The Green Sheet 2.0 :: Resources

A B C D E F G H I M N P Q R S T

ACH

An electronic payment network most commonly associated with payroll direct deposit and recurring payments. The ACH can be used also to clear electronic checks and other demand deposit account (DDA) transactions.

Also known as: automated clearing house (ACH)

acquirer

A federally insured financial institution responsible for connecting merchants to Visa Inc. and MasterCard Worldwide authorization and settlement systems. Also called an acquiring bank, merchant bank or sponsor bank.

Acquirers and merchants are the two signatories to merchant agreements. Acquirers can be thrifts, banks or credit unions. For example, First National Bank of Omaha is an acquirer and a bank. To sell bankcard services, it is necessary to have a signed agreement with an acquirer or be part of an ISO that is sponsored by an acquirer.

Among other things, an acquirer deposits daily card totals to merchant accounts and debits monthly processing fees from those accounts. The acquiring bank must handle all funds, deposits and settlements with merchants.

ISOs and other entities on the acquiring side of the bankcard business also refer to themselves informally as acquirers, as evidenced by several regional acquirers associations thriving throughout the United States, but strictly speaking, they are not acquirers.

Also known as: acquiring bank, merchant bank, sponsor bank

acquirers association

A regional, independent and nonprofit organization that provides training, education and networking opportunities for professionals working in the acquiring side of the bankcard industry, including financial institutions, ISOs, MLSs, equipment vendors and providers of value-added services.

acquiring bank

Also known as: acquirer

address verification service (AVS)

A fraud deterrent technique used in card-not-present situations. AVS offers various levels of address verification detail, including cardholder ZIP codes and street numbers.

Also known as: AVS

agents

People who sell bankcard services to merchants on behalf of ISOs, acquirers and processors. Also known as merchant level salespeople (MLSs) and independent sales agents (ISAs), most agents are independent contractors. Others are paid employees of ISOs, acquirers and processors.

Also known as: independent sales agent (ISA)

aggregator

A company that manages the commercial relationships, physical transactions and physical distribution of prepaid cards sold in a destination retailer through a gift card mall on behalf of issuers. Also called a distributor.

authorization

An electronic exchange between a card issuing bank and an acquiring bank, initiated through a POS terminal, confirming a cardholder has sufficient credit (or funds in a demand deposit account if it is a debit card) to cover a pending transaction.

automated clearing house (ACH)

Also known as: ACH

AVS

A fraud deterrent technique used in card-not-present situations. AVS offers various levels of address verification detail, including cardholder ZIP codes and street numbers.

Also known as: address verification service (AVS)

bank identification number (BIN)

A numerical code assigned to each federally insured financial institution for the routing of transactions and other purposes. ISOs and MLSs board merchants using the BINs of their respective acquiring banks.

batch

A collection of card receipts saved for submission, usually at the end of the business day. When the receipts are sent, the batch is "closed."

breakage

The unredeemed or unspent funds on a gift or prepaid card.

buy rate

The acquiring bank's fee; it is equal to interchange (which is paid to the issuing bank) plus the acquiring bank's markup. Think of it as the wholesale price of a transaction to which processing and other fees are added to come up with the cost to a merchant. Buy rates have not been widely used since the multitude of interchange rates came into being; many ISOs and acquirers now use pricing models that involve splits of net revenue.

card laundering

When a merchant processes sales through his or her merchant account on behalf of another merchant. Laundering violates the terms of merchant agreements. Also called draft laundering and factoring.

Also known as: draft laundering, factoring

card verification value (CVV) number

The three-digit number on the back of Visa Inc. and MasterCard Worldwide credit and debit cards. It is used as a security feature in card-not-present transactions. The CVV number helps guard against the use of data stolen from payment networks by hackers. Intercepted data will usually comprise the cardholder name, card number and card expiration date, but not the CVV, which is generally obtained only by viewing the physical card.

card-not-present

Card transactions (Internet or MO/TO purchases, for example) for which the customer's card is not physically handled by the merchant. Interchange is set higher on these transactions because there is a greater likelihood of fraud.

certificate authority

An e-commerce service that validates Internet parties to an online transaction.

chargeback

When a cardholder's bank (issuer) reverses all or part of a card transaction back to the merchant bank (acquirer), which typically kicks the transaction back to the merchant's account, leaving the merchant financially liable for the payment and subject to fines. Chargebacks can be initiated by customers or by cardholders' banks (for example, due to procedural errors). Chargebacks that exceed 1 percent of monthly sales generally are considered excessive.

check scanner

A counter-top device used to scan images of checks, according to legal specifications, for electronic clearing and settlement.

closed-loop

Cards (such as retail gift cards) issued by a single corporate entity. Such cards can only be redeemed within that entity or within a series of entities that have agreed to take the cards.

credit cards

Can be issued by banks and nonbanks and are associated with such brand names as AmEx, Discover Financial Services, MasterCard, JCB International Co. Ltd. and Visa.

data breach

The capture of sensitive payment card data by an untrusted party.

debit cards

Issued by financial institutions and tied to cardholders' DDAs. Debit cards come in online/offline and offline-only versions. Online in this context means able to interface with the card brand networks for authorization at the POS. Debit cards can be co-branded with Discover, MasterCard or Visa. Online debit requires customers to enter PINs; offline debit card payments are authorized with cardholder signatures.

demand deposit account (DDA)

A checking account with a financial institution.

discount rate

The percentage of card sales acquirers collect from merchants for transaction authorization, settlement and so forth.

draft laundering

When a merchant processes sales through his or her merchant account on behalf of another merchant. Laundering violates the terms of merchant agreements. Also called draft laundering and factoring.

Also known as: card laundering

electronic funds transfer (EFT)

A way of performing financial transactions electronically. The Pulse and Star networks are examples of EFT systems.

encryption

A method of protecting data. Encryption transforms readable information using an algorithm (called a cipher) and makes it unintelligible to anyone except those who possess a key that converts the information back into readable form. See also end-to-end data encryption.

end-to-end data encryption

Refers to the process of converting card data to seemingly unreadable text from the moment it gets entered at the POS and through to the final authorization.

expiration Date

Date after which a card can no longer be used. Most network-branded cards have an expiration date. Some closed-loop cards expire after a certain period of inactivity or after a certain date, although this is becoming increasingly rare.

factoring

When a merchant processes sales through his or her merchant account on behalf of another merchant. Laundering violates the terms of merchant agreements. Also called draft laundering and factoring.

Also known as: card laundering

floor limit

The payment amount above which credit and debit card transactions must be authorized; this amount is specified in each merchant's processing agreement.

general purpose / general spend card

An open-loop or network-branded card whose sole purpose is to facilitate normal spending transactions, with functionality similar to a debit card but without the need for a bank account.

gift card mall

A physical or virtual rack or display unit that allows customers of a destination retailer to buy a prepaid card issued by a range of different prepaid card issuers. Also referred to as "gift card center" and "gift card shop."

hold back

The money set aside from a merchant's credit card receipts to cover potential chargebacks or other disputes. Typically, the amount is returned after a specified period. Also known as a hold back.

Also known as: reserve

independent sales agent (ISA)

Also known as: agents, ISA

independent sales organization (ISO)

An organization registered with Visa and sponsored by an acquiring bank to sell VISA card acceptance services; also refers to an organization that works with and does business under the name of such a registered ISO. ISOs may also service merchant accounts once they are registered, dependent upon the contract with the acquirer. MasterCard uses the term "member service provider" to describe ISOs. However, it is common within the payments industry to use the term "ISO" when referring to independent sales organizations registered with either or both card brands.

Also known as: ISO, member service provider, MSP

interchange

The fee paid to the card issuing bank by the card acquiring bank by way of the processor. Interchange is the base fee to which all other acquiring and processing fees are added to come up with the merchant discount rate. Interchange rates vary widely based on card type, transaction amount, risks and retail sector. It is assessed on all Visa- and MasterCard-branded cards, even PIN-based debit cards. In certain circumstances interchange flows in reverse, such as following a chargeback.

ISA

Also known as: independent sales agent (ISA)

ISO

Also known as: independent sales organization (ISO)

issuing bank

A federally insured financial institution that issues credit and debit cards; this is the cardholder's financial institution.

magnetic ink character reader (MICR)

A countertop device used to scan magnetic ink character recognition lines. A MICR line is a sequence of digits at the bottom of a check that provides details about the bank and account on which the check is drawn and supports authorization and clearing routines.

mail order/telephone order (MO/TO)

A category of card-not-present transactions involving purchases made through mail order or telesales companies. In this type of transaction, the merchant typically has a card terminal and manually keys in required card information for transmission to the appropriate authorization network. Interchange rates for these transactions are among the highest.

member service provider

Also known as: independent sales organization (ISO)

merchant bank

Also known as: acquirer

merchant discount

Consists of interchange fees charged to merchants by issuing banks for the ability to accept bankcard transactions combined with fees charged to merchants by acquirers to cover such services as processing, terminal installation, help desks and statement rendering. The merchant discount is set by the acquirer at a percentage of the purchase amount, typically between 1.5 percent and 3.5 percent. Sometimes the acquirer's portion of the merchant discount is referred to as the net merchant discount. Also referred to as a transaction fee.

MSP

Also known as: independent sales organization (ISO)

network-branded

A prepaid product that can be accepted as payment by any merchant subscribing to that network's service. Also called open-loop.

non-reloadable

A prepaid product with a fixed value. Additional funds cannot be added to the existing value.

Payment Application Data Security Standard (PA DSS)

Established to help software vendors and others develop secure payment applications that do not store prohibited data and to ensure their compliance with the PCI DSS. Payment applications that are sold, distributed or licensed to third parties are subject to PA DSS requirements.

In-house payment applications developed by merchants or service providers that are not sold to a third party are not subject to PA DSS requirements but must still be secured in accordance with the PCI DSS.

Payment Card Industry (PCI) Data Security Standard (DSS)

Established for securing payment card information. Failure to adhere to the standard (by any party that handles card information, including merchants and ISOs) can result in hefty fines. Often shortened to PCI.

Payment Card Industry Data Security Standard (PCI DSS)

Established by the major payment brands, including American Express Co., Discover Financial Services, JCB International Co. Ltd., MasterCard Worldwide and Visa Inc., the PCI DSS is now managed by the PCI Security Standards Council.

The PCI DSS is designed to enhance payment account data security worldwide and consists of 12 requirements governing security management, policies, procedures, network architecture, software design and other areas critical to the protection of cardholder data.

Failure to adhere to the standard (by any party that handles card information, including merchants and ISOs) can result in hefty fines. Often shortened to PCI.

Also known as: PCI DSS

payroll card

A reloadable, network-branded prepaid card on which is deposited an employee's salary (usually through a bank transfer). Used as an alternative to cash or check where the employee does not have a bank account or prefers this method of payment.

PCI DSS

Failure to adhere to the standard (by any party that handles card information, including merchants and ISOs) can result in hefty fines. Often shortened to PCI.

Also known as: Payment Card Industry Data Security Standard (PCI DSS)

PCI PIN Entry Device (PCI PED)

Renamed PIN Transaction Security (PTS), this is a special list of security requirements for PIN-enabled card acceptance modules.

PCI Security Standards Council (PCI SSC)

An agency responsible for the development, management and education of the PCI security standards, including the PCI DSS, PA DSS, and PTS. The council was founded in 2006 by AmEx, Visa, MasterCard, JCB and Discover.

personal identification number (PIN)

A number used by a cardholder to authorize card payments. It is often abbreviated as PIN.

PIN debit

A debit card transaction authorized by the cardholder using a personal identification number.

PIN Transaction Security (PTS)

A special list of security requirements for PIN-enabled card acceptance modules. This was formerly called the PCI PIN Entry Device (PCI PED) requirements.

point of sale (POS)

The place where retail sales occur and payment transactions are initiated.

prepaid card

A payment card with a set amount of money that has been preloaded onto it for future use by the consumer. It is not a credit card or debit card. Prepaid cards can be used in an open-loop (branded by Visa, MasterCard and so forth) or closed-loop (merchant or mall-branded). The most common type of prepaid card in use today is the gift card.

processor

The company that moves transactions on behalf of acquirers among merchants, banks and the card networks. Some, but not all acquirers are processors.

program aanager

The entity responsible for managing the core attributes of a prepaid card program. Program managers can either manage for other companies, or be responsible for issuing their own prepaid card products. For MasterCard Worldwide, entities are required to have an ISO/MSP license in order to become program managers.

Qualified Security Assessor (QSA)

An auditor, certified by the PCI SSC, who assesses the PCI compliance of payment systems to ensure they are properly protecting card data. The PCI DSS requires that all Level 1 merchants (those that process over 6 million card transactions a year) be evaluated annually by a QSA.

remittance card

A card that enables the user to transfer funds to another party, normally overseas, and often in another currency. No bank is required to transfer the money, and the recipient has instant access to the funds made available, either to spend in a retail outlet or to obtain cash through an ATM.

remote deposit capture (RDC)

Electronic check services by which paper checks are converted into digital images for electronic clearing and settlement, through either electronic check or ACH systems.

reserve

The money set aside from a merchant's credit card receipts to cover potential chargebacks or other disputes. Typically, the amount is returned after a specified period. Also known as a hold back.

Also known as: hold back

response code

A number provided by a card issuing bank to a merchant either verifying that a particular transaction was accepted or explaining why it was declined

restricted authorization network

Pertains to cards issued by a corporate entity, or group of corporate entities. They can only be redeemed within a restricted selection of corporate entities, defined by geography, type of business, type of terminal et cetera. Also known as restricted loop card or semi-open-loop cards.

reversal

A method of recourse for merchants to counter chargeback claims. Cardholders can also set reversals in motion when they rescind chargeback claims.

Self-Assessment Questionnaire (SAQ)

A document used as a validation tool by merchants and service providers to demonstrate compliance with the PCI DSS.

Updated in 2008, it is designed to simplify and streamline the assessment process and aid small and mid-sized merchants who are not required to have on-site PCI compliance assessments. The new SAQ comes in four versions with questions tailored specifically for different categories of card acceptors.

settlement

The process by which the processor, working on behalf of the acquirer, debits the issuer for a transaction and credits the acquirer, and where the acquirer then credits the merchant. Settlement also involves payment to the card brands, calculating discount and qualifying a transaction for the appropriate interchange. Other aspects include exception processing, returns and disputes.

signature debit

A Visa Debit or Debit MasterCard transaction authorized by a cardholder's signature; to the casual observer it looks just like a credit card transaction.

skimming

Running credit or debit cards through an electronic device (skimmer) to capture and store account information from cards' magnetic stripes. The data are then used to create counterfeit cards or fraudulent transactions.

Often skimmers are placed surreptitiously over legitimate payment equipment, from which they lift the payment data from any subsequent transactions.

sniffer

Malware used by hackers to intercept payment card data traveling through merchant or processor networks.

sponsor bank

Also known as: acquirer

super ISO

A large, independent sales organization that supports multiple downstream ISOs and MLSs. Some super ISOs are also processors.

tamper resistant security module

A payment acceptance device with built-in physical protection to prevent tampering, such as the placement of a skimming device on the module.

terminal

A POS device, usually with a small display monitor and keyboard, connecting to the Visa and MasterCard payment network and/or to a proprietary network that authorizes payment card transactions and transmits card data to a receiving institution.

tokenization

A process for protecting card information by which the data are replaced with an alpha-numeric substitute ("token") for their storage in a POS system. The token can be used to identify the purchaser for chargebacks or other post-transaction issues but is useless if stolen.

Please Login
Username
Password