Glossary Card Solutions / Blog / By NovoPayment Glossary Card Solutions NovoPayment A. Account Funding Transaction (AFT) An Account Funding Transaction (AFT) pulls funds from one card account in order to fund a separate account (this does not includes sales transactions). AFT’s are used to move funds to a digital wallet or prepaid card, transfer funds between financial accounts like like CDs or IRAs, and facilitate person-to-person (P2P) money transfers. Acquirer An acquirer (sometimes known as an acquiring bank or merchant bank) is a bank or other financial institution that processes credit and debit card transactions on the behalf of a merchant. Acquirers act as the intermediary between merchants and issuer banks, allowing merchants to accept card payments from those issuing banks. In real-time payments, an acquirer is a financial institution that is approved by a network to originate real-time payment transactions (AFTs/OCTs). Authorization Authorization occurs at the point of sale, when a request is sent to a cardholder’s issuing bank for transaction approval. Often performed via a card processor, the authorization process confirms the cardholder has sufficient funds in their associated account to cover the attempted charge. Fraud prevention measures may also be performed during the authorization process. When authorization is approved, the transaction amount is put on hold in the cardholder’s account. Automated Clearing House (ACH) The Automated Clearing House (ACH) is an electronic funds-transfer (EFT) system run by NACHA that allows a network of participating financial institutions to process transactions. Typical transactions by ACH include online bill payments, direct deposits for payroll, tax refunds and payments, and more. B. Bank Identification Number (BIN) A Bank Identification Number (BIN) is the first six digits of a Visa or Mastercard account number. The bank identification number is used to identify the card-issuing or the acquiring financial institution that participates in a transaction. Visa uses the term BIN and Mastercard uses the term ICA, but more broadly it is a financial account number to operate in each network. C. Cardholder A cardholder is an indiviual that has been issued a banking card and is considered the owner of that card. The cardholder can use their card to engage in financial transactions both in-person and digitally, such an online and in-store payments. ATM fund withdrawals, online shopping or simply access to and management of their account information. Card Verification Value (CVV) A card verification value (CVV), sometimes referred to as the card verification value CVC or card security code (CSC), verifies the card’s validity and reduces the risk of fraud. In cards with magnetic stripes, the stripe holds a code recorded by the card issuer, in addition to the three or four-digit number printed on the card. Using the latest technology, NovoPayment issues cards featuring dynamic CVVs that change over time for increased fraud prevention. E. Embossing Embossing is the process of imprinting card details onto a banking card so the details are raised above the surface to ensure la information does not rub off or get otherwise removed through continued use. The embossed information typically includes the cardholder’s name, the card number, expiration date, and sometimes CVV code. EMV Europay, MasterCard and Visa – EMV refers to the global standard for secure payments using integrated-circuit or “chip” prepaid, debit and credit cards. The name refers to the three companies that developed the standard in the 1990s, allowing the global interoperability between card chips and EMV-equipped terminals used by most financial institutions today. EMV specifications are managed by the international technical organization EMVCo, facilitating the standard’s international adoption and continued evolution. EMV cards are more secure than the previous generation of magnetic strip cards (See: EMV Card). EMV adoption has nearly suppressed card counterfeiting and significantly reduced fraud risk in card-present or face-to-face transactions. However, the accelerated growth of ecommerce and online purchases has led to new EMV specifications for card-not-present transactions, which include EMV 3-D Secure, EMV Secure Remote Commerce and EMV Payment Tokenization. Since October 2015, the United States shifted fraud liability to merchants that are not EMV equipped, accelerating the adoption of EMV technology in the country. EMV Card An EMV Card is a prepaid, debit or credit card equipped with a microprocessor or smart chip that interacts with the merchant point-of-sale device to make sure that the card is valid. Aside from being extremely hard to clone, EMV chips generate a unique transaction code using cryptographic keys that is then transmitted to the POS device for validation. EMV Cards or card numbers cannot be used at an EMV terminal without this code. Cardholders might also be required to insert a PIN number for authorization, replacing the more vulnerable signature for transactions with magnetic strip cards. EMV Cards allow three payment methods: “card dipping”, where the card is inserted into the terminal slot; “contactless”, where data is transferred by tapping the card on the terminal using NFC technology (See NFC); and “mobile EMV”, where a cardholder can tap and pay with their mobile device after downloading the card to their phone. e-Payment E-Payments are payment transactions for goods and services that are executed by means of an electronic platform or device, such as the internet, mobile applications or POS terminals. The digital transaction between the two parties is carried out by a financial entity authorized by both. Types of electronic payments include ACH, wire and bank transfers, digital wallets, P2P, mobile payments and debit/credit card payments, among others. E-payments can be classified in two categories: remote payment transactions, which are initiated using the internet or mobile devices, and not remote or card-present transactions, which use POS devices or mobile NFC technology (See NFC). The use of e-payments has grown exponentially with the rise of ecommerce, online banking and mobile commerce, as has the need for new security, identification and fraud prevention mechanisms, especially for card-not-present or remote transactions. I. Interbank Card Association (ICA) Interbank Card Association (ICA) Number is the term used by Mastercard for the four-to-six-digit account number used to identify each of the financial institutions and third parties processors that operates within the Mastercard network. It is the Mastercard equivalent to the term “BIN” or “Bank Identification Number” used by Visa. The ICA number is usually by the credit card’s expiration date. The name comes from the group of California Banks that released The Interbank Card, later rebranded Master Charge and finally Mastercard, in 1979. Issuer A financial institution that issues prepaid, debit and credit cards for consumers on behalf of card networks, providing bank accounts and credit lines to those consumers and backing or guaranteeing their card transactions. The bank or financial institution handles the consumer’s financial information and account data. Issuers are a fundamental player in the four-part payment process (customer, issuer bank, acquirer bank and merchant), serving as an intermediary between costumers and the acquiring banks (merchant bank). Issuer banks perform authorizations, sending information to the card network determining if a transaction will be accepted or rejected, depending on whether there is enough balance to cover the cost of a purchase. The issuer bank or financial institution is ultimately liable for the cardholder’s card payments or line of credit debt. It is important to point out that while the account belongs to the consumer, the card remains a property of the issuer bank for the time it is valid, and the consumer is only the cardholder. Issuer banks are responsible for consumer financial information and data and must offer key functions and services such as card renewals, card limit setting, blocking or activation of accounts and cards, balance reporting and account and information security. N. Near-Field Communication (NFC) NFC is a short-range wireless technology based on electromagnetic radio fields that allows the exchange of infromation between two devices or between a card and a payment device. Most new smartphones and payment cards are equipped with NFC chips or tags, as well as tablets, wearables, bus and transit terminals. The receiving device reads the data as soon as it is sent, reducint the chance of interception or error. Actions performed using NFC must be intentional i.e. a purchase cannot be initiate by simply approaching on NFC-embedded terminal or by misdialing. O. Original Card Transaction (OCT) Original Credit Transaction (OCT) is a payment method initially created to provide “push” or direct fund transfers to credit, debit or prepaid Visa or Mastercard backed cards. OCT payments are usually referred to as Visa Direct and Mastercard Moneysend services and can receive the funds via real-time payment schemes on accounts connected to their cards. The use of real-time payment push funds results in faster payouts, refunds and disbursements for many clients, employees or suppliers, reducing costs and significantly simplifying payment processors. P. Payment Card Industry Security Standards Council (PCI SSC) Originally formed in 2006 by Visa, Mastercard and American Express among others, the goal of the council is to develop standards and services that improve account data security for global payments by driving the adaptation of the guidelines and resources for the different financial stakeholders. Payment Card Industry Data Security Standard (PCI DSS) The Payment Card Industry Data Security Standard is an information security standard, was created by the PCI Security Standards Council. This framework sets the standard for developing a payment card data security process that includes measures for security incident prevention, detection and reaction. This standard also establishes a minimum set of requirements for protecting cardholder data. Payment Facilitator Aka Payfac A service provider or authorized entity to process transactions for merchants to accept debit and credit card payments from their customers. Payment Gateway Technology used by merchants to read and accept credit or debit cards and sends customer information to the merchant acquiring bank for processing. Payment Service Provider (PSP) A third party that helps merchants to accept and facilitate payments through credit card, bank-based payment, bank transfer, and real-time bank transfers. A PSP is typically offered on a SaaS model, providing a single payment gateway for their clients to multiple payment methods. Personal Identification Number (PIN) Series of digits used as a password to verify the identity of the card holder. Consumers may choose to authorize a debit card transaction by signature or PIN. Point of Sale (POS) It’s a critical piece of a point of purchase, is the place where a customer executes the payment for goods or services, and where sales taxes may become payable. It can be in a physical store, where POS terminals (cash registers) and systems are used to process card payments, or a virtual sales point such as a computer or mobile electronic device. Processor A payment processor is a company that manages card transactions by handling transactional exchanges between merchants and financial institutions. A processor may authorize transactions and makes sure that merchant payments are delivered on time, making fund transfers easier and seamless. As a preferred and experienced processor, at NovoPayment we provide card acceptance, security solutions, assistance for meeting PCI compliance requirements and ongoing client service, among other value-added services. S. Second Payment Services Directive (PSD2) PSD2 is a European regulation that overhauls electronic payment services. The directive has been slowly coming into effect since 2019. PSD2 aims to increase security levels in payment services, as well as promote innovation practices and the adoption of new technologies in banking services. The most important regulatory change is the opening of banks payment services to other companies or Third-Party Payment Service Providers, making the regulatory framework a key element in the development of Open Banking (see Open Banking). PSD2 sets the stage for a more competitive environment in the banking and payment sector and underscores the importance that Application Programming Interfaces (APIs) will have in enabling financial institutions to adapt to the newer and more innovative set of services.