This glossary includes a list of terms used in the payments industry.
Electronic money transfers from one bank account into another.
Access Control Server (ACS)
Combines access security, authentication, user and administrator access and policy control in a centralised identity framework. A key 3DS component in the issuing domain that reduces the chances for fraud.
Visa’s Account Updater (VAU) and MasterCard’s Automatic Billing Updater (ABU) allows your business to connect into each of the Card Schemes to obtain new updated card details for those cards that have either expired or have been reported lost or stolen.
Account Information Service Provider (AISP)
AISPs are authorised to fetch payment account information but cannot initiate payments. They enable consumers to share their account transaction data with third-party providers; in turn, third-party providers can initiate payments on their behalf.
Account Servicing Payment Service Provider (ASPSP)
An ASPSP is a Bank in the context of the Open Banking ecosystem. They provide and maintain a payment account for a payer as defined by the Payment service Regulations.
Acquirer (or Acquiring Bank)
An Acquirer is a bank or a financial institution that receives funds on behalf of a merchant. This is essentially the bank that settles card transactions into the merchant's account. The acquirer must be licensed by financial regulators.
Acquirer Reference Number (ARN)
Unique reference number assigned to the transaction as it moves through the payment flow.
Authorisation refers to the process of obtaining approval from the card issuer to complete a transaction. When a customer uses a payment card to make a purchase, the merchant sends a request to the card issuer to verify that the card is valid and that there are sufficient funds available to cover the purchase.
Bank Identification Code (BIC/SWIFT)
BIC/SWIFT code is a unique identification code assigned to banks or financial institutions. It consists of a combination of letters and/or numbers and helps to identify a specific bank or branch involved in international financial transactions. The BIC/SWIFT code is used to ensure accurate routing of funds between banks and is essential for international wire transfers, payment processing, and other cross-border financial operations.
Bank Identification Number (BIN)
A Bank Identification Number (BIN) represents the first four to six digits on a credit card. The first four to six digits identify the financial institution that issued the card. The BIN is a security measure to protect both consumers and merchants engaging in online transactions.
Banking-as-a-Service is the provision of banking products to non-bank third parties through APIs.
A capture refers to the process of converting an authorised transaction into a completed sale by settling the funds from the customer's account and transferring them to the merchant's account.
A cardholder is a person who uses a card issued by a bank to make a payment to a merchant.
A chargeback is a return of money to a payer of a transaction, especially a credit card transaction.
Competition Markets Authority (CMA)
The Competition and Markets Authority (CMA) is a non-ministerial government department in the United Kingdom, responsible for strengthening business competition and preventing and reducing anti-competitive activities.
The nine largest banks and building societies in Great Britain and Northern Ireland, based on the volume of personal and business current accounts. AIB Group (UK) plc trading as First Trust Bank in Northern Ireland, Bank of Ireland (UK) plc, Barclays Bank plc, HSBC Group, Lloyds Banking Group plc, Nationwide Building Society, Northern Bank Limited trading as Danske Bank, The Royal Bank of Scotland Group plc, Santander UK plc (in Great Britain and Northern Ireland).
Card Number (PAN)
The Primary Account Number (PAN) is a 16-digit identifying number associated with that specific card. It is allocated in accordance with the ISO/IEC 7812 standard.
Card Present (CP)
Card present (CP) refers to a type of payment transaction where the physical payment card is presented to the merchant for payment. Card present transactions are generally considered to be lower risk than card not present transactions, such as online or over-the-phone purchases, because the merchant can physically verify that the card being used belongs to the person presenting it.
Card Not Present (CNP)
Card not present (CNP) refers to a type of payment transaction where the payment card is not physically presented to the merchant at the time of payment. This can happen in various contexts, such as online purchases, over-the-phone orders, or mail orders.
Card Security Code (CVC, CVV, CID)
The Card Verification Value is printed on the signature strip (on most cards) and is used to authenticate ecommerce transactions. Depending on the payment scheme, it can also be referred to as CVV2, CAV2, CID or CVC2.
Card schemes are payment networks linked to payment cards, such as debit or credit cards, of which a bank or any other eligible financial institution can become a member. Examples include, Visa, Mastercard, AMEX, Discover and Diners Club.
A digital wallet is a financial transaction application that runs on any connected device. It securely stores your payment information and passwords in the cloud. The most common types of digital wallets are Apple Pay and Google Pay.
A direct debit is a financial transaction in which a person or organization instructs their bank to allow a third party to withdraw money from their account on a regular basis. This is often used for recurring payments such as monthly bills or subscriptions. Direct debits are typically set up by filling out a form provided by the organisation or service provider, and the payments are processed automatically on the agreed-upon dates.
A dispute occurs when there is a disagreement between a buyer and a seller over a transaction that has taken place. When a payment dispute occurs, the buyer may dispute the payment with their bank or credit card company, who will then investigate the matter and attempt to resolve the dispute. The payment provider may ask the buyer to provide evidence to support their claim, such as receipts, tracking information, or correspondence with the seller.
Ecommerce Payments (or Online Payments)
Payments made by cardholders via electronic commerce over internet or other computer networks, for either goods or services provided by merchants.
Electronic Commerce Indicator (ECI)
Indicates the security level at which the payment information is processed between the cardholder and the merchant.
Electric Money Directive (EMD)
A person/business who provides payment services on behalf of an Electronic Money Institution.
Electric Money Institute (EMI)
An Electronic Money Institution (EMI) is a type of financial institution that is licensed to issue electronic money and provide related payment services. EMIs are regulated entities that are authorized to operate in the European Union (EU) and other countries around the world.
Europay, Mastercard, and Visa (EMV)
EMV stands for Europay, Mastercard and Visa, the three companies that created the standards. EMV chips create a one-of-a-kind code for each transaction.
EMV 3-D Secure
3-D Secure is an additional security layer for online credit and debit card transactions to ensure a purchase is from a legitimate cardholder.
The Faster Payment Service is a real-time payment service that was introduced in the UK in 2008. The aim of Faster Payments is to reduce payment times in bank-to-bank payments. The Service works by checking the payment instructions and forwarding them from the sending bank to the receiving bank in order that funds can be successfully transferred in almost real-time. Every UK bank and building society in the UK is now able to send and receive Faster Payments.
A payment page pre-built and fully hosted by Acquired.com, making all available payment methods accessible to merchants and their customers from one place.
In a merchant’s checkout journey, customers will be redirected from the merchant site to the ‘Hosted Checkout’ payment page to enter their card/payment details.
Hosted Payment Pages (HPP)
In-app Payments (or Mobile Payments)
Is a type of pricing most commonly used in Europe and the United States. It’s available for payments made through Visa and MasterCard, and offers more transparency than other pricing types by showing a more detailed breakdown of your costs. (This is also sometimes referred to as a scheme fee or network fee).
Interchange ++ is a type of pricing most commonly used in Europe and North America for Visa and Mastercard transactions. It offers more transparency than other pricing types by showing a more detailed breakdown of the merchant’s costs, but it also protects us if the scheme and interchange fees rise.
Issuer (or Issuing Bank)
The issuer is the bank that issues the credit or debit card to the customer. They facilitate card payments and look after the interests of the cardholder.
Know Your Customer (KYC)
Know Your Customer (KYC) checks refer to the process of verifying the identity of a customer before establishing a business relationship or conducting a financial transaction. KYC checks are a legal requirement for financial institutions, including banks, payment processors, and electronic money institutions, to comply with anti-money laundering (AML) and counter-terrorism financing (CTF) regulations.
Merchant Category Code (MCC)
A four-digit number listed in ISO 18245 for retail financial services. An MCC is used to classify a business by the types of goods or services it provides.
Merchant Identification Number (MID)
A unique code provided by your payment processor. Often abbreviated as MID, you'll receive one when you open a merchant account with an acquiring bank.
Unique payment credentials generated automatically in real-time by card schemes, used to replace a card number (PAN) in all parts of the payment process for a specific buying cycle.
Open Banking Directory
The Open Banking Directory is the core infrastructure of the Open Banking ecosystem – enabling participants to request and grant access to customers' financial data in a secure, permissioned way via open banking APIs.
Open Banking Ecosystem
The Open Banking Ecosystem refers to all the elements that facilitate the operation of Open Banking. This includes the API Standards, the governance, systems, processes, security and procedures used to support participants.
An online payment gateway is cloud-based software that connects a customer to the merchant. A payment gateway is the virtual equivalent of a point of sale (POS) terminal and allows for card-not-present (CNP) transactions in which the buyer and seller never meet face to face. Debit or credit card information is entered on the website, in a hosted checkout form, or on a mobile app.
A payment processor is a financial institution or service provider. Payment processors are essential for enabling e-commerce transactions and online payments, allowing merchants to accept payments from customers around the world securely and efficiently.
Payment Services Directive
A legal or natural person acting on behalf of a UK Payment Institution (PI) or Electronic Money Institution UK
Payment Service Provider (PSP)
A Payment Services Provider (PSP) is an entity which carries out regulated payment services, including AISPs, PISPs, CBPIIs and ASPSPs.
Payment Initiation Service Provider (PISP)
A Payment Initiation Service Provider (PISP) is a type of third-party payment service provider that enables consumers to initiate electronic payments directly from their bank accounts, without the need for a credit or debit card. PISPs are typically used in the context of open banking, which refers to the practice of allowing third-party providers access to financial data and infrastructure through application programming interfaces (APIs)
Payment Services User (PSU)
A Payment Services User is a natural or legal person making use of a payment service as a payee, payer or both.
A payment terminal is an electronic device that allows businesses to process payments from customers using credit cards, debit cards, and other forms of electronic payment. Payment terminals can be either standalone devices or integrated into a point-of-sale (POS) system. They typically support various payment methods, including contactless payments, mobile wallets and EMV chip cards.
A payout refers to the process of transferring funds from one account to another. In the context of payments, a payout typically refers to a disbursement of funds from a merchant or platform to an individual or business.
PCI compliance refers to compliance with the Payment Card Industry Data Security Standard (PCI DSS). It is a set of security standards developed by major card networks to protect sensitive card information and increase the safety of cardholder data. PCI compliance is required for all organisations that deal with payment card processing.
Point of Sale
Point of Sale (POS) refers to the location where a customer makes a payment for goods or services. A POS system typically includes a combination of hardware and software components that facilitate transactions between a customer and a business.
Recurring payments can be used to charge customers on a regular basis, such as, for subscription or credit-based services. They can be for a one-off amount, or for a regular amount, such as a weekly, monthly or annual charge. The customer goes through the payment process once, for the first transaction, and then the recurring process occurs automatically.
For recurring payments, you need to gain customer consent through the first payment. It works in the same way as a regular payment and the customer may also be required to authenticate the initial transaction with EMV® 3-D Secure. After the first payment, the customer's card will be charged automatically without having to perform a new payment flow.
A refund is a payment made by a merchant to a customer to reverse a transaction. Refunds can be issued for a variety of reasons, such as when a customer returns a product, cancels a service, or is overcharged for a purchase. When the merchant processes the refund, the funds are sent back from the acquirer to the issuer. If a merchant refuses to a make a refund, the customer can then raise a chargeback through their issuer.
Sensitive Authentication Data
Sensitive authentication data (SAD) is any information used to authenticate or authorize a payment transaction that has the potential to compromise the security of the payment card data. This includes data such as the card's full magnetic stripe data, card verification codes or values (e.g. CVV, CVC, CID), and PINs or PIN blocks.
Strong Customer Authentication (SCA)
Strong Customer Authentication, as defined by European Banking Association Regulatory Technical Standards, is an authentication based on the use of two or more elements. These elements are categorised as knowledge (something only the user knows, for example, a password), possession (something only the user possesses, for example, a particular cell phone and number) and inherence (something the user is, or has, for example, a finger print or iris pattern) that are independent, [so] the breach of one does not compromise the others, and is designed in such a way as to protect the confidentiality of the authentication data.
Sweeping is the automated movement of a customer's funds between two accounts in their name, such as a current and savings account. It is commonly used to help the customer avoid overdraft charges, repay a loan or benefit from better interest rates.
Third Party Provider (TPP)
Third Party Providers are organisations or natural persons that use APIs developed to Standards to access customer’s accounts, in order to provide account information services and/or to initiate payments. Third Party Providers are either/both Payment Initiation Service Providers (PISPs) and/or Account Information Service Providers (AISPs).
A transaction refers to the purchase of goods or services using a payment method such as a credit card, debit card or mobile payment. The transaction process involves several steps, including authorization, capture, settlement, and reconciliation.
Variable Recurring Payments (VRPs)
Variable Recurring Payments (VRPs) let customers safely connect authorised payment providers to their bank account so that they can make payments on the customer’s behalf, in line with agreed limits. VRPs offer more control and transparency than existing alternatives, such as Direct Debit payments.
Updated 22 days ago