of the first visit), the last timestamp (of the last visit), the current timestamp (for this visit), and the session count (increases with each subsequent session).
_fbp	3 months	Facebook Ads / Ads. Facebook does not provide a description of the cookie.
_ga	24 months	This cookie is used to collect information about how you use our site. We use the information to generate reports and improve the site. The cookie collects information in a way that does not directly identify you. This information includes, for example, the number of visitors to our site, where visitors came to our site from, and which sub-pages they visited.
_gcl_au	13 months	Google Adsense cookie to store and track conversions. Used by Google AdSense to adjust advertising efficiency on the websites that use our services. This is the first-party cookie for the "Conversion Linker" feature. It takes information in ad clicks and stores it in a first-party cookie so that conversions can be attributed outside the landing page.
_gid	session	Contains a randomly generated user ID. This ID allows Google Analytics to recognize returning users on this website and merge data from previous visits.
hubspotutk	13 months	This cookie tracks the identity of a visitor. This cookie is passed to HubSpot software when a form is submitted and is used when de-duplicating contacts. It contains an opaque GUID to represent the current visitor.
sib_cuid	12 months	Collects information about your navigation and preferences on our site. This is used to send potential newsletters based on this information.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	11 months	The cookie is used to store the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is used to store the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	The cookie is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Others".
cookielawinfo-checkbox-performance	11 months	The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	12 months	This Cookie stores the state of whether the Cookie notice was shown.
wp-wpml_current_language	session	This Cookie stores the current detected or chosen language preference of the user visiting the website.