Glossary of Payment Processing Industry Terms
This glossary provides definitions for many of the terms used in the payments industry.
3-D Secure - a technical standard developed by Visa and MasterCard to provide additional security to card-not-present transactions. Includes the Verified by VISA (VbV) and SecureCode by MasterCard programs.
Account number - a unique sequence of numbers assigned to a cardholder account that identifies the issuer and type of financial transaction card.
Acquirer - a licensed member that screens and accepts merchants into its bankcard program, processes transactions and completes financial settlement for the merchant.
Aggregation Account - payment services available to merchants whereby the payment services provider uses its own merchant account to pool transactions of smaller merchants who are unable to obtain their own merchant account.
Authorization - approval from the financial institution that issued the cardholder's card. It allows merchants to accept the transaction for the authorization amount.
Authorization Code - typically a six digit alpha-numeric code returned by the issuer that is used to identify the approval of the authorization request.
Authorization Request Fee - the fee that is charged each time a transaction is sent to the cardholder's issuing bank for authorization. The fee applies whether or not the request is approved.
Authorization Response - the response received when an authorization is performed which provides guidance to the merchant on how to proceed with the transaction. Responses include "Approved", "Do Not Honor", "Insufficient Funds", etc.
Automatic Clearing House (ACH) - a nationwide electronic funds transfer network which enables participating financial institutions to distribute electronic credit and debit entries to bank accounts and to settle such entries.
Address Verification Service (AVS) - automated address checking performed at the time of authorization; verifies a cardholder's billing address.
Bankcard - a payment card issued by a bank or other financial institution.
Bank Identification Number (BIN) - six digit number assigned by the card associations that can be used to identify the issuing and acquiring banks.
Batch Processing - process by which transactions are grouped together and submitted for processing. Used for non-critical, non-real time situations.
Batch Settlement - a collection of credit card transactions saved for submitting at one time, usually each day.
Cancellation Code - the code that a lodging or car rental merchant gives to a cardholder. The cancellation code confirms that the cardholder did, indeed, cancel a reservation.
Capture - the submission of a credit card transaction for processing and settlement.
Card Acceptor Business Code - this code is used to categorize the type of business the merchant is engaged in. Also known as the Merchant Category Code (MCC).
Cardholder - the consumer to whom a card has been issued or the individual authorized to use the card.
Chargeback - a chargeback is a return of funds back to the cardholder. A charge back occurs when a cardholder disputes a credit card transaction with his or her credit card issuer and files a complaint seeking financial recovery. See also "Retrieval Request."
CID - the name of the card security program used by American Express and Discover. For American Express, the Card Identification code is the 4 digit embossed number above the account number on the front of the card. For Discover, the Card ID is the 3 digit number located on the back of the card on or above the signature line.
Clearing - the process of exchanging financial transaction details between an acquirer and an issuer to facilitate posting of a cardholder's account and reconciliation of a customer's settlement position.
CNP (Card Not Present) Transactions - credit or debit card transactions that take place over the phone or online.
Cobranded Card - a credit card issued jointly by a member bank and a commercial company or a merchant, bearing the brand of both.
Code 10 Authorization - this is a voice authorization request that a merchant may initiate when suspicious activity is present during a card-present transaction.
Corporate Card - a bankcard issued to companies for use by company employees. The liability for abuse of the card typically rests with the company and not with the employee.
Credit Card - a plastic card bearing an account number assigned to a cardholder with a credit limit that can be used to purchase goods and services and to obtain cash disbursements on credit, for which a cardholder is subsequently billed by an issuer for repayment of the credit extended at once or on an installment basis.
Credit Card Processors - merchant services providers that handle the details of processing credit card transactions between merchants, issuing banks, and merchant account providers.
Currency Conversion - the process by which the transaction currency is converted into the currency of settlement or the currency of the issuer for the purpose of facilitating transaction authorization, clearing and settlement reporting. The currency of transaction is determined by the acquirer; the currency of the issuer is the preferred currency used by the issuer, and most often, the currency in which the cardholder will be billed.
CVC (Card Validation Code) - the three digit security code used as a security feature for MasterCard cards. The code is the 3 digit number located on the back of the card at the end of or above the signature panel.
CVV2 (Card Verification Value) - the three digit security code used as a security feature for Visa cards. The code is the 3 digit number located on the back of the card at the end of or above the signature panel.
Debit Card - a plastic card used to initiate a debit transaction. In general, these transactions are used primarily to purchase goods and services and to obtain cash, for which the cardholder's asset account is debited by the issuer.
DES - Data Encryption Standard. A commonly-used standard method for encrypting and decrypting data; developed by the U.S. National Institute of Standards & Technology. Encryption is critical, with valuable and sensitive information being sent from one computer to another via a network that, technically, can be accessed by anybody. DES provides a degree of security should the information fall into the wrong hands.
Device Fingerprint – is a tool that can be used to help detect fraudulent transactions. A unique identifier (also known as Device ID, device fingerprint) is created at the time a transaction is submitted in real time by the consumer. Data sent by the browser including operating system, TCP/IP packets and other device information are used to establish the unique identity and assess the transaction's risk in real time.
Discount Rate - the percentage rate that a merchant will pay for accepting and processing credit and debit card transactions. The discount rate comprises a number of dues, fees, assessments, network charges and mark-ups and includes interchange fees.
Draft / Sales Draft - a record used to document that a good or service was purchased.
Electronic Commerce Indicator (ECI) - a flag that identifies the transaction as an e-commerce transaction.
Electronic Draft Capture (EDC) - a system in which the transaction data is captured at the merchant location for processing and storage.
Electronic Funds Transfer (EFT) - a paperless transfer of funds initiated from a terminal, computer, telephone instrument, or magnetic tape.
E-wallet - an alternative payment method, an e-wallet is a consumer account set up to allow e-commerce transactions through a particular payment provider. Before the consumer can make a purchase, he or she must first establish a secured account with the provider, who provides the consumer with an ID and password. The transaction is facilitated between consumer and merchant without exposing any financial details to the merchant.
Factoring - the purchase of debts owed, or accounts receivable, in exchange for immediate payment at a discount. The term is often applied to ISOs that offer to process credit card transactions through their own merchant account rather than through an account belonging to the merchant, in exchange for a percentage of the transaction fee and often in violation of credit card regulations.
Financial Institution - any organization that provides financial services to merchants or individuals; includes banks, credit card banks, savings and loan associations and credit unions.
Floor Limit - a specific dollar limit used to determine which transactions must obtain an authorization. For example, if a merchant has a floor limit $1,000, any transaction over $1,000 will require an authorization.
Fraud Prevention - see also "Risk Management"
Fraud Control - see also "Risk Management"
Fraud Scrubbing - see "Risk Management"
Holdback - see "Reserves"
Interchange Fee - the fee that is charged to complete the credit/debit card transaction; it is the fee that the acquiring bank pays an issuing bank to get funds into the merchant's bank account and to post the transaction onto the cardholder's statement at their issuing bank.
IP Address Geolocation - a fraud detection tool. Geolocation technology is used to help identify a cardholder's geographical location (country, region, city, ISP and other information) based on cardholder's address.
IPSP - Internet Payment Service Provider. An IPSP is an online entity that enters into a contract with an Acquirer (Merchant Bank) to shoulder financial responsibility and liability for "high risk" merchant accounts, by which registered sponsored merchants (Web site owners) are allowed to process and settle Internet transactions.
ISO (Independent Service Organization) - a firm or organization that offers to process online credit card transactions, usually in exchange for transaction fees or a percentage of sales.
Issuer - the member that enters into a contractual agreement with the card association to issue payment cards.
Issuing Bank - a financial institutions including banks, credit unions, and savings & loan associations that provide a credit line to a consumer through a payment card.
Magnetic Stripe - the magnetically encoded stripe on the bankcard plastic that contains information pertinent to the cardholder account. The physical and magnetic characteristics of the magnetic stripe are specified in ISO Standards 7810, 7811, and 7813.
Magnetic Stripe Reader - a device that reads information recorded on the magnetic stripe of a card.
Mail Order/Telephone Order (MOTO) - a transaction initiated by mail or telephone to be debited or credited to a bankcard account.
Manual Review - the process of manually reviewing CNP transactions prior to authorization or sales capture. Merchants can use the manual review process to screen for fraudulent transactions by quickly reviewing the details of the online sales order. Depending on the volume, it may not be feasible to review each transaction, so only those orders that appear fraudulent are often escalated for manual review.
MasterCard SecureCode - a MasterCard program supporting cardholder authentication and guaranteed payments over the Internet for MasterCard and Maestro transactions.
Member - an institution that participates in the programs offered by the various card associations.
Merchant - a retailer, or any other person, firm, or corporation that (pursuant to a merchant agreement) agrees to accept credit cards, debit cards, or both, when properly presented.
Merchant Account - a specialized bank approved and issued account to process credit card transactions.
Merchant Agreement - a written agreement between a merchant and an acquirer containing their respective rights and performance obligations with respect to card acceptance.
Merchant Bank - a bank that has entered into an agreement with a merchant to accept deposits generated by bankcard transactions; also called the acquirer or acquiring bank.
Merchant Category Code (MCC) - see Card Acceptor Business Code
Merchant Identification Number - a unique number assigned by the acquirer to identify the merchant.
Micro Payment - a financial transaction involving a very small sum of money.
Monthly Minimum Fee - the fee imposed to ensure that merchants pay a minimum amount each month to cover costs. If a merchant's qualified fees do not equal or exceed the monthly minimum they will be charged up to the monthly minimum to satisfy their minimum fee requirements.
MOTO - industry acronym for "Mail Order / Telephone Order" transactions.
Negative Data – typically describes data that has been flagged as related to fraudulent and therefore no longer allowed to make purchase (i.e. blocked credit card numbers).
Payment Gateway - a service that authorizes payments for merchants and provides an entry point into the card association networks. It is the equivalent of a physical point-of-sale terminal located in stores. The payment gateway facilitates the transfer of information between a payment portal (website or IVR service) and the acquiring bank.
PCI DSS - industry data standards which were created by the Security Standards Council as a set of rules that merchants must adhere to in order to reduce fraud. The goals of the PCI DSS include protecting cardholder data, maintaining a secured network and implementing strong access control policies.
Personal Identification Number (PIN) - a four-to-twelve character secret code that allows an issuer to positively authenticate the cardholder for the purpose of approving an ATM or terminal transaction occurring at a point-of-interaction device.
Point of Sale (POS) System - an electronic system that accepts financial data at or near a retail selling location and transmits that data to a computer or authorization network for reporting activity, authorization, and transaction logging.
Positive Data – typically describes data that has been flagged as related to known good/repeat customers and is therefore allowed greater spending privileges (i.e. whitelist of shipping addresses).
Prepaid Card - a card that stores value and is used instead of cash to pay for a single service, such as pay telephones or public transportation. It cannot be reloaded and is a throw-away (or collector) card.
Purchase - a financial transaction, if approved, in which funds are debited from an issuer and credited to an acquirer in payment for goods or services.
Receipt - a hardcopy document representing a transaction that took place at the point of sale, with a description that usually includes; date, merchant name/location, primary account number, amount and reference number.
Recurring Fees - regular, usually monthly, charges for maintaining a merchant account. Recurring fees include the discount rate, transaction fees, statement fee, and monthly minimum.
Recurring Payments - payments by an issuer to an acquirer on behalf of a cardholder who authorizes a merchant to bill the cardholder's account on a recurring basis (such as monthly or quarterly). The amount of each payment may be the same or may fluctuate.
Refund - opposite of a purchase transaction, namely, the cardholder returns goods to the merchant and is credited for their value. Positive interchange and merchant service charge are reversed.
Reserves - a portion of the revenue from a merchant's account that is held in reserve by the merchant account provider to protect themselves from financial losses. This includes losses from chargebacks, chargeback fees, excessive refunds, and other expenses. After a predetermined time, holdbacks are turned over to the merchant.
Retrieval Request - a request by the issuer to the acquirer for a copy of the sales draft used to authorize the transaction. The retrieval request is typically generated during cardholder disputes, point-of-sale errors, and for fraud inquiries.
Risk Management - a comprehensive suite of tools and procedures used by merchants and financial institutions to mitigate financial fraud risk by detecting and managing potentially fraudulent transactions activity. These programs can include real-time detection of potential fraud (proactive) to stop financial losses on transactions before the transaction has been captured for settlement and exception control systems (reactive) that trap suspect orders prior to shipment. Prevention measures include rules-based risk management, utilizing 3rd party systems to help identify fraudulent transactions and screen for abnormal transaction behavior, scoring systems, as well as manually reviewing transactions.
Secure Sockets Layer (SSL) - a security standard that many merchants use to keep their Web sites secure, and to protect the safety, privacy, and reliability of payment data traveling over the Internet. SSL encrypts the channel between browser and Web server so that only the intended parties can read certain data, such as payment or customer information.
Security Code - the 3 or 4 digit numeric code that is printed on the front or back of the card and is used for security purposes. The security code helps validate that the cardholder placing the online order has the card in his/her possession, and that the credit/debit card account is legitimate. See "CID," "CVC" and "CVV."
Settlement - the process used to exchange funds between members for the transaction(s) cleared during the processing day.
Setup Fees - fees charged for establishing a merchant account, including application fees, software licensing fees, and equipment purchases.
Stored Value Cards - represents money on deposit with the issuer, and is similar to a debit card. One major difference between stored value cards and debit cards is that debit cards are usually issued in the name of individual account holders, while stored value cards are usually anonymous.
Third-Party Processing - processing of transactions by parties acting under contract to issuers or acquirers.
TMF - Terminated Merchant File.
Transaction - action between a cardholder and a merchant or a cardholder and a member that results in activity on the cardholder account.
Transaction Fee - a charge for each credit card transaction, collected by the merchant account provider or ISO. Transaction fees can vary.
Verified by Visa - Visa's online security program that enables consumers to add their own password to their existing Visa card. Consumers enjoy added confidence, knowing that their personal information is safe when they buy online.
Void - ability to cancel a transaction that has been recorded for settlement but has not yet been settled.