NEED THE DEFINITION FOR AN INDUSTRY TERM?
See the entry for American Banker’s Association (ABA).
ABA Transit Routing Number
A nine-digit identification number assigned to member financial institutions and banks by the American Banker’s Association (ABA). The number is used to identify the financial institution or bank associated with a customer’s bank account.
A business that has qualified to accept credit or debit cards as payment.
See the entry for Automated Clearing House Network.
The malicious practice by untrustworthy persons or fraudsters to use stolen bank account information to purchase merchandise, or by a legitimate account holder to purchase merchandise with the intention of returning it used or modified for refund. ACH fraud also occurs when account holders falsely dispute transactions they authorized.
See the entry for Automated Clearing House (ACH) Network.
ACH Transaction (or Entry)
A payment transaction to or from a Receiver (the customer) processed via the ACH Network. The participants in an ACH Transaction are (1) the Originator (the merchant), (2) the Third-Party Processor, (3) the Originating Depository Financial Institution (ODFI), (4) the ACH Network, (5) the Receiving Depository Financial Institution (RDFI), and (6) the Receiver. Also see Automated Clearing House (ACH) Network, Originator, Originating Depository Financial Institution, Receiver, and Receiving Depository Financial Institution, Third-Party Processor.
An acquirer is an organization licensed as a member of Visa / MasterCard as an affiliated bank or bank/processor alliance that is in the business of processing credit card transactions for businesses (acceptors) and is always acquiring new merchants.
The bank or financial institution that holds the merchant’s bank account that is used for collecting the proceeds for credit card processing.
ACQUIRING FINANCIAL INSTITUTION
An acquiring financial institution (or acquirer) contracts with the bank and merchants to enable credit card transactions. The acquirer deposits the daily credit card totals and debits the end-of-month processing fees from the merchants’ accounts.
The credit card processing entity with which an Acquirer partners in order to provide merchants with transaction clearing, settlement, billing and reporting services. Also see Processor.
ADDRESS VERIFICATION SERVICE (AVS)
The process of validating a cardholder’s given address against the issuer’s records, to determine accuracy and deter fraud. This service is provided as part of a credit card authorization for mail order/telephone order transactions. A code is returned with the authorization result that indicates the level of accuracy of the address match, securing the most favorable interchange rates.
Address Verification Status
A value that indicates the results of an Address Verification Service (AVS) comparison. A code and description are provided by the merchant’s processor. Also see Address Verification Service.
An adjustment is initiated by the acquirer to correct a processing error. The error could be a duplication of a transaction or the result of a cardholder dispute. The acquirer debits or credits the merchant DDA account for the dollar amount of the adjustment.
Advanced Fraud Detection Suite™ (AFDS)
The Advanced Fraud Detection Suite™ is a powerful, rules-based set of transaction filters and Internet Protocol (IP) address tools utilized by Authorize.Net designed to help online merchants identify, manage and prevent costly fraudulent transactions.
Advanced Integration Method (AIM)
The preferred method for connecting a merchant Web site to the Authorize.Net Payment Gateway. AIM allows merchants to customize their own payment form (the Web page that collects the customer’s payment information) and receipt page (the Web page that provides an e-mail summary of the transaction back to the customer), as well as submit transactions over an end-to-end Secure Sockets Layer (SSL) connection.
See the entry for Advanced Fraud Detection Suite™.
American Banker’s Association (ABA)
A national organization that represents American financial institutions, banks and other financial entities. Members are assigned an identification number, or ABA Transit Routing Number. Also see ABA Transit Routing Number.
See the entry for Application Program Interface.
Application Program Interface (API)
A computer communication protocol that facilitates the transfer of or access to information between two separate software or computer applications.
See the entry for Authorization.
See the entry for Automated Recurring Billing™
See the entry for Accounts Receivable Conversion.
Any entity formed to administer and promote credit cards. The two most popular associations are Visa and MasterCard.
AUDIO RESPONSE UNIT (ARU)
This is an electronic authorization and capture product where the merchant uses a touch-tone telephone to process transactions.
See the entry for Acceptable Use Guidelines.
A practice or procedure to verify the identity of an individual or organization. There are varying levels of authentication for accepting payments. Examples include checking a customer’s driver’s license when accepting payment at a retail location or validating a customer login and password at a merchant Web site. In respect to payment gateway account authorization, Authorize.Net employs a number of electronic practices and procedures to verify that merchants accessing the payment gateway are authorized to do so.
The process of verifying the credit card has sufficient funds (credit) available to cover the amount of the transaction. An authorization is obtained for every sale. An approval response in the form of a code is sent to a merchant’s POS equipment (usually a terminal) from a card issuing financial institution that verifies availability of credit or funds in the cardholder account to make the purchase. Also see Point-Of-Sale.
The transaction amount that is submitted to the card issuing bank for approval. This amount is reserved against the available balance of a customer’s credit card until the transaction is captured, a subsequent Void transaction is submitted, or the 30-day window for the authorization expires.
A credit card transaction request to authorize and capture, or settle, funds for a purchase. The payment gateway submits the request to the card issuing bank for authorization and upon approval, will automatically submit the transaction for settlement.
A code that a credit card issuing bank returns in an electronic message to the merchant’s POS equipment that indicates approval of the transaction. The code serves as proof of authorization.
A credit card transaction request to only authorize, or reserve, funds for a purchase. The payment gateway submits the request to the card issuing bank for authorization, but no further action is taken. Also called Auth-Only.
A transaction request submitted by a merchant to verify that funds are available on a customer’s credit card for a purchase. Further action by the merchant depends on whether the transaction request type is an Authorization Capture or an Authorization Only, and whether the transaction request is authorized by the card issuing bank. Also see “Authorization Capture” and “Authorization Only”.
An issuing financial institution’s electronic message reply to an authorization request, which may include (1) Approval (transaction was approved), (2) Decline (transaction was not approved), or (3) Call Center (response pending more information, merchant must call the toll-free authorization phone number).
AUTO CLOSE (A/C)
A terminal feature that allows an end-of-day batch closing to occur automatically at a specified time, without having to be initiated by the merchant.
Automated Clearing House (ACH)
A file with instructions for the exchange and settlement of electronic payments passed between financial institutions. It represents debits and credits to be deducted from an account automatically as they occur.
Automated Recurring Billing™ (ARB)
An Authorize.Net value-add solution that allows merchants to create a recurring billing schedule or “subscription” for the purchase of goods or services. The merchant enters transaction and customer billing information, specifies a billing amount and billing interval and ARB does the rest, automatically generating subsequent transactions for the duration of the subscription. For more information about ARB, please see http://www.authorize.net/arb.
The average dollar amount of a merchant’s typical sale. The average ticket amount is calculated by dividing the total sales volume by the total number of sales for the specified time period.
See the entry for Address Verification Service.
Back Office Conversion (BOC)
This eCheck.Net transaction type is a one-time charge transaction against a customer’s checking account. BOC allows merchants to collect a check written at a point of sale (checkout counter, manned bill payment location, service call location) and convert it to an ACH debit during back office processing. Payment authorization is obtained by posting required notices before accepting a customer’s check. For more information about eCheck.Net transaction types, see the eCheck.Net® Operating Procedures and User Guide.
Bank Account Number
The account number assigned by a bank to a checking or savings account holder. This information must be provided to a merchant by a customer in order to make an electronic check payment.
Bank Account Type
This indicates the type of bank account used for an electronic check transaction. For example: checking, business checking or savings.
A credit card issued by a Visa or MasterCard-sponsored financial institution. (American Express, Discover, Diners Club, JCB, etc., are issued directly from their respective operations, rather than through banks.)
Bank Card Association
A group of financial institutions or banks that have formed an association for issuing bank cards. Usually a bank card association will work together along with other payments entities to provide certain bank card offers.
Bank Identification Number
An identification number assigned by Visa to each of its member financial institutions, banks and processors.
Basis Point (BP)
Equivalent to .01 percent, or one hundredth of one percent, and is used as a measurement of fee rates. Rate changes are often expressed in basis points instead of hundredth percents, e.g., a fee rate increase of 1.95 percent to 2.00 percent is expressed as an increase of 5 basis points.
The accumulation of captured credit card transactions in the merchant’s terminal or POS awaiting settlement.
A Merchant Interface tool for uploading multiple transactions at once from a spreadsheet or proprietary business application.
See the entry for Back Office Conversion (BOC).
Brick and Mortar
A term used in the payments industry that refers to merchants that operate in storefront or physical locations. Also see Retail.
Refers to the electronic infrastructure that provides a high-speed, continuous connection to the Internet.
A facility at which a telephone order merchant operates. Consumers are able to place orders with representatives over the telephone.
The submission of an electronic credit card transaction for financial settlement. Authorized credit card sales must be captured and settled in order for a merchant to receive funds for those sales. Also see Settlement.
A credit card transaction request to capture funds that were previously authorized, but NOT via the payment gateway. For this type of transaction, the merchant will submit the authorization code that was previously received from the issuing bank through some other means than a payment gateway request, e.g., by telephone.
Credit card issuing entities such as Visa and MasterCard that govern and oversee the use of credit cards for payment transactions.
A Card Code is a three- or four-digit number that appears on the back of a credit card (on the front for American Express). This code may be used to validate customer information on file with the credit card association.
Card Code Status
This value is returned to the merchant by the processor. It indicates if the billing information provided by the customer matches the information on file at the credit card association for the cardholder associated with the credit card number and Card Code.
Any person who holds a payment card account (bankcard or otherwise). This is the person that uses a credit card to purchase goods and services.
A claim made by a cardholder that an unauthorized purchase or transaction was performed on their credit card.
CARD ISSUING BANK
An EFT Network Member-Bank that runs a credit card or debit card “purchasing service” for their account holders.
Card Not Present
Literally means that a cardholder’s credit card is not physically presented to a merchant at the time of the transaction. This term is used in the payments industry to distinguish e-commerce merchants, such as those that operate via Web sites or from mail order/telephone order locations, from “brick and mortar”, or retail merchants.
Literally means that a credit card is physically presented to a merchant by a cardholder at the time of the transaction. This term is used in the payments industry to distinguish “brick and mortar”, or retail merchants from those that operate from mail order/telephone order locations or via Web sites.
A hardware device that facilitates the reading and transmission of payment information stored in the magnetic stripe on a credit, debit or stored-value card. Also known as a “Magnetic Stripe Reader”.
A credit card transaction that is billed back to the merchant after the sale has been settled. Chargebacks are initiated by the card issuer on behalf of the cardholder. Typical cardholder disputes involve product delivery failure or product/service dissatisfaction. Cardholders are urged to try to obtain satisfaction from the merchant before disputing the bill with the credit card issuer.
Chargeback Reason Code
A code provided to the merchant by the card issuing bank that indicates the reason for the chargeback transaction.
Refers to the Check Truncation Act of the 21st Century, a Federal Reserve Bank law that allows merchants to submit customers’ check, or bank account information for payment electronically instead of processing or depositing paper checks.
A check protection service by which a merchant scans a check image and converts it into an electronic transaction, similar to a PIN-based debit, for which the merchant is paid immediately. Check conversion requires a check imager peripheral.
A check protection service by which a merchant guarantees he or she will receive payment for a check, even in the event of insufficient funds. Check guarantee requires a check reader peripheral.
A risk management process that verifies the trustworthiness of an electronic check transaction against an extensive high risk or bad check database.
See the entry for Visa Cardholder Information Security Program.
The exchange of transaction details between an acquirer and an issuer that facilitates the posting of a transaction to the cardholder’s account and reconciles it for settlement.
Card verification code 2 (CVC2) is MasterCard’s term for the 3-digit security code printed on the back of the credit card.
Card verification value. CVV is a 3-digit code printed on the back of a Visa card. It is an important security feature that protects Internet and phone transactions from fraud. CVV ensures that the credit card number is legitimate and that the card is in the possession of the purchaser.
Card verification value 2. CVV2 is a 3-digit code printed on the back of a Visa card. It is an important security feature that protects Internet and phone transactions from fraud. CVV2 ensures that the credit card number is legitimate and that the card is in the possession of the purchaser.
The process of sending the batch for settlement.
CODE 10 AUTHORIZATION
If you suspect a card is fraudulent at the time of the transaction, the merchant can call their voice authorization phone number and ask for a code 10. The voice operator will instruct the merchant on how to proceed.
Credit or charge cards issued to businesses to cover expenses such as travel and entertainment and procurement. Includes the multiple payment card brands of purchasing cards, business cards, corporate cards and multi-utility fleet cards. Visa and MasterCard now have special procedures for passing billing information back to the card-issuing bank so that it can be displayed on cardholder statements; this is a program for promoting the use of credit cards for business purchases by providing purchase tracking to business users. New regulations require that this billing information is passed back with the transactions; otherwise a higher pass through fee will be incurred.
Charge card designed for business-related expenses, such as travel and entertainment. Please see Commercial Card.
Nullification of an authorized transaction (sale) that has not been settled. If supported by the card issuer, a reversal will immediately “undo” an authorization and return it to the open-to-buy balance on a cardholder’s account. Some card issuers do not support reversals. Also called a refund or return.
Credit Card INTERCHANGE
See the entry for Interchange.
Credit Card Number
The account number assigned by a credit card association or card issuing bank to a cardholder. This information must be provided to a merchant by a customer in order to make a credit card payment.
A unique identification value assigned to a customer by a merchant, which may be associated with the invoicing or billing for a transaction.
Customer IP Address
Indicates the Internet Protocol (IP) address of a customer’s Web browser, or the IP address from which a transaction is submitted to the payment gateway.
The time of day that a merchant’s payment transactions are batched and electronically settled.
This is the merchant’s Demand Deposit Account, otherwise known as the merchant’s home town bank account.
Payment card whose funds are withdrawn directly from the cardholder’s checking account at the time of sale (online debit on a Debit Network) or after batch settlement (off-line debit on a Credit Card Network).
Transactions that are not approved by the card issuing bank are marked as declined. No further action may be taken for declined transactions.
Depository Financial Institution (DFI)
An Originating Depository Financial Institution (ODFI) or Receiving Depository Financial Institution (RDFI) (or in general terms, a bank) participating in the ACH Network.
See the entry for Depository Financial Institution (DFI).
An electronic file containing unique information that is used to verify the trustworthiness of an organization or individual. Digital Certificates are issued by a Certificate Authority, and are used with the Secure Sockets Layer (SSL) protocol. Also see “Digital Fingerprint,” and “Secure Sockets Layer (SSL)”.
Digital Fingerprint or Transaction Fingerprint
A value, also called a “hash,” generated by combining several input values and applying a highly complex mathematical function. Digital fingerprints are used to authenticate that electronic communications were sent and received via the Internet without being intercepted or modified during transmission. Authentication is performed by using the same input values and mathematical function to recreate the digital fingerprint. If the recreated fingerprint matches the fingerprint submitted with the communication, its authenticity is verified. Because of the complex nature of the mathematical function, the individual input values used to create the digital fingerprint cannot be determined through analysis of the fingerprint. Digital fingerprints used to authenticate the legitimacy of transactions submitted to Authorize.Net are transaction unique, so any slight alteration to transaction data during Internet transmission will result in failed authentication, and a failed transaction.
See the entry for Discount Rate.
The percentage of sales amounts that the bankcard acquirer or T&E card issuer charges the merchant for the settlement of the transactions.
An acronym for Derived Unique Key Per Transaction. DUKPT is an encryption technique for secure key-management that uses a unique key for each separate transaction to prevent the disclosure of any previously used key. DUKPT has been replaced by 3DES.
The rejection of a sales draft by Visa or MasterCard before a transaction processes through interchange, but after it has been paid by the acquirer.
Electronic Benefits Transfer (EBT)
A government-funded cash assistance program that distributes payments such as Food Stamps and Temporary Assistance for Needy Families (TANF) on cards that can be swiped and used with stand alone and POS terminals.
Electronic Cash Register (ECR)
A device used for cash sales. Can also be integrated to accept credit cards.
Describes a check or bank account payment that is submitted and/or processed electronically.
ELECTRONIC DATA CAPTURE (EDC)
Process of electronically authorizing, capturing and settling a credit card transaction.
Electronic Funds Transfer Act
The United States federal law that governs the use and administration of electronic funds transfer services.
Electronic Signatures in Global and National Commerce Act (E-SIGN)
A United States federal law that defines and governs the use of digital signatures and records in electronic commerce.
See the entry for Electronic Signatures in Global and National Commerce Act (E-SIGN).
The date on which the validity of a credit card expires. Transactions will only be approved for credit cards that are not yet expired.
FEDERAL RESERVE BANK (FRB)
The governing financial institution of the United States of America.
Private label credit cards designed mainly for repairs, maintenance and fueling of business vehicles.
Text printed at the bottom of a sales receipt. A merchant can customize the footer (i.e., Have a Nice Day, No Refunds, Thank You for Shopping With Us, etc.).
The malicious practice by untrustworthy and dishonest persons to use stolen personal information, credit card information, and/or compromised bank account information for personal gain; not limited to the purchase of merchandise, the submission of fraudulent transactions, or the abuse of a merchant’s purchase policies or e-commerce Web site to check the validity of stolen payment information.
Occurs when monetary proceeds from processing electronic transactions are deposited to the merchant’s bank account.
The value generated by applying a complex mathematical function to several input values. Also see Digital Fingerprint.
A manual device used to imprint embossed card information onto sales drafts for transaction records. An imprinter only captures card information; it cannot authorize a transaction. Imprinters are primarily used as a backup when the other processing equipment is unable to read data on the card’s magnetic stripe. For merchants without an electronic printer, an imprint is needed to prove a card was present if a customer disputes a key-entered transaction.
Independent Sales Organization (ISO)
An ISO is an Independent Sales Organization that represents a Bank or Bank/Processor alliance. The ISO has an agreement to sell the services of the Bank or Bank/Processor alliance, and is allowed to mark up the fees and sign up merchants.
The standardized electronic exchange of financial and non-financial data associated with sale and credit data between merchant acquirers and card issuers on various types of MasterCard and Visa transactions.
A fee paid by an acquirer to an issuer for transactions entered into interchange. The interchange fee is a percentage applied, according to Visa/MasterCard regulations, to the dollar value of each transaction. There are multiple categories of interchange, and Visa and MasterCard each have their own criteria for their own categories. A transaction must meet the specified criteria for a category in order for that category’s rate to be applied. Each transaction is evaluated individually; so various interchange rates may apply within one batch of merchant transactions.
Internet Protocol (IP)
A method of transmitting information and communications between computer systems and networks via the Internet.
Internet Service Provider (ISP)
Internet Service Providers (ISPs) are the Web Site Hosting companies that provide a home for merchant’s web sites.
A unique identification value assigned to a transaction by a merchant, which may be associated with order fulfillment and billing for a transaction.
See the entry for Issuing Bank.
Issuing Financial Institution
The bank or other financial institution that extends credit to a cardholder through bankcard accounts. The financial institution issues a credit card and bills the cardholder for purchases against the bankcard account. Also referred to as the cardholder’s financial institution. Simply put, the Issuer is a bank or other institution that issues a credit card or debit card to an individual.
A financial institution that issues credit cards to consumers on behalf of the card associations. Also known as Card Issuing Bank or “Issuer”.
Level 2 Data
Additional information that may be submitted with the minimum required information for a payment transaction. Examples include shipping and tax information.
Level 3 Data
Extensive information that may be submitted with the minimum required information and Level 2 Data for a payment transaction. Examples include product codes and other merchant-specific order information.
Level I Processing
Purchases made with personal credit cards issued from U.S. banks qualify as Level I transactions. This means that the only information the merchant must pass to process the transaction is the merchant’s name, transaction amount, and the date.
Level II Processing
Level II transactions normally involve corporate cards issued from a U.S. bank. Transactions that qualify for Level II processing cost the merchant less than Level I transactions. To qualify for Level II, a transaction must be passed with: merchant name, transaction amount, date, tax amount, customer code, merchant postal code, tax identification, merchant minority code, and merchant state code.
Level III Processing
Of the 3 different levels of credit card processing, Level III provides the lowest transaction processing rate. But, in order to qualify for the lowest rate, Level III transactions must be passed through the processing system with much more detailed transaction information that Level I or Level II transactions. Because so much information must be transmitted, not all terminals are equipped to process Level III transactions. Purchases that qualify as Level III transactions generally are made with government credit cards or corporate cards.
A strip of magnetic tape affixed to the back of credit cards containing identifying data, such as account number and cardholder name.
MAIL ORDER/TELEPHONE ORDER (MOTO)
Credit card transactions initiated via mail, email or telephone. Also known as card-not-present transactions.
A batch close that must be initiated by the merchant on a daily basis, as opposed to an auto close at a pre-set time.
The submission of payment information for a transaction by keying the customer’s payment information into a hardware terminal or Virtual Terminal. For example, any transaction that is not submitted by allowing an organization or business to “swipe”, or read, payment information from a magnetic stripe on a credit, debit or stored-value card; or transactions that take place by physically keying in payment information using a keypad. Additionally, for online merchants a manual transaction might be considered any transaction that is not entered at their e-commerce Web site by a customer.
A security program created by MasterCard® to provide identity authentication for cardholders and transaction protection for merchants. By registering for MasterCard® SecureCode™, merchants can minimize transaction risks while providing additional security for their MasterCard customers.
MasterCard® Site Data Protection (SDP) Program
A program created by MasterCard® stating its technology and sensitive data security requirements for merchants and merchant service providers. Compliance is required of its member institutions.
Customer of a processor/acquirer.
The contract between a merchant and an acquiring bank for providing card processing services.
Merchant Account Provider
A financial institution, or bank, that provides a financial account to a merchant for the purpose of collecting proceeds from consumer bank accounts or credit card payment transactions.
MERCHANT IDENTIFICATION NUMBER (MID)
This number is generated by a processor/acquirer and is specific to each individual merchant location. This number is used to identify the merchant during processing of daily transactions, rejects, adjustments, chargebacks, end-of-month processing fees, etc.
Merchant Service Provider (MSP)
A company or sales organization that provides transaction processing solutions to its merchant clients.
See the entry for Merchant Identification Number.
Minimum Monthly Fee
A flat monthly service fee charged by Authorize.Net in the event that a merchant’s transaction processing fees for the month do not exceed the flat monthly fee amount. For example, if the merchant’s Minimum Monthly Fee is $20.00, and the merchant’s transaction processing fees (i.e., per-transaction fees and discount fees) for the month total $17.50, the payment gateway will charge the merchant a Minimum Monthly Fee of $2.50 to make up the difference. If the merchant’s transaction processing fees for the month exceed $20.00, the fee is not charged.
See the entry for Mail Order/Telephone Order (MOTO).
See the entry for Merchant Service Provider.
See the entry for MX Merchant
MX MERCHANT (MXM)
A proprietary online interface that provides the merchant with account visibility, including but not limited to, reports, batches, search options, graphs, and account settings.
See the entry for “National Automated Clearing House Association (NACHA)”
National Automated Clearing House Association (NACHA)
NACHA is the national trade association that establishes the rules, standards, and procedures governing the exchange of ACH transactions between participating banks (Originating Depository Financial Institutions and Receiving Depository Financial Institutions).
Company and system used to authorize and capture credit card transactions.
See the entry for Notification of Change.
NON-QUALIFIED TRANSACTION FEES (NON-QUAL)
Bankcard sales transactions that do not meet set Visa/MasterCard criteria for that particular merchant and are processed at a higher interchange rate. An example of this is a merchant that is retail (card present) that processes a card-not-present transaction (or manually enters card data rather than swiping the magnetic stripe through the terminal). The merchant will pay the difference between what they should have paid on retail and what they actually qualified for by key entering the transaction. This difference is called non-qualified interchange fee.
Not Sufficient Funds (NSF)
A type of ACH return indicating that a customer’s bank account does not have sufficient funds to cover a specific electronic transaction.
Notification of Change
Notification to a merchant from a customer’s bank indicating that bank account information provided with a transaction was incorrect.
See the entry for Not Sufficient Funds (NSF).
See the entry for Originating Depository Financial Institution (ODFI).
A credit card interchange system that allows multiple card issuing financial institutions or banks to share a credit, debit or payment card brand.
Originating Depository Financial Institution (ODFI)
A term used when referring to the clearing of ACH transactions to describe the merchant’s bank. The merchant’s bank handles the submission of transactions received by the merchant to the ACH Network for clearing.
A term used when referring to the clearing of ACH transactions to describe the person or corporate entity that has received authorization from a customer to refund or charge their bank account.
A system of technologies and processes that allow merchants to electronically submit payment transactions to the payment processing networks (i.e., the Credit Card Interchange and the ACH Network). Payment gateways also provide merchants with transaction management, reporting, and billing services.
A software program that is designed to perform a specific function on a computer system. Examples would be accounting systems, manufacturing systems, order entry and fulfillment, ticketing, reservations, etc. The application is either purchased or built by the merchant, and must be interfaced with a credit card authorization system in order to provide on-line transaction processing.
A set of comprehensive requirements for enhancing data security. It was developed by an oversight board known as the PCI Security Standards Council whose founders include all of the major credit card associations.
See the entry for Personal Digital Assistant (PDA).
Personal Digital Assistant (PDA)
A pocket-sized electronic device, similar in function to a personal computer, for storing and managing electronic information. In relationship to a payment gateway, PDAs enabled with a wireless data service may be used by merchants to submit payment transactions.
Personal Identification Number (PIN)
A unique number that is issued to an individual or organization by a financial organization or related service—or other type of service provider—for the purpose of authenticating user identity and granting secure access to accounts or information.
See the entry for Personal Identification Number (PIN).
POINT OF SALE (POS)
A location where credit card transactions are performed with the cardholder present, such as a retail store. The card is read magnetically, and the cardholder’s signature is obtained as insurance against the transaction. This is the most secure form of credit card commerce.
Point of Sale (POS) Device
A piece of electronic equipment that is used by a merchant to submit credit card payment information to the processing network. Like terminals, these devices are connected to the credit card processing network via dial-up telephone connection or Broadband. POS devices also include Personal Digital Assistants (PDAs), Smartphones, and wireless electronic devices capable of transmitting credit card payment information via wireless Broadband connection.
Point of Sale (POS) Solutions Provider
A POS device, system or software manufacturer or distributor that provides POS products or services to Card Present (retail and mobile) merchants.
See the entry for Point of Sale (POS).
Equipment used to capture, transmit and store credit card transactions at the point of sale. Examples are VeriFone terminals.
See the entry for Prearranged Payment and Deposit Entry (PPD).
Prior Authorization Capture
A credit card transaction request to capture funds for a separate, previously authorized authorization-only transaction. With this type of transaction, the merchant will submit an authorization code that was received from the issuing bank at the time of the original authorization-only transaction.
PRIVATE LABEL CARDS
Credit, debit or stored-value cards that can be used only within a specific merchant’s store. Also referred to as proprietary cards.
processing network (vendor)
The medium of data transport between the merchant application and the processor. This company authorizes and captures credit card transactions. Some examples of processing networks are FDR, MAPP and Envoy.
A Processor is the company that actually routes an Authorization Request from a Point of Sale device (such as a VeriFone credit card terminal) to Visa or MasterCard and then arranges for Fund Settlement to the merchant. Such processors are traditionally accessed via direct dial out modems connecting to their system. Processors need to have a Sponsoring Bank to gain access to the Visa and MasterCard networks. When a Processor or other entity has made such an arrangement with a Sponsoring Bank to resell their services, they are called an Agent of that bank. Any entity that sells Visa or MasterCard must disclose themselves as an Agent of their Sponsoring Bank. Such sales entities may be a Processor, or an ISO/Agent of the Processor or Processor/Bank alliance. Many banks are also their own processors, while other banks will use a Third Party Processor to handle this processing for them (in their own brand name in some cases).
Charge cards used by businesses to cover purchasing expenses, such as raw materials or office supplies.
REAL TIME PRoCESSING
Real-Time Processing means that when a web site’s customer conducts an online purchase, that the check or credit card information is conveyed to the Processor at that exact time so that an authorization can be requested and received at that moment. Real-Time Processing always implies that a Secure Payment Gateway is being utilized, whether proprietary or third party. Please see Secure Payment Gateways and Real Versus Non-Real Time Processing.
A term used when referring to the clearing of ACH transactions to describe the person or corporate entity that has authorized a merchant to initiate a refund or charge transaction to their bank account.
Receiving Depository Financial Institution (RDFI)
A term used when referring to the clearing of ACH transactions to describe the customer’s bank. The RDFI receives a request from the ACH Network to provide funds for the customer’s transaction.
Recurring Billing Transaction
The submission of a transaction on a recurring or periodic basis, typically for an ongoing billing or subscription-based payment activities.
Reference Transaction ID
The transaction ID that links, or associates, a subsequent transaction to a separate, original transaction. In the case of refund transactions, a reference transaction ID must be entered to identify the original charge transaction against which the refund is being submitted.
A credit card transaction request to post funds from the merchant’s bank account back to the customer’s credit card account as a refund for a previous charge transaction. For this type of transaction, the merchant must submit the transaction ID of the original charge transaction against which the refund is being applied.
Part of the Reserve Requirements of the Depository Institutions Act as established by the Federal Reserve Board. Regulation D defines the types of deposits handled by financial institutions, or banks.
Part of the Electronic Funds Transfer Act as established by the Federal Reserve Board. Regulation E defines electronic funds transfers.
A Merchant Service Provider (MSP) or Independent Sales Organization (ISO) that acquires merchant customers for payment processing services.
One method that ACH Processor’s use to mitigate risk, is to require that merchants maintain a Reserve Account at the Processor’s Sponsoring Bank. This allows the Processor to issue a Hold on funds to this account when fraud has been detected or an excessively large number of returns is received. Merchants with good credit and history can usually meet the expectations of ACH Processors for covering returns and are not always required to keep a reserve account. In cases where a reserve is required, the minimum-reserve-balance in the account is set at about 20% of the anticipated processing volume. New merchants are usually allowed to build up their reserve by sending in transactions which are not withdrawn until the minimum reserve balance is achieved; after that, the merchant is allowed to withdraw the excess funds for transfer to their home town bank.
A code provided to the merchant by the card issuing bank that indicates the results of a transaction request; and if declined, the reason why the transaction was rejected.
The business of selling merchandise or services to consumers. Authorize.Net uses this term to refer to merchants that operate in a storefront or physical location and accept Card Present payments—meaning that payment is physically presented to the merchant, and credit cards are “swiped” into a card reading device. Also called “Brick and Mortar”.
Return or Returned Item
A transaction that could not be completely processed for reasons such as NSF, invalid account number, account closed or other rejection reason(s) provided by the customer’s bank. A chargeback is a type of return. Also see “Chargeback.”
A reversed chargeback or refund transaction. This occurs when the merchant produces sufficient proof that disputes a chargeback or the customer rescinds the chargeback. Also see “Chargeback.”
SALES DRAFT TICKET
A form showing an obligation on the cardholder’s part to pay money (i.e., the sales amount) to the card issuer. This is the piece of paper that is signed when making the purchase. Sales draft data can be captured electronically and sent to be processed over the phone lines. Also see Electronic Data Capture.
SECURE PAYMENT GATEWAY
Secure Payment Gateway companies help other Processors conduct secure business on the internet using Secure Socket Layer (SSL) technology. They provide a system that passes credit card data, authorization requests, and authorization responses over the Internet using encryption technology. The transaction information is sent by the Payment Gateway secure server via leased line to the credit card network where the validity of the card is checked and the availability of funds on that account is verified. An authorization code is returned via leased line to the Payment Gateway; the authorization is encrypted by the Payment Gateway and transmitted in encrypted form to the web server of the merchant, which triggers fulfillment of the order. Rather than try and create their own Secure Web System, many Banks and Bank/Processor alliances will use a Secure Payment Gateway Provider to perform this task for them.
SECURE PAYMENT SOFTWARE/SOFTWARE MODULE/PAYMENT MODULE
In order to conduct secure business on the web, the Secure Gateway Provider runs a Secure Host System, and sells/licenses software modules that allow Shopping Carts and other applications to request and receive Credit Card Authorizations via their system using encrypted communications, (this is called Real Time Authorization). The other features of this licensed software are the functions provided to merchants online when they connect to the Secure Payment Gateway host; merchant can access their own account information, use a “Virtual Terminal” to conduct transactions, handle administrative tasks, etc. These features all “live” on the provider’s Host computer system.
Secure Socket Layer (SSL)
A security feature that keeps Internet communications private and ensures they have not been forged or tampered with.
Server Integration Method (SIM)
An Authorize.Net Payment Gateway Web site connection method that allows merchants to post transactions directly to the payment gateway’s secure server and requires transaction-unique encryption for transaction authentication. SIM provides merchants with a host payment form (the Web page that collects the customer’s payment information) and a host receipt page (the Web page that reports a summary of the transaction back to the customer).
The process of sending a merchant’s batch to the network for processing and payment. For non-bankcards, the issuer pays the merchant directly (less applicable fees) and then bills the cardholder. For bankcards, the acquirer pays the merchant (less applicable fees) with funds from Visa/MasterCard. The bankcard issuer then bills the cardholder for the amount of the sale. Also see Capture.
The transaction amount sent to the credit card processor or the ACH Network for settlement. This is the amount that will be posted as a charge or refund against the specified method of payment, and for credit card transactions, may be less than or equal to the amount originally authorized for the transaction.
A software application needed for e-commerce and online transaction processing. Shopping cart software collects the items a cardholder selects for purchase, maintains a running total, and may calculate taxes and shipping.
SHOPPING CART SOFTWARE
These applications typically provide a means of capturing a client’s Credit Card information, but they rely on the Software Module of the Secure Gateway Provider, in conjunction with the Secure Payment Gateway, to conduct secure Credit Card transactions online. Any given shopping cart can work with any given Secure Gateway Provider, the only requirement being that some computer code be written or provided to communicate with the Secure Gateway of choice, and that this code be integrated into the Shopping Cart Application.
SHOPPING CART SOFTWARE PROVIDERS
Shopping Cart Software Providers are software companies that either produce, utilize or resell Shopping Cart Applications (programs) that display merchandise and/or services, and take orders for merchants.
A credit-type card that electronically stores account information in the card itself.
A cell phone enabled with wireless data service that may be used by merchants to submit payment transactions.
A POS Terminal Application or PC or Internet Application that runs transactions and associated administration.
A Sponsoring Bank is a Chartered Bank or S & L that has obtained membership in Visa or MasterCard to allow a Processor access to the Visa and MasterCard networks (to process these types of transactions). Since only a Bank may join Visa or MasterCard, many Processors make deals with a Sponsoring Bank to gain access to the Visa and MasterCard networks. Because these Sponsoring agreements are a partnership, the line between the Sponsoring Banks and their Processors is not always clear; sometimes the partnership is referred to by the name of the bank, while other times they are referred to by the name of the Processor.
See the entry for “Secure Sockets Layer (SSL).”
A payment card, similar to a debit card, attached to a limited monetary value, held either in an account by a card issuer, or in an electronic chip embedded within the card. Gift credit cards are a type of stored-value card.
T & E CARDS
Credit or charge card used by businesses for travel and entertainment expenses. Examples of these cards are American Express, Diners Club, Carte Blanche and JCB. Also see Corporate Cards.
Equipment used to capture, transmit and store credit card transactions.
TERMINAL IDENTIFICATION NUMBER (TID)
A unique number assigned to each POS terminal or device.
Programming that determines the characteristics and features of the terminal.
A Third Party Processor is an independent processor that is contracted with by a Bank or Processor to conduct some part of the transaction processing process. Some of these Third Party Processors specialize in running and hosting networks of Point Of Sale (POS) terminals connected to their Host via dial out modem; they produce the software in the POS terminals as well as in their host, and route authorization requests to Visa or MasterCard as needed (MAPP, MDI, FDR, for example). Other Third Party Processors specialize in the Settlement of credit card transactions with Visa and MasterCard so that merchants can be paid (FDR for example). In the world of Internet Credit Card Processing, the Secure Payment Gateway Provider is another type of Third Party Processor.
An organization or business not directly associated or involved with transaction processing, or necessary for the exchange of a transaction between two parties, but that provides merchants with business enhancing services.
A hardware or software manufacturer or distributor that provides transaction-enhancing products or processing solutions to merchants.
See the entry for “Terminal Identification Number (TID).”
Refers to the payment information that is stored in the magnetic stripe of a credit, debit or stored-value card. Also known as Magnetic Stripe Data.
The exchange of information, goods or services in which all participating parties benefit. Specifically, the exchange of a consumer’s payment or payment information for merchandise or services provided by an organization or business.
Transaction ID (Trans ID)
A unique identification value assigned to each transaction processed through the payment gateway. This ID may be used to search for or sort transactions.
A randomly-generated value issued to Authorize.Net merchants for the purpose of authenticating transaction requests to the payment gateway.
The type of credit card transaction taking place. For charge transactions, a consumer is allowing a merchant to collect payment for merchandise or services rendered. However, in the case of a refund transaction, a merchant is returning funds to the consumer for a previous charge transaction. For more information about credit card transaction types, see also “Authorization Only,” “Authorization Capture,” “Capture Only,” “Prior Authorization Capture,” “Refund,” and “Void.”
The process of evaluating a service applicant’s financial history and credit trustworthiness to determine whether to grant a service account. In some cases, underwriting may also determine an applicant’s financial obligations, such as services pricing.
VALUE ADDED RESELLER (VAR)
Third-party vendor that enhances or modifies existing hardware or software, adding value to the services provided by the processor or acquirer.
A product or service that enhances a merchant’s business practices or transaction management.
See the entry for “Value-Add Reseller (VAR).”
Verified by Visa
A security program created by Visa to provide identity authentication for cardholders and transaction protection for merchants. By registering for Verified by Visa, merchants can minimize the risk of chargebacks and returns while providing additional security for their Visa customers.
A secure, easy-to-use web-based solution that allows merchants to submit transactions using their computer with an internet browser.
Visa Cardholder Information Security Program (CISP)
A program created by Visa stating its technology and sensitive data security requirements for merchants and merchant service providers. Compliance is required of its member institutions.
Transactions of this type are used to cancel original charge transactions that have not yet been submitted for batch settlement. To cancel a transaction that has already settled, a refund must be submitted.
An organization or business that provides the technology and infrastructure for hosting business or consumer Web sites and services.
Wireless Data Service
A wireless service that allows merchants to transmit transaction information via their cell phone or other enabled wireless device, such as a terminal.
A highly secure encryption system that encrypts data three times, using three 64-bit keys, for an overall encryption key length of 192 bits. Also called triple DES.