• Card Holder: A consumer to which a credit or debit card is issued by the credit card associations or by the consumer’s bank. 
  • Card Not Present (CNP) : During transaction card is not present physically (e.g. online shopping) CNP transactions are risky, so an additional layer of security (2nd Factor Authentication) is mandatory Usually TDR/MDR is CNP cases are higher than CP as risk is higher is CNP (rates are adjusted for risks)
  • Card Number: The account number assigned by a credit card association or card issuing bank to a cardholder. This information must be provided to a merchant by a customer in order to make a credit card payment. The string of digits printed on the front of the card (these digits signifies band identification number, category, currency etc.) 
      • Visa, MasterCard, Maestro, RuPay: 16 digits 
      • Amex: 15 digits
  • Card Present (CP) : During the transaction the cardholder or card is present at the point of sale Example: Card swipe has done at grocery store Usually TDR/MDR is CP cases are lower than CNP as risk is lower in CP transactions (rates are adjusted for risks) 
  • Card Vaulting : Process of storing the card details (card number and CVV) and show the stored card details during subsequent transactions Card can be stored by PCI DSS certified entity (acquiring bank, aggregator or merchant) 
  • Card Verification Value (CVV), Card Verification Code (CVC), Card Security Code (CSC): Card verification value (CVV) is a combination of features used in credit, debit cards for the purpose of establishing the owner’s identity and minimizing the risk of fraud. 
  • CVV is also known as card verification code (CVC) or card security code (CSC) and it has two parts – 
      • CVV1: Part of magnetic stripe 
      • CVV2: 3 or 4 digits on the backside of the card 
  • Visa, MasterCard, Maestro, Rupay: 3 digits and Amex: 4 digits (Card Identification Number)
  • Cash Back: A promotional way in which merchant or banks return part of the transaction amount to the cardholder to incentivize the customer.
  • Cash Cards: Prepaid Cards, the cards have a set amount stored in it for financial usage.
  • Chargebacks: A dispute raised by credit cardholder with issuing bank.
  • There can be various reasons for a chargeback to take place:
      • Service/product not delivered, 
      • upon cancellation refund is not issued, 
      • suspected fraudulent transactions
      • Card being hacked
  • In such circumstances, the issuing bank will send the chargeback to acquiring bank and acquiring bank reaches out to merchant directly (if acquiring bank has direct integration with merchant) or through aggregator (if transaction is processed through aggregator) to provide proof to support delivery or refund within stipulated time else chargeback will be considered valid and merchant will be obliged to return chargeback amount.
  • Chargeback Reason Code: A code provided to the merchant by the card-issuing bank that indicates the reason for the chargeback transaction.
  • Closed-loop prepaid cards/wallet: Cards/wallet that can be used at only one merchant and funds cannot be withdrawn to source account or through ATM.
  • Co-branded cards: Cards that are issued by a financial institution with a card scheme and also has corporate branding 
  • Collection account:  The bank account of the merchant to which proceeds of the payment gateway is credited. The collection account can be a current account, nodal account or escrow account 
  • Credit Cards:  The cards that allow paying for products or services by borrowing money from a financial institution Credit Limit The maximum amount the cardholder may owe to the issuer on the card account at any time. 
  • Customer Relationship Management (CRM) : The CRM software is a broad set of applications designed to help businesses manage customer data and customer interaction, access business information, automate sales, marketing and customer support and also manage employee, vendor and partner relationships. (like Zoho, Salesforce) 
  • Debit Cards: The cards that work through the automatic deduction of available funds in a bank account to make a purchase 
  • Declined Payments: Transactions that are not approved by the card-issuing bank are marked as declined. No further action may be taken for declined transactions and customer has to retry to make payment.
  • Digital Signature:  An electronic file containing unique information that is used to verify the trustworthiness of an organization or individual. Digital Certificates are issued by a Certificate Authority and are used with the Secure Sockets Layer (SSL) protocol. 
  • Diners: Another card association that issues credit cards. 
  • Dispute: Refer to the word ‘Chargeback’. 
  • E-commerce Platform: Software that provides various functionalities that are required to run an eCommerce business such as website, category management, pricing management, order management and payment management. For example – Shopify, Magento and others.
  • Electronic Commerce Indicator ; ECI (Electronic Commerce Indicator) is the value returned from the Directory Server (Visa, Mastercard and JCB) to show the result of authentication credit card payment from your customer on the features of 3D Secure.
  • EMI (Equated Monthly Instalments) : A provision is given by a bank to the cardholder (customer) to split the transaction amount to a smaller amount that is payable on a monthly basis. For the service bank may charge a processing fee or interest. 
  • EMV EuroPay, MasterCard and Visa, is a microchip-based technology designed to reduce fraud at the point-of-sale
  • Encryption: The process of transforming processing information to make it unusable to anyone except those possessing special knowledge usually referred to as a key.
    It is a way to make data unreadable to everyone except the recipient of a message. Encryption is often used to make the transmission of credit card numbers secure for those who are shopping on the Internet.
  • Escrow Account: An escrow account is a temporary pass-through account held by a third party during the process of a transaction between two parties. (Same as Nodal account).
  • Expiry Date: The date on which the validity of a card expires. Transactions will only be approved for cards that are not yet expired.
  • FASTag: This is a new variant of prepaid card that has become very popular recently because of government’s push to digitize toll collection at toll booth across country. This is an instrument that works on near field communication technology where your card stuck on your windshield is read by the sensors installed at toll booths while your car is passing through. Since this is a standard amount to be deducted a rule based setting process the transaction without the need for an operator. Toll gate is triggered based on the transaction response. Open the gate if response successful, if not refer for manual intervention.
  • Firewall: A firewall is hardware or software that enforces security on your computer or system. It’s like a locked door, preventing dangerous material from getting into the room.
  • Flat Fee: Transaction charges are per transaction and not the percentage of the transaction amount.
  • Fraud: The malicious practice by untrustworthy and dishonest persons to use stolen personal information, credit card information, and/or compromised bank account information for personal gain; not limited to the purchase of merchandise, the submission of fraudulent data or identification also contributes to this act.
  • GTV: Gross Transaction Value; total transaction amount available for processing. Online GTV is total transaction amount available for online processing. GTV is amount measured for a day, week, month or year. Also known as Transaction Payment Volume.
  • Identity Theft (ID Theft): A criminal activity where a thief appropriates vital information such as your name, birth date, account number, or credit card number without your knowledge.
  • Interchange: The process by which all parties involved in a card transaction (i.e., processors, acquirers, issuers, etc.) manage the processing, clearing and settlement of card transactions, including the assessment, and collection and/or distribution of fees between parties.
  • Interchange Fees: Fees paid by the acquirer to the issuer to compensate for transaction-related costs. VISA, MasterCard and other providers determine the interchange fee rates.
  • Internet Protocol (IP) : A set of rules governing the format of data sent over the Internet or another network
  • Internet Protocol (IP) Address: A unique string of numbers separated by full stops that identify each computer or mobile or other instrument using the Internet Protocol to communicate over a network. 
  • Internet Service provider (ISP) : A company that provides Internet services and resource management to businesses and consumers. (E.g. Airtel) iOS operating system used for mobile devices.
  • iOS: A mobile operating system developed by Apple to run its mobile devices like iPhone, iPads and others. iOS has been further divided into Watch OS, iPad iOS and TvOS.
  • Issuing Bank: A financial institution that issues cards to consumers on behalf of the card associations. Also known as Card Issuing Bank. 
  • JCB: Japanese Credit Bureau (JCB) is card association. 
  • Keystroke logger: Hardware device or a software program that records each keystroke made on a particular computer. Marketed as a way for parents to monitor their children’s activities on a computer, keystroke loggers are sometimes downloaded unwittingly by users. The keystroke logger then records the keystrokes and periodically uploads the information over the Internet. See also Spyware, Trojan horse.
  • Magnetic Stripe: The black stripe on a credit, debit or stored-value card that stores the cardholder account information 
  • Marketplace: The marketplace is a platform that allows various entities to sell their services or products to customers.
  • MasterCard SecureCode: A security program created by MasterCard to provide identity authentication for cardholders and transaction protection for merchants. By registering for MasterCard SecureCode, merchants can minimize transaction risks while providing additional security for customers.
  • Merchant: The person or business entity that sells goods or services to a customer. 
  • Merchant Account Provider: A financial institution, or bank, that provides a financial account to a merchant for the purpose of collecting proceeds from consumer bank account or card payment transactions. 
  • Merchant Category Code (MCC): Merchant Category Code – Schemes have different codes for each category (Airlines, Hotel, Hospital, etc.) A merchant will be assigned to specific MCC. Some specific MCCs have different commercials (e.g. education) whereas some MCCs are blocked for CNPs (like online medicine, liquor and more)
  • Merchant Discount Rate (MDR); The Fee charged by acquiring bank to the merchant. 
  • Merchant Identification Number (MID) ; An identification number assigned to each member merchant of an acquiring organization, such as a financial institution, Independent Sales Organization (ISO), Merchant Service Provider (MSP) or processor. MID identifies the merchant throughout the payment cycle (transaction, settlement, refund, chargeback) 
  • MICR: Magnetic Information Character Recognition is the imprinted banking numbers (routing/transit number, checking account number, check number) at the bottom of the check 
  • mPoS: This is smaller version of the PoS devices that connects to a mobile phone for connectivity. The extension typically has a card reader and PIN pad for entering the PIN and a small display. They rely on the mobile phone for connectivity and do not print receipts as opposed to traditional devices. mSwipe and Ezetap are two key players in this space.
  • National Payments Corporation of India (NPCI): NPCI is an organization for retail payments in India. It was set up with the guidance and support of the Reserve Bank of India (RBI) and Indian Banks’ Association (IBA). NPCI is spearheading guidelines for various payment modes: NEFT, NACH, RuPay Scheme and UPI 
  • NEFT; National Electronic Funds Transfer (NEFT) is an Indian system of electronic transfer of money from one bank or bank branch to another. The banks or their branches that support such transactions have to participate in the NEFT network
  • Nodal accounts: Nodal accounts are special-purpose accounts created for coordinating a special type of transaction and governed by regulatory bodies. The business opens such account with the bank and this is not an interest-bearing account. So funds parked in the nodal account is not shown on the accounting books of the business entity. A nodal account is used to hold funds belonging to 3rd parties.
  • Offline EMIs: EMI conversion is done 5-7 after the transaction date. Customer will make payment for the full amount and bank will convert the amount to monthly payments. Banks have eligibility criteria for such cardholders.
  • Open-loop prepaid cards; Cards that can be used across all merchants and also funds can be withdrawn at ATMs. 
  • OTC:  Over the Counter transaction wherein customer makes payment across the counter in a bank. 
  • OTP:  One Time Password Issuing bank sends this to cardholder’s registered mobile number and same needs to provide in acquiring bank page as part of 2nd Factor authentication. 
  • Patch: A software update meant to fix problems with a computer program. This can range from fixing bugs, to replacing graphics, to improving the usability or performance of a previous version.P2M; P2M stands for Person-to-Merchant, where transactions via IMPS network from the customer to the merchant. P2M functions where the merchant has a relationship with the consumer, and each invoice needs to be approved separately.
  • P2P: Person to Person transfer of funds Options: Card to card, card to the account, account to the card. 
  • Payment Gateway: Payment Gateway (PG) is a piece of software doing the job of a PoS device in digital world. Any website of mobile app integrates with a payment gateway to accept payments from card instruments. Many banks have their own payment gateways with HDFC Bank being market leader in this space. However there are many non-bank players like PayU, CCAvenue, Billdesk, Techprocess, Razorpay, Payabbhi etc playing the role of aggregator to offer this service to merchants.
  • PCI DSS: Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards (Visa, MasterCard, American Express, Discover, and JCB) PCI DSS mainly covers security aspects about storing and processing card details.
  • Pending Transaction: Transactions for which status is not clear in real-time because aggregator has not received the confirmed status from the bank. Such transactions are converted to success, failed or user aborted post status reconciliation (T+1 day). 
  • Pharming: The criminal process of electronically gathering and selling the personal and financial information for multiple users through the use of phishing. See also Phishing.
  • Phishing: An online identity theft scam. Typically, criminals send emails that look like they’re from legitimate sources, but are not. The fake messages generally include a link to phony, or spoofed, websites, where victims are asked to provide sensitive personal information. The information goes to criminals, rather than the legitimate business. See also Spoofing.
  • PIN (Personal Identification Number): PIN is a unique number to validate the payment instrument holder It can be static or dynamic (OTP) Cards have 2nd Factor authentication password, debit cards or ATM PIN at POS/ATM usage.
  • Polling te status: Checking for the status of transaction periodically. 
  • POS (Point of Sales); Point of Sales (POS) is a machine used to process a card-present scenario (fixed POS at the retail store or mobile POS device).Also see mPOS 
  • Pre-Authorization:  Holding the fund from a debit or credit card transaction until the full transaction is captured is called pre-authorisation. [Learn more]
  • Prepaid Cards:  Prepaid cards are stored value cards where you need to load the money in the prepaid account where you can transact up to the amount loaded on the prepaid instrument and that is why are considered less risky since the exposure is limited to the amount stored. RBI issues PPI (Prepaid Payment Instrument Issuer) license to entities interested in issuing prepaid cards. Entities like EbixCash (formerly ItzCash), Amazon Pay, Mobikwik, Oxigen, Sodexo, PhonePe are some popular PPI issuers in the market.
  • Prepaid Payment Instruments (PPIs): PPIs are instruments that facilitate purchase of goods and services, conduct of financial services, enable remittance facilities, etc., against the value stored therein. PPIs can be issued by banks and non-banks. Banks can issue PPIs after obtaining approval from RBI. The non-bank PPI issuers are companies incorporated in India and registered under the Companies Act, 1956 / 2013. They can operate a payment system for issuing PPIs to individuals / organisations after receiving authorisation from RBI. The cash loading of PPIs is limited to ₹ 50,000/- per month subject to overall limit of the PPI. Some of the examples of PPIs include Paytm and GPay (semi-closed system PPIs), gift cards (closed system PPIs) and debit or credit cards (open system PPIs)
      • Closed system PPIs: You cannot withdraw cash from such kinds of PPIs. These PPIs help in facilitating the purchase of goods and services from that entity only. Besides, these instruments cannot be used for payments or settlement for third-party services. The issuance and operation of such instruments are not classified as a payment system and do not require approval or authorization from the Reserve Bank of India (RBI).
      • Semi-closed system PPIs: These payment instruments do not allow you to make a cash withdrawal, irrespective of whether they are issued by banks or non-bank institutions. For instance, PPIs such as HDFC Bank’s PayZapp and State Bank of India’s YONO are approved by the central bank and non-bank PPIs such as Paytm and GPay are authorized by RBI for the purchase of goods and services, including financial services, payments, money transfer, remittance facilities, etc.
      • Open system PPIs: The most commonly used PPIs are debit and credit cards. You can make a cash withdrawal from these PPIs. However, be cautious while withdrawing cash from a credit card because by doing so, you will be charged a high interest rate from the day of cash withdrawal. These PPIs issued by banks (approved by the central bank) can also be used at any merchant for the purchase of goods and services, including financial services, remittance facilities, etc. Cash withdrawal at ATMs, point of sale terminals and business correspondents is permitted through these PPIs.
      • Prepaid cards issued by banks are usually open loop cards and work on a wider merchant base depending on their ability to accept Visa, MasterCard or RuPay while cards issued by PPI issuers are semi closed loop cards. Meaning for a card issued by a PPI issuer to work at any merchant the merchant needs to have a direct arrangement with the issuer of the card.
      • There are many variations of prepaid card instruments available in market with varying popular terms.
      • Mobile Wallet or Wallet: These are prepaid instruments issued digitally only and are typically accessed through a mobile app offered by the issuer entity. Some very popular wallets in the market are PayTM, PhonePe, AmazonPay.
      • Meal Card or Food Card: These cards work only on grocery merchants or restaurants. Sodexo is the biggest issuer in this category.
      • Travel Card or Forex Card: This is the card category typically issued by Banks or through FFMCs (Full Fledged Money Changers) where you can load money in foreign currency. When you are traveling to a foreign country any transaction done on your INR cards incurs surcharge to the tunes of 2-5% depending on your issuers called cross currency mark-up. In that situation it is advised to carry a travel prepaid card with money stored in that region’s local currency thus avoiding this mark-up every time you transact. There are even multi-currency variants available in this category where you can load the card in multiple currencies supported by the card issuer.
      • FASTag: This is a new variant of prepaid card that has become very popular recently because of government’s push to digitize toll collection at toll booth across country. This is an instrument that works on near field communication technology where your card stuck on your windshield is read by the sensors installed at toll booths while your car is passing through. Since this is a standard amount to be deducted a rule based setting process the transaction without the need for an operator. Toll gate is triggered based on the transaction response. Open the gate if response successful, if not refer for manual intervention.
  • Reconciliation:  Reconciliation is an accounting process that uses two sets of records to ensure figures are correct and in agreement. It confirms whether the money leaving an account matches the amount that’s been spent, and ensures the two are balanced at the end of the recording period.
  • Recurring Payments: Payments that we make periodically and periodicity may be weekly, monthly, quarterly, half-yearly, yearly Example: Utility bill, insurance premiums 
  • Refund; A request posted by the merchant (for the customer) for returning the transaction amount to the customer’s source account or card. A refund can be complete transaction amount or partial amount of the original transaction amount. 
  • Reserve Bank of India (RBI); RBI is India’s central banking institution which controls the monetary policy of the Indian rupee. RBI also regulates the payment modes and methods. 
  • Risk Monitoring System ; The RMS is a powerful, rules-based set of transaction filters, Internet Protocol (IP) address and other often proprietary tools designed to help Web merchants identify, manage and prevent fraudulent transactions. 
  • RTGS:  Real-Time Gross Settlement: Electronic payment mode that enables the customer to transfer Rs.2 Lakh above to other parties
  • SDK: A software development kit (SDK or “devkit”) is a set of software development tools that allow the creation of applications software 
  • Secure Socket Layer (SSL): An Internet protocol that safeguards electronic communications between two or more computers by transmitting encrypted data that is difficult to be tampered with. Websites that use SSL technology are indicated by an “https” in their Web address and a lock icon at the bottom right of the browser window. 
  • Semi-closed loop prepaid card/wallet: Cards/wallet that can be used at multiple merchants and funds cannot be withdrawn to source account or through ATM 
  • Settlement : The amount that is paid from one party to other -Acquiring bank (cards) or issuing bank (net banking) or wallet issuer will make payment to an aggregator for a successful transaction that is processed on respective entities (T+1 day) – Aggregator makes payment to the merchant for the successful transaction (T+2 day) 
  • Shopping Cart: An Internet or software company that provides e-commerce tools and payment form solutions for merchant Web sites. 
  • Spam: Unsolicited “junk” email sent to large numbers of people to promote products or service.
  • Spoofing: An online identity theft scam. Typically, criminals send emails that look like they’re from legitimate sources, but are not (phishing’). The fake messages generally include a link to phony, or spoofed, websites, where victims are asked to provide sensitive personal information. The information goes to criminals, rather than the legitimate business. See also Phishing.
  • Spyware: A program that is loaded onto your computer without your knowledge. These programs gather information from your computer activities and send them to an unknown source. These programs are especially dangerous when capturing financial information that can be used to commit fraud.
  • Sub-Merchant Transaction ID: A unique ID that is generated by the merchant for every sale. Each merchant transaction id is mapped to transaction-id
  • Success Rate: The measurement of performance of payment gateway. Usually, the percentage of successful transactions.
  • Surcharge: Transaction charges that are added to the transaction amount. In this model, usually customer bears the transaction amount and the merchant receives a full settlement. 
  • TAT: Turnaround Time: Time committed for delivering a particular service (e.g. TAT for Settlement is T+2 day. 
  • Ticket Size: Transaction amount. An average ticket size help companies to make business decisions as used in various calculations related to the pricing. 
  • TPS: Transaction Per Second; the measure of acquiring bank or aggregators transaction processing capacity.
  • TPV: Transaction Payment Volume; see GTV.
  • TPV (Third Party Validation): Process in which bank account used for online payment is validated against the account that is registered or allowed for the payment. Applicable only for brokerage and MF industry. 
  • Transaction Discount Rate (TDR) : The fee charged to a merchant by the payment gateway for each transaction. 
  • Transaction ID (aggregator Transaction ID) : A unique identification value assigned to each payment processed. A transaction ID will be allotted both successful and failed transactions. Transaction ID connects Sub-merchant transaction id and bank transaction Id. This id can be traced complete payment life cycle (transaction, refunds, chargeback etc). 
  • Transaction Status: Status of the transaction of online payment. Status can be a success, failed, pending, user aborted or refunded. 
  • Trojan Horse: An apparently legitimate software that carries an unwanted payload that is typically used by hackers to gain unauthorized access to your computer. See also Spyware.
  • Underwriting (UW): Process of accepting the liability under and thus guaranteeing payment in case of loss or damage occurs. 
  • Unified Payment Interface (UPI): UPI is a digital payment initiative by NPCI to boost digital payments in India and provide interoperability. Once customer registers for UPI with the bank, a unique virtual identifier is created and that is mapped to mobile phone To initiate the payment, UPI invokes this virtual identity of the beneficiary and transfers money in real-time. It works on single-click 2-factor authentication. UPI will allow a customer to have multiple virtual ids and can use a mobile number or aadhar number as a virtual id.
  • UTR: UTR is Unique Transaction Reference number that is generated in IMPS, NEFT and RTGS system for uniquely identifying any transaction. The format of UTR is predefined and is generated by the bank initiating the transaction.
  • Upfront Deduction: Transaction charges are deducted from the transaction amount and net settlement amount is credited to merchant’s collection account. 
  • Verified by Visa: A security program created by Visa to provide identity authentication for cardholders and transaction protection for merchants. By registering for Verified by Visa, merchants can minimize the risk of chargebacks and returns by providing additional security 
  • Virus: A program that is loaded onto your computer without your knowledge. Viruses can make copies of themselves, quickly using up all available memory. Some viruses can transmit themselves across networks.
  • Wallet: A wallet is an account for holding the funds and can be used for various purchases. A wallet can be virtual (e.g. mobile wallet such as PayTM, Vodafone m-pesa) or physical (prepaid cards) 
  • Worm: Typically, a malicious program that reproduces itself over a network and uses up computer resources or shuts down the system.
  • Working Days: Business days for banks as defined by RBI. Sundays, 2nd & 4th Saturday are banking holidays apart from the list of holidays