Terminology & Glossary
| Full Name | Acronym | What is it? | Examples/Used for: |
|---|---|---|---|
| 3 Domain Server | 3DS | An online payment security protocol used by credit card networks like Visa (Verified by Visa), Mastercard (Mastercard SecureCode), and others. It adds an authentication step (like a one-time password or biometric verification) to ensure that the transaction is being made by the authorized cardholder | A fraud prevention measure added to online transactions. |
| Account Authentication Value | AAV | A cryptographic value used in online payment transactions. | It serves as proof that the cardholder authentication process has been successfully completed and helps ensure the security and integrity of the transaction. |
| Account Updater | A service that automatically updates stored card details when a card is renewed or replaced. | Prevents payment disruptions in subscription services or recurring payments. | |
| Acquiring Bank | A bank or financial institution that processes card payments on behalf of a merchant. | Works with payment processors to authorize and settle transactions for merchants. | |
| Application Identifier | AID | A unique identifier used to determine the application on a chip card that will process a transaction. | Selecting the right app on EMV cards for transactions (e.g., Visa Credit vs. Visa Debit). |
| Application Programming Interface | API | Collection of requests that facilitate real-time automated or system-to-system communication between a source and destination platform. For payment cards, a fully functional API supports monetary (eg. load, reload, unload, withdraw) and non-monetary (eg. suspend, activate) transactions. APIs are a protocol or file format that facilitate exchange of data between two systems | Submitting data to create and / or to retrieve previously submitted data |
| Authorisation Hold | A temporary hold placed on a cardholder's funds during transaction authorisation. | Commonly used by hotels, gas stations, and car rentals to reserve funds until the final charge is processed. | |
| Automated Clearing House | ACH | ACH is a US based electronic fund transfer to send credits and debits from one account to another. ACH files are also used to reject payments returning funds back to the originating source. It is also the mechanism to return funds to the originating source where it cannot be applied ie closed account, load limits have been exceeded | Processing of Debits, Credits and managing funds within the US banking system |
| Anti-Money Laundering | AML | Anti-money laundering (AML) refers to the activities financial institutions perform to achieve compliance with legal requirements to actively monitor for and report suspicious activities. | Enables a regulated entity to identify potential illegal activities from tax evasion to drug trafficking and public corruption |
| Authorisation | The process through which a payment system verifies and approves a transaction made using a credit card, debit card, or similar payment method. | Amongst other checks this process ensures that the cardholder has sufficient funds or credit available, and it helps protect against fraud | |
| Authorisation Code | A numeric or alphanumeric code returned by the card issuer after an authorisation request, verifying that a purchase has been authorised (approved) . | ||
| Bank Identification Number | BIN | The first "6-digit" or "8-digit" of the Primary Account Number used by the card issuer to identify their institution. | See also Issuer Identification Number |
| Behaviour | A Behaviour is a set of Criteria and their associated Actions that define, control, limit or trigger various operations/functions against an activity initiated by a card or account. | ||
| Cardholder | The individual to whom the card is issued or who is authorised to use an issued card. | ||
| Card Not Present | CNP | A transaction where the physical card is not present, requiring alternative verification. | Online, phone, or mail-order purchases. |
| Card Verification Value | CVV2/CVC2 | The card verification value is the 3-digit security code that is printed on the back of physical card or alternatively it can be allocated and communicated via other channels for virtual cards. | These numbers provide extra security against unauthorised use during card not present transactions. If merchants input the Card Verification Value as part of authorising an MOTO transaction, the card issuer will respond that there is a match or no match with what the have on file for this card. |
| Chargeback | A transaction returned by an issuing bank to an acquiring bank. | A transaction may be returned because it was non-compliant with association rules and regulations or because it was disputed by the cardholder. | |
| Close-Loop | This means the Card and associated funds can only used/spent at an agreed set/group of specific merchants. Usually outside the Mastercard/Visa/Other networks | ||
| Common Vulnerabilities and Exposures | CVE | A catalog and classification of publicly known cybersecurity vulnerabilities | |
| Credit (refund) | A transaction where the merchants sends money to the cardholder's account, usually because the cardholder has returned the merchandise. | Credit (refund) transactions appear on the cardholder transaction history as a credit to their balance and available to spend. | |
| Digital Wallet/Wallet | A software-based system that securely stores tokenised versions of users payment information and passwords. | Apple Pay, Google Pay, Samsung Pay. | |
| Dynamic Currency Conversion | DCC | A service that allows international cardholders to pay in their home currency instead of the local currency. | Offers convenience but may impact exchange rates or fees. |
| Encryption | The scrambling of sensitive information for security purpose. | For example PIN numbers are encrypted prior to transmission to prevent unauthorised access to the true value. | |
| Fraud Monitoring | Systems or services that analyze transactions in real-time to detect potentially fraudulent activity. | Identifying suspicious activity like unusual spending patterns or transactions from unexpected locations. | |
| Gateway | A gateway provides an interface between different entities/services in the payments value chain . | ||
| Interchange Fee | The predetermined amount that the merchant bank pays the issuing bank for a transaction. | Visa and Mastercard set Interchange fees based on a variety of categories such as card types, industry types, and processing environment. | |
| Issuer Identification Number | IIN | The first 6 to 8 digits of the PAN that identify the card issuer. | Helps Networks route transactions to the correct issuing bank/processor. See also Bank Identification Number. |
| Issuing Bank | A financial institution that issues payment cards to consumers and businesses. | ||
| Mastercard | An association of financial institutions set up to both issue cards to consumers and businesses and accept cards for payment of goods and services by businesses and to facilitate the flow of authorisation and settlement messages and subsequent clearing of funds | ||
| Merchant Category Code | MCC | This is a 4-digit number that all major credit/debit card companies assign to classes of business e.g. Fast Food, Airlines etc | |
| Merchant Identification Number | MID | A unique identifier assigned to a merchant by their acquirer. | Used to track transactions and identify merchants during processing. |
| Mutual Transport Layer Security | mTLS | a security protocol that extends the standard TLS (Transport Layer Security) by adding mutual authentication, where both the client and the server authenticate each other to ensure secure communication. | |
| Near Field Communication | NFC | Short-range wireless technology used for contactless payments. | Enables tap-to-pay at terminals and mobile wallet usage. |
| On-Us Transaction | A transaction where the acquirer and issuer are the same institution. | Reduces processing time and costs, as no external network is involved. | |
| Payment Network | A system that facilitates communication between merchants, acquirers, issuers, and card networks. | Visa, Mastercard, American Express, and Discover. | |
| Personal Identification Number | PIN | The secret code that cardholder uses to identify themselves during a financial transaction usually at a POS or ATM | |
| Primary Account Number | PAN | The account number is given to a cardholder's card account. The PAN is typically printed or embossed on the cardholder's physical card. | |
| Private Label Card | A Private Label Card and associated funds can only used/spent at an agreed set/group of specific merchants. Usually in a Closed-Loop scenario | ||
| Reconciliation | The process of ensuring transaction records align with bank records. | Used by businesses to verify sales, deposits, and fees. | |
| Retrieval Request | A request made by the card issuer to the acquirer for a copy of transaction details. | Often a precursor to a chargeback when a cardholder disputes a transaction. | |
| Settlement | The process of funds transfer between merchants, processors, acquiring financial institutions, and issuing financial institutions during which each party sends or receives funds to settlecleared transactions | ||
| Soft Decline | A temporary decline where the card issuer advises retrying the transaction. | Can occur due to insufficient funds, incorrect CVV, or temporary technical issues. | |
| Strong Customer Authentication | SCA | A regulatory requirement that adds multi-factor authentication to online payments. | Required in the EU under PSD2 to reduce fraud in online transactions. |
| Terminal Identification Number | TID | An identifying number assigned to a merchant POS, APTm, Ecomm device that has captured details of a card and initiated an authorisation transaction . | |
| Three-Factor Authentication | 3FA | A security process that uses three distinct authentication factors to verify identity. | Common factors include something you know (password), something you have (card), and something you are (biometric). |
| Token | A unique, non-sensitive identifier that replaces the PAN during some payments | Used in mobile wallets (Apple Pay, Google Pay) and online transactions to protect card data from exposure. | |
| Tokenisation | The process of replacing sensitive data, such as a card number, with a unique, non-sensitive identifier called a "token." Tokens are used in place of actual PANs, reducing the risk of fraud. | Used in mobile wallets (Apple Pay, Google Pay) and online transactions to protect card data from exposure. | |
| Virtual Card Number | VCN | A tokenised card number linked to the primary account for secure online transactions. | Protects the real PAN from exposure during online purchases. |
| Visa | An association of financial institutions set up to both issue cards to consumers and businesses and accept cards for payment of goods and services by businesses and to facilitate the flow of authorisation and settlement messages and subsequent clearing of funds |
Updated 2 days ago