Browse — Information Class · PCI
74 terms
TermTypeDefinitionClassificationsUpdated
Access Control programnounA documented listing of procedures, schedules, roles and responsibilities, and plans or instructions to be performed to implement access control.ControlRegulatedPCI
Account-To-Account Payment (A2A)nounPayment system that allows the consumer to direct transfer of funds from one account to another account at a different financial institution.ProcessRegulatedPCI
Acquirer FeenounFee paid to the acquirer of the merchant sales draft. The acquirer of the sales draft collects a merchant discount fee (or processing fee) from the merchant for the costs associated with processing the transaction.RequirementRegulatedPCI
Address Verification Service (AVS)nounBankcard company service that verifies the customer-provided billing address matches the billing address on their credit card account. The bankcard companies will not support merchants that opt for not using AVS if those transactions are disputed and will charge the merchant an additional 1.25% on those sales.CapabilityRegulatedPCI
anomalous transactionnounA transaction that deviates from the standards, procedures, and processes used to create a transaction.EventRegulatedPCI
Authorization (ACH)nounA written or oral agreement between the originator and a receiver that allows payments processed through the ACH network to be deposited in, or withdrawn from, the receiver's account at a financial institution.RequirementRegulatedPCI
Automated Clearing House (ACH)nounAn electronic clearing system in which a data processing center handles payment orders that are exchanged among financial institutions, primarily via telecommunications networks. ACH systems process large volumes of individual payments electronically. Typical ACH payments include salaries, consumer and corporate bill payments, interest and dividend payments, and Social Security payments.SystemRegulatedPCI
automated clearing house activitynounAny transaction made through the Automated Clearing House network.EventRegulatedPCI
automated clearing house capturenounA service that allows a user to transmit automated clearing house data to a bank for posting and clearing.CapabilityRegulatedPCI
Automated Teller Machine (ATM)nounAn electronic funds transfer (EFT) terminal that allows customers using a PIN-based debit (ATM) card to initiate transactions (e.g., deposits, withdrawals, account balance inquiries).PhysicalRegulatedPCI
Back Office Conversion (BOC)nounUnder NACHA rules, BOC allows retailers and billers that accept checks at the point-of-sale or at manned bill payment locations to convert eligible checks to ACH debits in the back-office.ProcessRegulatedPCI
Bank Identification Number/Interbank Card Company (BIN/ICA)nounA series of assigned numbers used to identify the settling financial institution for both acquiring and issuing bankcard transactions.DataRegulatedPCI
BankcardnounA general-purpose credit card, issued by a financial institution under agreement with the bankcard associations (Visa and MasterCard), which customers can use to purchase goods and services and to obtain cash against a line of credit established by the bankcard issuer.DataRegulatedPCI
Bankcard CompaniesnounVisa and MasterCard International, Inc. are bankcard companies established as bank service companies. Financial institutions must be members of a bankcard company in order to offer their credit card services. The companies have established membership rights and obligations, and membership is limited to financial institutions.OrganizationInternalPCI
Batch ProcessingnounThe transmission or processing of a group of related payment instructions.ProcessRegulatedPCI
Card IssuernounA financial institution that issues general-purpose credit cards carrying one of the two bankcard company logos. The issuing financial institution establishes the credit relationship with the consumer.OrganizationRegulatedPCI
Card Verification Code (CVC2)nounNumeric security code printed on the back of MasterCard credit cards. CVC2 reduces credit card fraud and chargeback instances significantly when used in conjunction with AVS. (See Address verification service).CredentialRegulatedPCI
Card Verification Value (CVV2)nounThree-digit security number that is printed on the back of most Visa credit cards. CVV2 reduces credit card fraud and chargeback instances significantly when used in conjunction with AVS.CredentialRegulatedPCI
ChargebacknounA transaction generated when a cardholder disputes a transaction or when the merchant does not follow bankcard company procedures. The issuer and acquirer research the facts to determine which party is responsible for the transaction. If the merchant is unable to pay, the acquirer will have to cover the chargeback.EventRegulatedPCI
ChecknounA written order from one party (payer) to another (payee) requiring the payer's financial institution to pay a specified sum on demand to the payee or to a third party specified by the payeeArtifactRegulatedPCI
Check 21 ActnounFormally known as the Check Clearing for the 21st Century Act. Creates a new document, the IRD (image replacement document or substitute check) that is the legal equivalent of the original check and should be accepted as such. The act does not require institutions to accept electronic images instead of checks or IRDs, but does require the acceptance of IRDs instead of paper checks. The exchange of electronic images is optional and will be done by agreements between individual institutions, groups of institutions, or clearinghouses.FrameworkRegulatedPCI
Check ImagenounElectronic or digital image of an original check that is created by a depositor, a bank or other participant in the check collection process. Check images can be exchanged electronically by financial institutions, printed for customer statement purposes, displayed on Internet banking websites, and used to create substitute checks.DataRegulatedPCI
Check TruncationnounThe practice of holding a check at the institution where it was deposited (or at an intermediary institution) and electronically forwarding the essential information on the check to the institution on which it was written. A truncated check is not returned to the writer.ProcessRegulatedPCI
Credit CardnounA card indicating the holder has been granted a line of credit. It enables the holder to make purchases or withdraw cash up to a prearranged ceiling. The credit granted can be settled in full by the end of a specified period or can be settled in part, with the balance taken as extended credit. Interest is charged based on the terms of the credit card agreement and the holder is sometimes charged an annual fee.DataRegulatedPCI
Credit EntrynounAn entry to the record of an account that represents the transfer or placement of funds into the account.ArtifactRegulatedPCI
Debit cardnounA payment card issued as either a PIN-based debit (ATM) card or as a signature-based debit card from one of the bankcard associations. A payment card issued to a person for purchasing goods and services through an electronic transfer of funds from a demand deposit account rather than using cash, checks, or drafts at the point-of-sale.PhysicalRegulatedPCI
DepositorynounAn institution that holds funds or marketable securities for safekeeping. Depositories may be privately or publicly operated and allow securities transfers through book-entry and offer funds accounts permitting funds transfers as a means of payment.PhysicalRegulatedPCI
Depository bank (Check 21)nounAlso known as Bank of First Deposit (BOFD). The first bank to which a check is transferred even though it is also the paying bank or the payee. A check deposited in an account is deemed to be transferred to the financial institution holding the account into which the check is deposited, even though the check is physically received and endorsed first by another financial institution.OrganizationRegulatedPCI
E-BankingnounThe remote delivery of new and traditional banking products and services through electronic delivery channels.SystemRegulatedPCI
Electronic bill presentment and payment (EBPP)nounAn electronic alternative to traditional bill payment, allowing a merchant or utility to present its customers with an electronic bill and the payer to pay the bill electronically. EBPP systems usually fall within two models: direct and consolidation-aggregation. In the direct model, the merchant or utility generates an electronic version of the consumer's billing information, and notifies the consumer of a pending bill, generally via e-mail. The consumer can initiate payment of the electronically presented bill using a variety of payment mechanisms, typically a credit card. In the consolidation-aggregation model, the consumer's bills are consolidated by a consolidator acting on behalf of merchants and utilities (or aggregated on behalf of the consumer), combining data from multiple bills and presenting a single source for the consumer to initiate payment. Some consolidators present bills at their own web sites, typically most support the aggregation of bills by consumer service providers such an Internet portals, financial institutions, and brokerage web sites.SystemRegulatedPCI
Electronic check presentment (ECP)nounCheck truncation methodology in which the paper check's MICR line information is captured and stored electronically for presentment. The physical checks may or may not be presented after the electronic files are delivered, depending on the type of ECP service that is used.ProcessRegulatedPCI
Electronic data capture (EDC)nounProcess used for capturing and transferring the encoded information on the magnetic strip from a bankcard or debit card at the point-of-sale to the processor's database.ProcessRegulatedPCI
electronic funds transfernounThe use of telecommunications networks to transfer funds from one financial institution, as a bank, to another, or to withdraw funds from one's own account to deposit in a creditor's.ProcessRegulatedPCI
Electronic funds transfer (EFT)nounA generic term describing any transfer of funds between parties or depository institutions through electronic data systems.ProcessRegulatedPCI
electronic funds transfer activitynounAny transfer of funds which is initiated through an electronic terminal, telephonic instrument, computer, or magnetic tape so as to order, instruct, or authorize a financial institution to debit or credit an account. ... These are normally considered retail funds transfer systems.DataRegulatedPCI
Electronic funds transfer point of sale equipmentnounAny, instruments or machinery required for an electric transfer of money to take place.PhysicalRegulatedPCI
Electronically-created payment ordersnounThese are payment orders received by merchants from consumers, typically by telephone or the Internet. These payment orders are processed through the check processing system although they were not initiated as paper checks. These payment orders are not subject to check law and are not warranted by the Federal Reserve Banks.DataRegulatedPCI
FIN (Financial Application)nounThe SWIFT application within which all SWIFT user-to-user messages are input and output.SystemRegulatedPCI
FinalitynounIrrevocable and unconditional transfer of payment during settlement.RequirementRegulatedPCI
funds transfer terminalnounAn information processing device used for the purpose of executing deposit account transactions between financial institutions and their customers by either the direct transmission of electronic impulses or the recording of electronic impulses for delayed processing.SystemRegulatedPCI
Image exchange (Check 21)nounExchange of some or all of the digitized images of a check.ProcessRegulatedPCI
Independent sales organizationnounA non-financial institution organization that provides a variety of merchant processing functions on behalf of the acquirer. These functions include soliciting new merchant accounts, arranging for terminal purchases or leases, and providing backroom services. An Independent sales organization is also referred to as a member service provider (MSP). The acquirer must register all Independent sales organization/MSPs with the bankcard associations.OrganizationRegulatedPCI
InterchangenounExchange of transactions between financial institutions participating in a bank card network, based on a common set of rules. Card interchange allows a financial institution's customers to use a bank credit card at any card honoring merchant and to gain access to multiple ATM systems from a single ATM.ProcessRegulatedPCI
KiosknounA publicly accessible computer terminal that permits customers to directly communicate with the financial institution via a network.SystemInternalPCI
LockboxnounDeposit mechanism used by commercial firms and businesses to facilitate their deposit transaction volume. Typically, commercial firms and businesses direct customers to send payments directly to a financial institution address or post office box controlled by the institution. Financial institution personnel record payments received and prepare deposit slips, and subsequent processing proceeds as with other deposit taking activities.PhysicalRegulatedPCI
Merchant acquirernounBankcard association members that initiate and maintain contractual agreements with merchants for the purpose of accepting and processing bankcard transactions.OrganizationRegulatedPCI
Merchant processingnounActivity for the acceptance and settlement of bankcard products and transactions from merchants through the payment system.ProcessRegulatedPCI
online terminalnounA web-browser-based access to an acquirer, processor or third party service provider website to authorize payment card transactions, where the merchant manually enters payment card data via a securely connected web browser. Unlike physical terminals, virtual payment terminals do not read data directly from a payment card. Because payment card transactions are entered manually, virtual payment terminals are typically used instead of physical terminals in merchant environments with low transaction volumes.SystemRegulatedPCI
origination functionnounAny of the processes required to initiate an automated clearing house transaction.ProcessRegulatedPCI
payment cardnounA range of different cards that can be used to access cash assets through point-of-sale terminals or other facilities in order to make payments, receive cash money, exchange currency and perform other actions determined by the card issuer and its terms.PhysicalRegulatedPCI
Payment systemnounThe mechanism, the rules, institutions, people, markets, and agreements that make the exchange of payments possible.SystemRegulatedPCI
PCI Security Standards CouncilnounThe governing body, representing key participants of the payment card industry, which establishes and maintains security standards for payment cards.OrganizationRegulatedPCI
Person-to-person (P2P) paymentnounOnline payments using electronic mail messages to invoke a transfer of value between the parties over existing proprietary networks as on-us transactions.ProcessRegulatedPCI
Point-of-sale (POS) networknounA network of institutions, debit cardholders, and merchants that permit consumers to make direct payment electronically at the place of purchase. The funds are withdrawn from the account of the cardholder.NetworkRegulatedPCI
Remittance cardsnounPayment cards that are typically used to facilitate cross-border movement of funds by individuals and for person-to-person transactions.DataRegulatedPCI
Remote deposit capture (RDC)nounA service that enables users at remote locations to scan digital images of checks and transmit the captured data to a financial institution or a merchant that is a customer of a financial institution.CapabilityRegulatedPCI
Remotely created check (RCC)nounA check that is drawn on a customer account at a financial institution, is created by the payee, and does not bear a signature in the format agreed to by the paying financial institution and customer. RCCs are also known as "demand drafts," "telechecks," "preauthorized drafts," "paper drafts," or "digital checks."DataRegulatedPCI
Retail paymentsnounPayments, typically small, made in the goods and services market.DataRegulatedPCI
Return (ACH)nounAny ACH entry that has been returned to the ODFI by the RDFI or by the ACH operator because it cannot be processed. The reason for each return is included with the return in the form of a "return reason code." (See the NACHA "Operating Rules and Guidelines" for a complete reason code listing.)ArtifactRegulatedPCI
Secure Electronic TransactionnounA standard that will ensure that credit card and associated payment order information travels safely and securely between the various involved parties on the Internet.FrameworkRegulatedPCI
Secure Socket LayernounA protocol used for protecting private information during transmission via the Internet. Note: SSL works by using a public key to encrypt data that's transferred over the SSL connection. Most Web browsers support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with “https:” instead of “http:.”NetworkRegulatedPCI
Single-Entry (ACH)nounA one-time transfer of funds initiated by an originator in accordance with the receiver's authorization for a single ACH credit or debit to the receiver's consumer account.DataRegulatedPCI
Store cardnounA credit card issued by a financial institution for a specific merchant or vendor that does not carry a bankcard association logo. Store cards can only be used at the merchant or vendor whose name appears on the front of the card.PhysicalRegulatedPCI
Stored-value cardnounA card-based payment system that assigns a value to the card. The card's value can be stored on the card itself (i.e., on the magnetic stripe or in a computer chip) or in a network database. As the card is used for transactions, the transaction amounts are subtracted from the card's balance. As the balance approaches zero, some cards can be "reloaded" through various methods and others are designed to be discarded. These cards are often used in closed systems for specific types of purchases.PhysicalRegulatedPCI
Substitute check (Check 21)nounAlso known as the Image Replacement Document (IRD). A paper reproduction of an original check that (1) contains an image of the front and back of the original check; (2) bears a MICR line that, except as provided under ANS X9.100-140, contains all the information appearing on the MICR line of the original check when it was issued and any additional information that was encoded on the original check's MICR line before an image of the original check was captured; (3) conforms in paper stock, dimension, and otherwise with ANS X9.100-140; and (4) is suitable for automated processing in the same manner as the original check. The Federal Reserve Board of Governors can by rule or order determine different standards.ArtifactRegulatedPCI
Third Party Service ProvidernounAs defined in the PCI DSS and PA-DSS Glossary of Terms, Abbreviations, and Acronyms, a service provider is a business entity that is not a payment brand, directly involved in the processing, storage, or transmission of cardholder data on behalf of another entity. This also includes companies that provide services that control or could impact the security of cardholder data. There are many types of businesses that could fall into the category of “service provider,” dependent on the services provided. Most commonly, a TPSP could be a legally separate entity; but it can also be a separate business unit or component of the entity under assessment—for example, an internal service provider—where the provider is outside the direct management control of the entity assessed.OrganizationRegulatedPCI
Third-party service provider (ACH)nounA third party, other than the ODFI or RDFI, that performs any function on behalf of the ODFI or the RDFI related to ACH processing. These functions would include the creation and sending of ACH files or acting as a sending or receiving point on behalf of a participating depository financial institution.OrganizationRegulatedPCI
Truncating bank (Check 21)nounThe financial institution that truncates the original check. If a person other than a financial institution truncates the original check, the truncating bank is the first financial institution that transfers, presents, or returns, in lieu of such original check, a substitute check or, by agreement with the recipient, information relating to the original check (including data taken from the MICR line of the original check or an electronic image of the original check), whether with or without the subsequent delivery of the original check.OrganizationRegulatedPCI
unposted suspense itemnounA transaction that has not yet been processed, but may affect the amount of credit available.ArtifactRegulatedPCI
wire servicernounA financial institution that offers electronic funds transfer serviceOrganizationRegulatedPCI