Glossary in The Payment Industry


3D Secure

3-D Secure is a system that increases the security of credit card payments.  

Under the names, Identity Check (SecureCode), J/Secure and SafeKey respectively, Mastercard, JCB and American Express also offer such a service.  

With 3-D Secure, the risk of fraud and payment failure due to credit card fraud is reduced. It guarantees the receipt of payment to the store operators.  

The procedure was first developed by the credit card organization VISA for the service Verified by Visa and is EMVCo standardized. 


Acquirer (or acquiring bank)  

To be called an acquirer, one must be a certified bank or financial institution that collects and manages funds, on behalf of its merchant, from a buyer. 

An acquirer should meet certain requirements to be able to accept card payments. For this, he should have a license of a card network and cooperate with a payment processor. Alternatively, instead of cooperating, it could be a payment processor itself.  


Authorization means an authorization to carry out a digital transaction.  

Asynchronous payment methods 

The process of asynchronous payment methods can take several days until the payment is confirmed. During this period, the payment cannot be guaranteed.  


AVS (Address Verification Service) protects customers of credit card companies from fraud. With AVS, the address on file for the credit card is matched with the billing address information at the time of payment.  

Address Verification Service significantly minimizes the risk on the customer side and the supplier risk. 


Bank Identification Number (BIN)  

The BIN – (Bank Identification Number) is used to identify current accounts, credit and debit cards.  

The BIN can be used to identify the type of card used and the card issuer (a bank). The exact structure of the Bank Identification Number is described in the ISO 7812 standard.  


Bank (BIC) 

The Bank Identifier Code is an international valid bank code, which has been determined by the “Society for Worldwide Interbank Financial Telecommunication” (SWIFT). The code is used to identify recipients in international and national payment transactions.  


Customers who have already attracted negative attention are noted on the blacklist. The blacklist can be kept internally or can be integrated by external service providers.  

Inability to pay or fraud cases in the past are often the reason for the negative evaluation/listing of the customer.  



Capture means that the credit card has been charged or the amount has been booked. In most cases, only a reservation has been made on the credit card account.  

If a capture transaction is made directly (without prior reservation), it is referred to as direct capture. 

Chargeback ratio 

The chargeback ratio represents the ratio of “executed transactions” to “unauthorized transactions (unauthorized debited)” of a given period.  

Most providers charge a high fee for chargebacks, which are billed to the storage provider. 


In the e-commerce sector, checkout is the completion/payment process of a completed order. Before the customer completes the order, he must enter his data and select the preferred payment options he can complete the order.  

Contactless or Near Field Communication (NFC).  

Contactless payment means that payments can be made without physical contact. NFC is the technology used to enable contactless payments. Examples include NFC chips in cards, Apple Pay and Google Pay on NFC-enabled cell phones. Up to a certain amount, it is thus possible to pay without entering a pin by simply “waving” the respective NFC-enabled card or device in the designated magnetic field. 


Whenever a debtor fails to pay a legitimate debt and the creditor instructs a third party to collect the debt, this is referred to as debt collection.

Corporate Fintech

 A Corporate Fintech is a startup built by or for a corporation, which bundles all digital payment activities within one organization. A Corporate Fintech is either regulated by financial authorities or is cooperating with payment and banking service providers to offer fintech solutions for the whole corporation. It usually requires expertise across different departments, e.g. Technology, Treasury, Compliance and Operations. Examples for Corporate Fintechs are Mercedes Pay, REWE Payment Tools and OTTO Payments GmbH.


A credit entry is the favorable posting of a service to an account. The beneficiary can be an individual or a company. A credit entry can occur, for example, when a payment is received in a beneficiary’s checking account. The corresponding amount is then credited to the account. A credit can also be made by reversing a payment transaction. Another possibility is the reversal of a direct debit, which can be reversed by the holder of the initially debited account and ultimately credited back to his or her account. 

Credit card/payment processors 

Processors are service providers that manage transactions for an issuer bank. This includes a wide variety of tasks from providing the technical basis to approvals and monitoring credit limits.  

Processors are mandatory in cashless payment transactions with a credit card. However, some credit card companies still perform these tasks themselves and are thus credit card companies and processors in one. 

CVV & CVC Code 

(CVV) Card Verification Value means card verification value or card verification number. Generally, the terms of CVC (Card Verification Code), CVC-2 and CVV-2 are common. The CVV code is a three or four-digit combination of numbers that are mapped onto the credit cards. 


Debit Card 

A debit card is a bank card, savings bank card or ATM card that can be used for cashless payments or cash withdrawals at ATMs and in stores.  

Direct Debit 

Direct debit is the process of cashless payment transactions. In this process, the recipient initiates the transaction (known as a “pull payment”) by debiting the payer’s account with the amount to be paid. The opposite of direct debit is the so-called “push payment”, which is initiated by the debtor liable to pay, i.e., the bank transfer. 


A disagio is a discount from the nominal value of an agreed amount. In the case of credit card payments, the disago is due for merchants, which can also be seen as a fee for using the credit card service. 


The Digital Operational Resilience Act, or DORA, is a European Union (EU) regulation that creates a binding, comprehensive information, and communication technology (ICT) risk management framework for the EU financial sector. DORA establishes technical standards that financial entities and their critical third-party technology service providers must implement in their ICT systems by January 17, 2025.


E-commerce payments (or online payments) 

E-commerce payments are various payment options on the Internet. Examples include purchase on account, direct debit or using a credit card. Payment options such as PayPal or online bank transfer increase their reach. 

Escrow account 

An escrow account holds assets that are not owned by the account holder.  

Operators of marketplaces that offer goods in the name of third parties, but process payments centrally should use escrow accounts to avoid possible bank certifications. 

The account holder thus maintains the escrow account for the receipt of funds on behalf of others.  

Electronic mandate  

The electronic SEPA direct debit mandate is referred to as a power of attorney issued electronically by the customer so that future payments can be collected from his bank account.  


EMV is a technical standard that governs the acceptance of chip-enabled cards and some contactless payment methods.  



Factoring, derived from the Latin term “factura” for the invoice, refers to the sale of a company’s outstanding receivables to a so-called factor.  

Factoring is mainly used to achieve higher liquidity for the seller by assigning the outstanding receivables, usually at a discount. 


Fulfillment is the provisioning/commissioning/shipping of goods or services purchased by customers, typically after payment has been collected. 


Fraud is an intentional deception using false or misleading information designed to achieve an unfair gain/advantage. In the e-commerce industry, the unfair gain can take the following forms:  FIAT or Crypto / Services and Goods / Confidential Information (e.g., personal information, credit card information, banking information, emails, and passwords). 


General Data Protection Regulation DSGVO 

The GDPR is a regulation in EU law on data protection in the European (EU) and the European Economic Area (EEA) which have been extended into national law in all member states. 


A goods and services tax (GST), referred to as value-added tax (VAT) in some countries, is a tax levied on the price of a product or service at any stage of production, distribution, or sale to the ultimate consumer. GST and VAT are also commonly known as “consumption taxes.” The buyer pays the tax and the seller passes it on to the government. 



the iDeal is a payment method in the Netherlands that uses direct online transfers from the user’s bank account. 

Interchange fee 

Interchange or interchange fee is a term used by card networks to describe a fee paid between banks for accepting card-based transactions. Typically, it is a transaction fee paid by a merchant’s bank (the “acquiring bank”) to a customer’s bank (the “issuing bank”). 


An issuer is the bank or credit card company that issues a credit card to a customer. In most cases, this is the customer’s bank. However, the customer often chooses another credit institution, for example, because it offers particularly good credit card conditions, while the house bank has a better checking account or call money options. The issuer is usually printed on the Visa or MasterCard. 


Know your customer 

Know Your Customer (KYC) regulations require that professionals and companies make efforts to verify the identity, suitability, and risks associated with maintaining a business relationship. The procedures fall within the broader scope of the Anti-Money Laundering (AML) policy. 


Liability shift 

Liability for fraudulent chargebacks (stolen or counterfeit cards) shifts from you to the card issuer. 


Merchant Category Code 

Merchant category code, used to categorize businesses that accept credit cards according to the type of goods or services they offer. 

Mobile Payment 

Mobile payment describes a cashless form of payment. At least one of the parties involved in the payment process uses mobile technology to initiate, authorize or execute the payment. Today, mobile payment primarily involves smartphones and wearables (watch/wristband/ring). 


Omnichannel payment solution 

A set of services and technical solutions provided by a payment service provider that enable a merchant to accept cashless payments across all channels (online, in a mobile app, or at a point of sale). 

Most PSPs allow merchants to accept payments only through specific channels.  


One-click payments 

One-Click has the advantage of full card authorization for each payment, including verification of the card security code and 3D Secure, if applicable. The potential disadvantage is that the buyer must be present for all payments to provide their card security code. 


Payment Methods 

Payment Methods are your customers’ payment instruments and are used with the Payment Intents API or the Setup Intents API. For detailed information on the various payment methods and how they work, please visit our page listing the payment options

Payment gateway  

A service that helps merchants initiate e-commerce, in-app, and point-of-sale payments. It is not directly involved in the flow of money; typically, it is a web server to which a merchant’s website or POS system is connected. Payment Gateway can be provided by a bank or exist as a separate service that connects to one or more payment processors.  

Payment Service Provider 

The PSP primarily provides technical connection of the online store or website to the various payment methods in the payment provider’s portfolio. This can be realized via ready-made payment modules for store systems or flexible interfaces for all systems and programming languages. The service of pure payment processing for the online merchant is supplemented by some payment service providers with, for example, fraud prevention modules, payment guarantee and receivables management. 

PCI DSS – Payment Card Industry Data Security Standard 

PCI DSS stands for Payment Card Industry Data Security Standard. This is a global security standard for credit card data. PCI DSS was developed by the PCI Security Standards Council (PCI SSC), a consortium of credit card companies Mastercard, Visa Inc, American Express, JCB International and Discover Financial Services, to protect online merchants as well as end customers from fraudulent attacks, card misuse and theft when making credit card payments on the Internet. 


Pre-authorization is a commonly used term in the payment industry. Translated into German, it means pre-authorization or pre-authorization. The technical term usually appears when goods or services are paid for with a credit card. Pre-authorization is very often used when checking into a hotel or renting a car. Pre-authorization provides the seller of goods or services with the certainty that the amount in question will be available on the account when it is debited. 


The abbreviation POS stands for Point of Sale and has several meanings. In general, it refers to a point of sale. When it comes to the payment sector, a terminal device required for a credit card or EC card payment in a retail store is referred to as a POS. 


Recurring Payment 

Subscriptions describe a regular receipt of goods in return for a recurring, time-based fee (recurring payment). Today, subscription models are not limited to tangible goods such as daily newspapers but are also used in e-commerce. Online retailers whose business models include subscriptions are potential users of subscription management. 


A refund is a credit granted directly by a merchant. If a purchase is made with a credit card and then reversed, the subsequent credit can be made directly by a refund from the merchant. The same applies to cases in which a debit has been made wrongly. In this case, the amount debited can also be reversed by means of a refund. 


The term reservation stands for the reservation of a certain amount of money on a credit card. The term pre-authorization is also frequently used in this area. The reason for this is that the amount is reserved or secured so that it can be authorized later, i.e., debited. The purpose of the reservation is to protect the merchant or another payee from the fact that an item or service is used for a certain period, but the credit card’s credit limit is insufficient for the subsequent payment. Reservation can ensure that the amount due later remains on the credit card without already being charged. 

Reverse charge mechanism 

The reverse charge mechanism is a system where the responsibility for paying VAT or GST to the government is transferred from the seller to the buyer.


Scheme fee  

A fee is paid by the acquirer to the card scheme for each payment transaction made with the card scheme. 

The amount of the fee is determined by the relevant card scheme in addition to the interchange fee. 

SCA Exceptions 

Some transactions that are considered a low risk due to a low volume of fraud at the payment service provider or bank may be exempt from the strong customer authentication requirements applicable in Europe. 



Tokenization is the process of replacing sensitive data with non-sensitive data (known as tokens) that can later be used to gain access to the original (tokenized) data. In the payments industry, it is used to protect a card number and other payment data by replacing it with a unique string of numbers. This string can be used later to implement recurring payments. 


TLS refers to the process of securely transferring data between the client – the app or browser your customers use – and your server. Originally, the SSL (Secure Sockets Layer) protocol was used for this purpose. 

Transaction costs 

Transaction costs generally refer to the fees that are incurred when rights of disposal are transferred. This happens in the context of buying, selling, or renting. It is assumed that corresponding costs are incurred in the execution of each transaction. A distinction is made between costs that are incurred in the run-up to a transaction (e.g., the preparation of a contract) and those that are levied because of a transaction (e.g., a broker’s commission in the case of a successful real estate brokerage). 


Universal links 

Use universal links on iOS and macOS to link directly to in-app content. These are standard HTTPS links, so the same URL will work for your website and app. 


VU number 

The VU number, the contract company number, is used to identify a credit card acceptance agreement. This is what makes it possible for customers to pay for goods with credit cards in the first place. The merchant concludes the contract with the acquirer, a bank or contracting company commissioned by a credit card company to hand over the acceptance contracts. The acquirer also assigns the merchant number to the merchant. 



Wallet, purse, wallet – these are the translations of the English word wallet. In cashless payment transactions, the term accordingly means electronic wallet, also known as an e-wallet or digital wallet. This virtual wallet is loaded with a credit balance. The stored money can be spent later on various occasions and in many cases anonymously. The most common way of topping up is by credit card payment, but bank transfers or direct debiting are also possible. There are two options: either a credit balance is paid in advance (prepaid) or a reference account is deposited for clearing. 



The payment service supervisory requirements for the IT of payment and e-money institutions, abbreviated ZAIT (from German), are administrative instructions that are accompanied by a circular (letter) from the Federal Financial Supervisory Authority (BaFin) for the secure design of the IT systems as well as the associated processes and related requirements for the IT governance to German financial institutions. They were published for consultation by BaFin in circular (letter) 11/2021 dated August 16, 2021.