This is a security measure that requires two individual and distinct forms of identification in order to approve a transaction. The first step involves a password, while the second factor could include a code sent to the customer by text message or email, or biometric verification via fingerprint or face ID etc.
Developed by Visa, 3-D Secure (or 3DS) introduces an extra layer of security for customers when making online payments. If a card has been enrolled in the 3DS programme, during checkout customers will be redirected to a 3DS page and asked to enter a unique password or one-time authorisation code (sent to their registered email or phone number) before the purchase is validated.
Also known as a merchant acquirer, this is a bank or financial institution that processes payments on your behalf.
This is the term for the process of signing up new customers for acquirers.
A commonly used alternative name for American Express — who provide international payments as one of the major global card schemes (Visa and MasterCard being other examples).
The UK's national body responsible for clearing payments and international money transfer.
Take the total monetary value of transactions and divide by the total number of transactions over the same period to calculate this figure.
This is the initial request made by a merchant to a card issuer to release customer funds, verifying the payment card has sufficient resources to cover the transaction. During authorisation, checks will also be made to ensure the card hasn't been reported lost or stolen, and a referral (additional check made by the bank) may be made if the transaction is particularly large or unusual.
This is the initial request made by your payment terminal for payment authorisation.
Every transaction will have a unique code assigned to it once approved. This will be generated either by the card issuer or by the acquirer on the issuer's behalf. It will be printed on the merchant copy of the receipt, which you should keep.
AVS is used to determine whether the billing address submitted by the customer matches the one associated with the cardholder's account. This process was introduced as a fraud prevention measure and to reduce card chargebacks.
An automated electronic system used to clear Direct Debits and credits. Payments take three business days to clear.
This is simply a term for any other day than Saturday/Sunday or a bank holiday.
Merchants are allocated a specific daily time slot (by their acquirer) in which to submit end-of-day reconciliation to the acquirer's system. Any card transactions not made by the end of this window will roll over to be made the next trading day.
Usually found in restaurants, pubs and other places offering payment at table, these are chip and PIN terminals that connect via a Bluetooth hub (typically placed at the bar) to conduct authorisations.
A terminal may display this message if the issuing bank can't authorise the transaction. There are a number of reasons this might happen, such as a new card being used that is yet to be activated, suspicion of fraudulent activity or insufficient funds.
The bank or financial institution that provides the card(s) for use by the cardholder.
This is the network that facilitates authorisation and settlements between acquirers and card issuers. Examples are Visa, MasterCard and AmEx.
These are the instructions laid down by the card schemes that control how merchants, acquirers and card issuers carry out transactions using their services.
A business owner's total value of transactions, taken on a yearly or monthly basis.
This is the person authorised as the owner of the card being used in a transaction.
Usually undertaken as part of a disputed sale, this is when a card issuer charges part — or even all — of a transaction back to the acquirer. The acquirer may then charge this back to the merchant. Both credit and Visa debit card transactions can be charged back. Note: if you, as a merchant, are sent a chargeback, you can dispute it.
Transactions using a chargecard are initially paid for by the card issuer, with the balance to be paid in full by the cardholder by a specified date.
The most common method of payment in the UK, this allows customers to conduct transactions by inserting their card into the payment terminal before entering their PIN (Personal Identification Number).
Basically a telephone number, CLI is used by card issuers to identify merchants during the authorisation process.
CNP transactions are undertaken if/when a customer wants to make a payment without being physically present. These are most commonly done online (when the customer completes a payment form) or over the phone. In the latter case, the merchant must manually enter the customer's card details into their payment terminal.
Contactless cards, phones and other devices with RFI (radio-frequency identification) technology can be used to make payments without the need for PIN entry or signatures. Transaction limits are uncapped when using Apple Pay or Google Pay, as these services use 2FA as an additional security layer. As of writing, the limit when using other contactless payment methods is £100.
These are issued to businesses for the purposes of corporate expenditure, be that company purchases, travel or entertainment costs.
These are issued to individuals to allow them to make purchases 'on credit'. The balance of this credit can be paid in full by a specified date or may be repaid over time, usually subject to minimum monthly payments and interest added to any outstanding balance.
These are the last three digits found on the signature strip of a card; there is an exception to this rule, as AmEx cards feature four CSC/CVV digits along the front.
As the name suggests, these are face-to-face transactions, completed using a point-of-sale (POS) terminal.
Designed to allow the cardholder to pay for transactions by transferring money from their current account.
This service allows a cardholder to have the cost of a foreign transaction converted into their local currency. The cardholder is charged a commission, the value of which is then usually shared between the merchant and acquirer.
This is the term for retail transactions conducted online.
The digital movement of currency from one bank account to another.
The process of comparing terminal transactions with those recorded by the acquirer, with the value credited to the merchant account.
Completed on a terminal in order to enable it to be 'polled' (see definition). Depending on the terminal being used, this process may be carried out automatically.
Usually of prepaid mobile phones and household utility cards.
A general term used for the systems in place to complete a transaction if/when an electronic terminal cannot be used.
A document used to record transaction details when a terminal is out of use. Information is registered using a card imprinter.
As apposed to its mobile counterparts, this is a chip and PIN terminal that can only be used where installed.
This is a figure agreed between acquirer and merchant, above which authorisation must be sought. If a transaction falls below this figure, it will be automatically approved.
The time between a transaction being charged and the product/service being delivered.
This technology allows cards to be read wherever there is a mobile signal. This is then used to send transactional data to complete payment.
This functionality can be added to a terminal in order to collect tips and/or service charges.
This is the per-transaction cost charged by card issuers to the acquirer. For debit card payments, this is a fixed figure, while credit card interchange is based on a set percentage of the transaction value.
These are organisations that act as resellers of card processing or acquisition services. They are authorised by acquirers and processors to represent them when enrolling merchants. (We are one of them).
A document issued when an individual's identity has been digitally checked and verified.
You may have come across this service when calling to book cinema tickets etc. and being asked by the computer-operated voice system to provide the name of the film you'd like to see.
This is the issuer of the JCB card, a major Japanese card issuer and the only international payments company from that country.
KYC policies are used by financial institutions to gather and verify customer information ahead of conducting business with them. They are increasingly used to prevent identity theft and money laundering. KYC will be carried out before offering card services to merchants.
A Debit Card scheme that, although still active, has declined in use within the UK.
International payment systems company and one of the major card schemes accepted worldwide.
This is a four-digit code used by card issuers when organising merchants by trading activity, operating models and business risks.
Any business that accepts card payments from customers.
This is a specific bank account required in order to accept card payments. Such accounts can be set up to facilitate MOTO transactions, and a separate internet merchant account is needed for ecommerce activities.
This allows future credit card sales to be substituted for cash. In order to carry out repayment, a fixed percentage is taken from the merchant account via card processing receipts.
This is the process provided by acquirers that allows credit and debit payments to be taken via terminals.
A unique number assigned to merchants by the acquirer for identification purposes.
This is an additional charge made only if total monthly merchant service charges don't reach an agreed level (normally £15-£25).
These are CNP transactions where a merchant takes payment over the phone or in writing.
A cost placed on each transaction, set by the acquirer. Debit card transactions face a fixed fee per transaction, while credit card MSCs are based on a fixed percentage of the transaction value.
This is a service provided by acquirers to allow merchants to process transactions in non-domestic currencies and settle with the acquirer in a currency of their choosing (usually their own country's).
This error warning is displayed on the terminal if a customer is at or over their credit limit. This may also be flagged as 'declined' on your device.
Any transaction approved or declined by a card issuer (or acquirer on their behalf) where the authorisation process involves online communication between a merchant terminal and the acquirer's system.
Any terminal where the authorisation and data capture of a transaction is conducted online.
A password or numeric code usually sent to a customer's registered phone number or email and valid for just one transaction.
A security standard introduced to ensure credit card information is instantly encrypted for transfer to the payment processor where it can then be decrypted.
This terminal feature enables card details to be entered into the device.
The act of following the laws, regulations, standards and ethical practises needed to keep customer card data secure.
This is the area on a website where details such a debit card numbers are entered in order to complete an online payment.
A generic term for an organisation that allows merchants to take card payments, covering: acquirers, processors, PSPs and ISOs.
This is the industry-wide standard you must follow in order to ensure cardholder data security and meet PCI compliance.
A generally accepted term for any card machine.
Usually a four-digit sequence of numbers used by customers to authenticate transactions on payment terminals.
This is the collection of transactional data, taken in batches, that is stored within a terminal.
Literally the physical location where transactions are conducted.
These terminals operate using a local server so that in the event of an internet outage merchants can continue to take card payments, with the data transferred once connection is regained.
A processing day is the next available 'banking day' for transactions taken outside of this period. Transactions undertaken outside banking days are combined to be settled together on the next available processing day.
This is the owner of the platform used for processing and settling card transactions.
PSPs allow merchants to accept payments via a number of different methods such as credit and debit cards, Direct Debits and bank transfers. PSPs work with acquirers to enable card acceptance.
Facilitated by the Maestro and Visa debit card schemes, this optional transaction type allows merchants to offer cashback to customers when conducting a transaction. The maximum amount is £50 and is subject to the acquirer agreeing to offer this service.
A debit which the cardholder has agreed to be taken on a regularly repeating basis (such as monthly) or on given dates. Subscriptions are prime examples of recurring transactions.
When a merchant agrees to debit a previously authorised amount (part or whole) back to the cardholder's card.
An amount of settlement funds agreed between the merchant and acquirer to be held back in order to meet credit risk requirements.
The transfer and total value of funds from the acquirer to a merchant account once transactions have been finalised and reconciliation calculated.
A one-off charge by some payment providers when arranging card-processing services.
A monthly invoice issued by the acquirer to the merchant, detailing all transactions (volume and type) undertaken during the time period covered. The statement will also include per-transaction charges deducted by the acquirer as well as other costs (if applicable) such as terminal hire and chargebacks.
This is a standard that allows applications to communicate and exchange data over a network.
A terminal is a device used to take card payment details and securely send them for transaction processing and authorisation. These can be static, mobile, wireless or Bluetooth operated.
A unique number given to a card machine, used by merchants, issuers and/or acquirers etc. to identify the source of a sale when a fraudulent transaction is suspected.
Similar to corporate cards, this is a general term for (typically) a chargecard used when paying for the transport and entertainment of clients by businesspeople.
This is the gross value of a merchant's transaction(s) — for example, annual turnover is the total value of transactions processed in a year.
GDPR (General Data Protection Regulation) European GDPR rules how customer data is acquired, stored, shared and disposed of. This includes directly asking for permission when capturing said data.
One of the major global card schemes and a worldwide payment systems provider.
Authorisation done verbally over telephone between the merchant and authoriser.
When processing a payment, the merchant may be required to contact the acquirer by telephone, in order to provide further information about the cardholder or transaction. See 'Authorisation' for more details on referrals.