3-D Secure Authentication: A system aimed at reducing online credit card fraud and chargeback. It enables additional authentication on the cardholder’s identity by asking for an additional PIN during an online shopping transaction. VISA name it “Verified by VISA” while MasterCard name it “Master SecureCode”.
Application Program Interface (API): This is a source code-based specification intended to be used as an interface by software components to communicate with each other.
Bank Identification Number (BIN): These digits contain the first six digits of a credit card, debit card, or charge card and serve to identify which network the card belongs to as well as which bank issued it. Merchants may use BIN lookups to help validate transactions. For example, if the credit card’s BIN indicates a bank in one country, while the customer’s billing address is in another, the transaction may need extra scrutiny.
Brick and Mortar (bricks and mortar or B&M): In its simplest usage, it is used to describe the physical presence of a building(s) or other structure. It’s a concept usually referred to in business, which applies to the physical location for a business or organisation.
Checkout Process: Refers to the process an online shopper or customer must go through to purchase a product or service from an e-commerce website.
Credit Card Processing: Once the payment gateway accepts the transaction, this service records the transaction, removes funds from the credit cardholder’s account and deposits these funds into the merchant account.
Card Verification Value (CVV): A method used to ensure that a credit card being used in a purchase is in the possession of its owner. The CVV security code is a 3 or 4 digit code imprinted on the physical credit card, but not embedded or encrypted in the magnetic stripe. The code is a 3-digit number located on the signature strip on the back of Visa and MasterCard cards, after the card number. For American Express cards, the number is 4 digits longs and displayed on the front of the card.
Digital Wallet (or e-wallet): This allows users to make electronic commerce transactions quickly and securely. A digital wallet functions much like a physical wallet. The digital wallet was first conceived as a method of storing various forms of electronic money (e-cash), but the digital wallet has now evolved into a service that provides Internet users with a convenient way to store and use online shopping information.
Domain Name: The unique name that identifies your website.
Digital Certificate: A digital certificate is an electronic certificate that establishes a company’s credentials when doing business or other transactions on the Web. The certificate is issued by a Certification Authority (CA). It contains: a name; a serial number; expiration dates; a copy of the certificate holder’s public key used for encrypting messages and digital signatures; and the digital signature of the certificate-issuing authority. Digital certificates ensure that a recipient can verify that the certificate is real.
E-commerce or Electronic Commerce: Selling goods or services over the internet.
Firewall: A computer system that sits between the Internet and a company’s LAN. It is a means of automatically limiting what a company’s computer system will pass along to outside computer systems. It acts as an active gateway to keep non-company entities from accessing company confidential data.
Gateway: Used in different contexts (e.g., mail gateway, payment gateway), but most generally, it refers to a computer that forwards and routes data between two or more networks of any size.
Hypertext Transfer Protocol (HTTP): A protocol developed at CERN that enables a browser (or client) to send out a request to a web server via the Internet.
Hypertext Transfer Protocol Secure (HTTPS): This is a combination of Hypertext Transfer Protocol (HTTP) with SSL/TLS protocol. It provides encrypted communication and secure identification of a network web server. HTTPS connections are often used for payment transactions on the web and for sensitive transactions in corporate information systems.
Integration: Can be described as consisting of three main components: physical integration, the connection of the hardware; data integration, the ready exchange of data between applications without loss of functionality; and lastly business integration, the integration of the functions needed to support decisions, monitor and control business.
Internet Service Provider (ISP) – A company that sells end users access to the Internet.
IP Address: The numeric address of a computer connected to the Internet; also called Internet address. See domain name.
MasterCard SecureCode: This is a service designed to enhance existing MasterCard accounts. A PIN code will be linked to a credit card for added protection against unauthorized use of the customer’s card when he/she shops at participating online merchants. Similar technology by VISA is known as VERIFIED by VISA.
Merchant: The organisation accepting credit card or other alternate payment methods for the goods or services they provide.
Merchant Account: Allows a business to accept credit card transactions from customers. Merchant accounts are commercial bank accounts set up between a retail business and a financial institution. Funds from customers are deposited into the merchant account.
Merchant ID: A number issued to a merchant by an acquiring bank. The acquiring bank uses the Merchant ID to identify a specific merchant in credit card transactions. Each store in a payment gateway (for example, PayU) must have its own Merchant ID.
Order: A record of a request for goods or services initiated by a customer.
Order Tracking: The process of tracing the status of particular order placed by a customer in an online store.
Payment Gateway: A computer system that acts as a mediator between a merchant account and online storefront. A payment gateway is used to authenticate credit card information and charge a credit card in real-time. Payment gateways protect credit card details by encrypting sensitive information. This encryption ensures that information is passed securely between the customer and the merchant and also between merchant and the payment processor.
Payment Processor 3rd Party: Third party payment processing services are basically a payment gateway and merchant account rolled into one. The difference is a payment processor does not require you to have an Internet merchant account and can deposit funds directly into your personal or business bank account.
PCI DSS Compliance – PCI DSS (Payment Card Industry Data Security Standard): is a security standard for organisations that handles cardholder information for the major debit, credit, prepaid, e-wallet, ATM, and gift cards. Compliance with the PCI DSS means that your systems are secure, and customers can trust you with their sensitive payment card information.
Phishing: This is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
Recurring Transactions: A transaction in which a cardholder has given a merchant permission to periodically charge the cardholder’s account (for example, a magazine subscription renewal).
SSL (Secure Socket Layer) Encryption: A protocol designed by Netscape Communications to enable encrypted, authenticated communications across the Internet. SSL works by encrypting your data and transferring it over a secure connection. Payment gateways use SSL to keep credit card numbers confidential when they are transmitted over computer networks. 128 bit is the industry standard and refers to the level of protection a website offers. When a web page URL starts with “https:”, it is using SSL to encrypt both the web request and the response you see on your browser.
SSL Certificate: This is an electronic document that uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, and their address. The certificate can be used to verify that a website belongs to an individual/business.
Store: The entity in a payment gateway that accepts and processes payments. It represents a merchant’s organisation.
Terminal ID (TID): A number assigned by the acquiring bank to identify a specific point-of-sale terminal. For Internet transactions, one TID is typically assigned to each merchant website or business unit.
Transaction: A record of each action that is taken on an order. An order may have multiple transactions, e.g., a sale and a credit.
Verified by Visa: Verified by Visa is a system used by Visa as an added layer of security for online credit card transactions. It relies on a password to validate the transaction. This acts in the same way as using a PIN or signature when you make purchases over the counter. This will ensure that it is in fact you making the purchase. MasterCard uses a similar system (under the name SecureCode).