ACH Fraud- The malicious practice by fraudsters to use stolen bank account information for the purchase of merchandise, or by a legitimate account holder to purchase merchandise with the intention of returning it used or modified for refund. ACH fraud also occurs when account holders falsely dispute transactions they authorized. Chargeback or Return fraud occurs with paper and electronic checks.
Acquirer, Acquiring Bank- A financial institution that is a member of Visa and/or MasterCard and maintains the merchant credit card processing relationship. The acquirer receives all transactions from the merchant to be distributed to the issuing banks.
API- Advanced Programming Interface - APIs allow users to program to a pre-constructed interface, instead of individually programming a device or piece of software.
Approval Response- An affirmative reply following a transaction authorization request.
Authorization- The process of checking the cardholder's account for sufficient funds available in order to approve a transaction. In case of a positive authorization, the cardholder's credit limit at the time of the request is reduced and the funds are set aside until settlement.
Authorization Approval Code- The numerical code designated by the issuer, assigned to a sales transaction as verification that the sale is authorized.
Authorization Only (Auth Only)- Used to reserve an amount against a credit card's available credit limit for intended purchases. Authorization Only is most frequently used in the lodging (check-in), restaurant (tab) and car rental (pick-up) industries, where an approval is received for an estimated amount prior to the finalization of the charge amount.
Authorization Request-A merchant's request for an authorization to accept a cardholder's sales transaction. An authorization request can occur electronically via a credit card processing terminal or via telephone as a voice authorization.
Auto Representment-Automatically sending information to resolve a chargeback on a merchant's behalf without the need for merchant intervention.
-An arrangement between a merchant and his customer to allow automatic charges for a service to an agreed-upon credit or debit account.
Automatic Bill Payment
-Address Verification Service - a fraud protection tool created by Visa and MasterCard. Credit card issuers can verify the customer's billing address against the card processor's existing records. AVS returns a result code that indicates the address match. If the match is not 100%, there may be a reason to expect fraud. It is up to the merchant's discretion as to whether to ship the goods, contact the purchaser, or deny the potentially fraudulent purchase request.
Balance Sheet-A financial statement that lists assets, liabilities and net worth as of a specific date.
Batch Processing- The authorization of transactions offline when immediate approval is not required. A number of transactions are collected in a file and sent as one transmission for processing.
BIN-Bank Identification Number - a unique series of numbers assigned by Visa/MasterCard to a member institution, which identifies that institution in transaction processing. The BIN comprises the first six digits of a standard credit card number.
BIN IP- Anti-fraud method of comparing bank origin, location of used PC and location of end-user at time of online purchase.
Capture-Receiving and storing transaction data at the processor's host computer, to be submitted later for processing and payment.
Card-Not-Present Transaction- A transaction which occurs when the cardholder is not present, or the physical card is not present. Examples include mail orders, telephone orders, and Internet sales. These types of transactions are considered higher risk transactions.
Card Present- A type of transaction in which the card is present and is swiped through an electronic device that reads the contents of the magnetic stripe on the back of the card.
- The person or company to whom a payment card is issued, owning an active credit card account that can be used to perform transactions.
Cardholder Account Number- A sequence of numbers assigned specifically to a cardholder account that also identifies the issuer and type of payment card. The cardholder account number is the embossed number imprinted on the payment card.
Cash Advance- A transaction in which a cardholder obtains cash in person at the branch of a member financial institution or ATM. This is the only method of receiving cash from a credit card that is approved by the bankcard associations.
Callbacks- Tool used to notify merchants about retrievals and chargebacks at critical stage where fraud can still be prevented.
Chargeback Fee- The amount assessed by the acquirer for processing chargebacks.
Chargeback Reason Code- A numerical code which identifies the specific reason for a chargeback. MasterCard and Visa each have their own chargeback codes.
Check Guarantee- A service that guarantees check payment to a merchant up to a specified amount. However, merchants are required to perform correct authorization procedures.
CID- Card Identification Number/Card Identifier - An American Express and Discover verification process that utilizes a non-embossed three- or four-digit number printed when authorizing credit card transactions where the physical card is not present.
On American Express cards, the CID is a four-digit code printed on the front of the card. On Discover cards, the CID is a three-digit code printed next to the card number in the signature panel.
Close- Sending a merchant's completed transactions to the host for processing.
Compliance- Compliance to the Visa and MasterCard regulatory bylaws.
Also, a method of resolving a dispute between members if no chargeback reason code applies. The challenging member must prove financial loss due to a violation of MasterCard or Visa rules by the other member.
Consumer Profiling- A process which creates a thorough database consisting of consumer shopping behaviours, motivations, and product/service preferences. The information is gathered from online and offline transactions.
Counterfeit Card- A plastic card which has been fraudulently printed, embossed or encoded to appear to be a genuine bankcard, but which has not been issued by a Visa or MasterCard member. It could also be a card which was originally issued by a member, but was subsequently altered without the issuer's knowledge or consent.
Credit- See refund.
Credit Card- A plastic card with a credit limit used to purchase goods and services and to obtain cash advances on credit. The cardholder is then billed by the issuer for repayment of the credit extended.
-The merchant's business history of paying back loans is tracked. The credit rating determines future loans of the merchant.
- A form stating a refund or price adjustment will be credited to a cardholder account. Also referred to as a credit voucher or credit draft.
Credit Line-The cardholder's credit limit, meaning the maximum amount he can borrow when using his card.
Cryptography- The process of encoding and decoding data so that it cannot be accessed or read by without authorization. It is also known as encrypted decryption.
CVC2- Card Validation Code - MasterCard term for the three-digit code printed next to the card number in the signature panel and used as part of the authorization process. Also see CVV2.
CVV2- Card Verification Value 2 - the three-digits on the back of a Visa (or the four-digits on the front of the American Express card) that provide a cryptographic check of information on the card. This number ensures the validity of the card.
Cyberfraud- The ordering of goods from stolen or contrived credit card numbers. The most frequent form of cyberfraud is online credit card fraud.
Data Encryption- The scrambling of data so only the intended users can read and understand the encrypted information.
DDA- Demand Deposit Account - a checking account.
Decryption- Decoding or unscrambling data so it cannot be accessed or read after having been encrypted.
Debit Card- A bankcard used to purchase goods and services and to obtain cash, which debits the cardholder's personal checking account. During online debit transactions, the cardholder must enter a PIN.
Debit Memo- See chargeback.
Decline- A response from the card issuer denying the use of the card for the attempted transaction. If a request for approval is declined, the merchant must ask the cardholder for another form of payment.
Digital Signature- A digital code that identifies the sender. It is attached to an e-mail. Digital signatures are used to ensure that sender's identity matches the real sender. Digital signatures play a crucial role in e-commerce and are a vital aspect of most authentication plans.
- The fee percentage of each electronic transaction paid to the merchant provider (an acquiring bank) for the right to use your merchant account. Most web merchants are charged between two and ten percent of their revenue from online credit card or electronic check orders.
Duality- The membership of a financial institution in both MasterCard and Visa associations.
E-Commerce- Electronic Commerce - the sale and purchase of goods or services over the Internet.
Encryption- Method of scrambling data to protect a cardholder's personal information.
Entitlement- License or permission to accept a particular type of payment card or other payment method.
Exceeded Timeliness- A transaction that is deposited too late to qualify for the best interchange rate.
Expiration Date- The embossed date on a bankcard. After that date, the card becomes invalid and should no longer be accepted.
Factoring- When a legitimate merchant processes another merchant's transactions in return for payment. This practice is forbidden by the associations.
Floor Limit- A specific dollar limit which defines the transaction limits in amount for the merchant's monthly flow. Above the determined limit, the merchant must get authorization for the specific transaction.
Filter- A program that receives incoming data and processes it, depending on the standards it meets, and then sends it to the next action. For example, when filling out a bank survey, you select specific options that indicate your purchasing habits. The filter sifts through all of the survey responses and sends people who will be purchasing a car within the next year to the next action, which will service that type of customer. E-mail programs let you use filters to forward messages to particular locations based on the sender's information.
Firewall- a security tool that prevents file access through the Internet. It ensures the safety of cardholder information.
Force- The process by which a voice-authorized transaction is key-entered to be settled electronically with a batch of transactions.
Fraud Investigation- The process of identifying suspicious merchant or cardholder activity.
Fraud Scoring- A set of fraud prediction technologies or models. The most efficient of these models is a method that recognizes the habits of fraud and legitimate buyers. These are scoring models that assign a numeric value to define the risk of fraud.
Gateway- The acquirer's connection between its online merchants and the Visa, MasterCard and American Express transaction processing systems. The merchant server sends an encrypted transaction form to the payment gateway, which then authenticates the merchant, performs a decryption process, and forwards the data via Visa, MasterCard, or American Express to the issuer for authorization.
Hard Decline- A declined authorization attempt resulting from a lost or stolen card, pick-up card, etc. There merchant should ask for a "code 10" authorization to the authorization center for clarifications.
Interchange Fees- Fees paid by the acquirer to the issuer to compensate for transaction-related costs. MasterCard and Visa establish interchange fee rates.
Internet Payment Gateway Service (IPGS)- Standard internet connection for merchants and merchant aggregators to securely send and receive payment transaction messages. Also see gateway.
IP Address- Internet Protocol Address. A unique number that is used to represent every single computer in a network. All the computers have a unique IP address. The format of the IP Address is four sets of numbers separated by dots (eg., 22.214.171.124).
Issuer, Issuing Bank
- The financial institution and member of Visa or MasterCard that holds contractual agreements with, and issues cards to, cardholders.
Level 1 Compliant
Merchant levels as defined by Visa:
|1||Any merchant -- regardless of acceptance channel -- processing over 6M Visa transactions per year. Any merchant that Visa, at its sole discretion, determines should meet the Level 1 merchant requirements to minimize risk to the Visa system.|
|2||Any merchant -- regardless of acceptance channel -- processing 1M to 6M Visa transactions per year.|
|3||Any merchant processing 20,000 to 1M Visa e-commerce transactions per year.|
Any merchant processing fewer than 20,000 Visa e-commerce transactions per year, and all other merchants -- regardless of acceptance channel -- processing up to 1M Visa transactions per year.
|* Any merchant that has suffered a hack that resulted in an account data compromise may be escalated to a higher validation level.
Mail Order/Telephone Order Account (MOTO)- An order system that allows you to receive credit card payments without the cardholder's signature. This is a card- not-present account in which the merchant and cardholder do not have to be in the same location. Examples include a catalog company or the order of flowers by phone. Both of these would have a MOTO account allowing them to accept orders by mail, telephone, or fax.
MCC- Merchant Category Code - a universal four-digit merchant classification code that identifies the merchant by type of processing, authorization and settlement. Similar to a Standard Industrial Classification (SIC), but more defined.
Media Retrieval Requests- Media retrieval is the process of obtaining paper documents from a centralized location. There are two types of media retrieval requests: 1) requests for sales records from cardholders, and 2) requests for documentation in defense of a chargeback from card issuers.
Member- A financial institution that is a member of Visa and/or MasterCard. A member is licensed to issue cards to cardholders (issuer) and/or accepts merchant drafts (acquirer).
Merchant Agreement- The written contract between the merchant and acquirer that details their respective rights, responsibilities and warranties.
Merchant Aggregator- Businesses that provide hosting and other e-commerce processing services for multiple merchants.
Merchant Bank- See Acquirer.
Merchant Discount- The fee an acquiring member charges the merchant to cover the costs of providing deposit credit and handling credit card sales transactions. See Discount Rate.
MOP- Method Of Payment - the way a merchant chooses to accept payment for products or services. Examples include: MasterCard, Visa, American Express, Discover, Carte Blanche, Diners Club, JCB, Electronic Check and private label cards.
Neural Networks- Networks which compare new transactions against profiles of fraudulent ones using a series of polynomial equations. They are the mathematical equivalent of having a panel of fraud detection specialists engaged to examine the order if the characteristics warrant their expertise.
Offline Debit- Debit transaction that occurs when a Visa/MasterCard check card is authorized through the credit card system and the amount is debited from the cardholder's checking (DDA) account.
Offline Transaction- A transaction that is authorized through a voice authorization and later keyed into a POS terminal prior to settlement.
- A validation number from the host computer confirming a successful batch deposit.
Online Transaction- A transaction that is authorized electronically from the front-end network.
Pick Up Card- An issuer's electronic response to an authorization request, asking that the card be retained by the merchant and returned to the issuer.
PIN- Personal Identification Number - a secret code used to verify the identity of the person trying to use a credit card by the alphanumeric or numeric code. The PIN number is entered into a keypad and is encrypted to travel along with the authorization.
Posting- The process of recording debits and credits to an account.
Prenote- In the electronic check-processing environment, a non-dollar transaction sent through the ACH network for the purpose of verifying the accuracy of the cardholder's account data.
Processing Fees- The fees associated with the processing of credit card transactions.
Processor- A company responsible for processing interchange transactions - operated by an acquirer or acting on the acquirer's behalf.
- A payment card used by companies to replace paper invoices.
Real-time Authorization- Performs card authorization in real-time, as the purchase occurs. If the authorization is accepted, the order proceeds as expected. If the authorization is negative, the shopper receives an error message and is unable to complete the purchase until an approved card is entered.
Reason Code- A two-digit code identifying the reason a chargeback was initiated.
Re-authorization- To request an additional amount to be authorized on an existing transaction. Used in the lodging industry when the original authorization is not sufficient to cover the charges.
Recurring Transaction- A transaction charged to a cardholder's account (with prior permission) on a periodic basis for recurring goods and services, i.e., online dating services, health club memberships.
Refund- A refund occurs when the merchant rebates all, or a portion, of an original transaction amount to the cardholder. Refunds are made to the same card that was used for the original transaction. Similar to a Credit.
Representment- The attempt to rectify a chargeback situation with the bank.
Retrieval Request- The card issuer can initiate a retrieval request when a cardholder does not remember a credit card transaction, or if the bank wants order information. The merchant has 10 days to reply with the order information or the retrieval request is turned into a chargeback. Merchants are usually charged a fee.
Reversal- See void.
RSA Encryption- A public-key cryptography system that both encrypts and authenticates data. It was invented in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman—RSA.
Rules-based Expert System Modeling- These systems detect well-understood inconsistencies in data or behaviour. They use databases of actual transactions, both valid and fraudulent, and compare the new transactions to the characteristics of the historical transactions.
SecureCode (MSC)- SecureCode is utilized by Mastercard as additional layer of security for online credit card transactions. This means, that a transaction using SecureCode will initiate a redirect to the website of the card issuing bank to authorize the transaction either using private personal details kept by the bank, a user-chosen password, or, even more securely, a one-time password.
Secure Server- A Web server or computer that is connected to the Internet and is able to establish a secure, encrypted form of communication with clients. A secure server generally uses SSL or SET.
Secure Payment Page- The provision of the payment page from the PSP.
Smartcard- A card embedded with a microchip that stores programmable data. The smartcard is used for telephone calls, storing electronic cash, or for paying public transportation, tollbooths, and parking. When the money on the card is used up, the card can be recharged and can be used again.
Soft Decline- A declined authorization attempt that does not necessarily mean the card is bad (i.e., call referral, issuer unavailable or cardholder over limit). These transactions may be resubmitted a day or two later in an attempt to obtain a valid authorization.
Split Dial- The capability of a card terminal to dial different telephone numbers to obtain an authorization or settlement of different card types.
- Secure Sockets Layer- An established security standard that is used to encrypt data in order to protect the safety, privacy, and reliability of payment data transmitted over the channel between shopper and merchant. SSL encrypts the channel between browser and Web server so only the intended parties can read certain data, such as payment or customer information.
Submission- A file sent by the merchant that contains one or more transactions.
Summary Adjustment- A correction to a deposit, made by the acquirer, when there is an error in the submitted deposit.
TCS- Terminal Capture System - the process in which transactions are stored in the terminal until the batch is settled to the host. Most often used in restaurant applications where tip adjustments need to be made.
TID- Terminal Identification Number - number identifying a merchant to the front-end network.
Transaction- The exchange of goods against payment. A transaction is started when a credit card order is placed. Each attempt to authorize a credit card is considered to be an order attempt and therefore also considered to be a transaction.
Transaction Date- The actual date on which a transaction occurs.
Transaction Fee- The amount a merchant pays per transaction for processing.
Valid Date- The date embossed on a payment card stating when the card may first be used.
VAR- Value Added Reseller - a third-party that certifies their software to be used on a processor's system.
Verified By Visa (VBV)- Verified by Visa (VBV), a system used by Visa's 3D Set technology, and SecureCode,utilized by Mastercard,as additional layer of security for online credit card transactions. This means, that a transaction using Verified by Visa/ SecureCode will initiate a redirect to the website of the card issuing bank to authorize the transaction either using private personal details kept by the bank, a user-chosen password, or, even more securely, a one-time password.
Voice Authorization- Transactions authorized by a voice operator. Voice-approved transactions are put into a terminal batch for settlement.
- When an acquirer successfully represents a chargeback to the issuer, the chargeback is reversed and the funds are returned to the merchant.
Zero Floor Limit- Requires that all transactions receive authorization.