Short Glossary of Payment Terms
AMOP – Alternative Methods of Payment or payments other than cash, including using a credit or debit card, loyalty program points, digital wallets like Google Pay or Apple Pay.
APR – Annual Percentage Rate or the interest rate charged on credit card balances expressed in a standardized, annualized way.
ARQC – Authorization Request Cryptogram or online authorization or a digital signature of the transaction details, which the card issuer can check in real time.
AVS – Address Verification Service is a tool to detect suspicious credit card transactions and prevent credit card fraud. AVS checks the billing address, and the credit card processor sends a response code, depending on which the credit card transaction may be accepted or rejected.
BIN – Bank Identification Number is the first six digits of a Visa or MasterCard account number. BIN is used to identify the card-issuing institution.
Chargeback fraud – occurs when a consumer makes an online shopping purchase with their credit card and then requests a chargeback from the issuing bank after receiving the purchased goods or services. Once approved, the chargeback cancels the financial transaction, and the consumer receives a refund of the money they spent. When a chargeback occurs, the merchant is accountable, regardless of whatever measures they took to verify the transaction.
CNP – Card Not Present occurs when neither the cardholder nor the credit card is physically present at the time of the transaction. It is most commonly used for payments made over the Internet, but also over the phone or by fax, or mail.
CVM – Cardholder Verification Method, used to authenticate that the person presenting the card is the valid cardholder. EMV supports four CVMs: offline PIN, online PIN, signature verification and no CVM.
CVV – Card Verification Value is the three or four-digit code printed on the back of your card.
Digital wallet – an electronic device or software that allows cashless purchases to be made. Digital wallets can encompass ID verification, payment systems, they may contain data from several credit cards, and interact securely with a merchant’s payment processing equipment.
EMV – the global standard for credit card and debit card payments (originally stood for “Europay, MasterCard and Visa”). EMV cards or chip-enabled cards are embedded with a microcomputer chip to store card account data. Some may require a PIN instead of a signature to complete the transaction process.
EMV liability shift – starting in October 2015, US businesses were required by the credit card companies to utilize EMV-capable POS equipment. Businesses who do not comply will be responsible for the costs associated with accepting fraudulent transactions.
Fallback– a backup process, when the terminal detects that chip is not being read – due to equipment failure or attempted fraud – and the EMV transaction “fall back” to a magnetic stripe transaction.
IIN – Issuer Identification Number or the first six digits of a card number which identify the card issuing institution (the remaining digits identify the specific account). Online merchants may use IIN lookups to help validate transactions.
NFC – Near Field Communication is a technology that enables two electronic devices, one of which is usually a portable device (a smartphone) to establish communication by bringing them within 1.6 in of each other. Used in contactless payment systems.
Offline PIN – a card verification method for EMV chip cards. These cards actually store the PIN securely on the chip itself, so cardholder verification can occur even at a stand-alone kiosk not connected to a network.
Online PIN – a card verification method for EMV chip cards with magnetic stripes. If EMV chip credit card has an online PIN, the terminal must electronically contact the issuer over a network to verify that the PIN is correct.
Out of scope – eliminating sensitive cardholder data from the POS software, passing only non-sensitive data.
PAN – Payment Card Number, Primary Account Number, or simply a card number, is the card identifier found on payment cards (credit and debit cards, as well as stored-value cards, gift cards, and other similar cards).
PCI DSS – Payment Card Industry Data Security Essentials are the security basics (includes measures for security incident prevention, detection, and reaction) to protect small businesses against payment data theft and to help small merchants reduce the risk.
PCI compliance – all businesses that store, process or transmit credit card data electronically are required to follow the Payment Card Industry compliance guidelines. PCI DSS compliance for a small business should cost from $300 per year (depending on your environment), a very large enterprise expect to pay $70,000+ in total costs.
PIN – Personal Identification Number is a numeric password used in the process of authenticating a user accessing a system. Financial PINs are often four-digit numbers. Many PIN verification systems allow three attempts before the card will be blocked.
POS – Point of Sale (or Point of Purchase), is the place where a customer executes the payment for goods or services, whether it be in a physical store, where POS terminals and systems are used to process card payments or a virtual sales point such as a computer or mobile electronic device.
QR code – Quick Response Code is a type of matrix barcode, an optical label that contains information about the item to which it is attached. Typically, using a smartphone as a QR code scanner, it provides a way to access a brand’s website more quickly than by manually entering a URL. QR codes have become common in consumer advertising.
SMS payment – paying for a product or service by sending a text message from the phone.
SRC – Secure Remote Commerce, a standardized method for e-commerce checkout by Mastercard and Visa, when consumers need not enter and re-enter their data at each merchant, for each transaction, and merchants can cut down on the shopping cart abandonment.
Token – a surrogate value that replaces a primary account number (PAN) in the payment ecosystem. Tokenization substitutes card data with meaningless data or a token that has no value to a hacker.
TVR – Terminal Verification Results is a series of bits set by the terminal reading an EMV card: this data object is used in the terminal’s decision whether to accept, decline or go online for a payment transaction.
Two-factor authentication – a form of identification used in making sure a credit card transaction is authorized: one factor is a credit card, another a PIN number or security code number. There may be other characteristics, such as a fingerprint, an iris pattern or the ability to retype a sequence of numbers and letters.
WAP billing – Wireless Application Protocol billing, which is charged directly to the mobile phone bill. Using WAP billing, consumers can buy mobile content without registering for a service or entering a username or password. It is an alternative payment mechanism to debit or credit cards and premium SMS for billing.
Sources: wn.com, youtube.com, wikipedia.com, clients.txtnation.com, everything.explained.today, linuxdoc.ru, pcicomplianceguide.org