Taking Cards as Payment
Acquirer
An acquirer is a bank who has a license to communicate with card issuers, requesting payment authorisation. Before a business can start accepting cards as payment, they will need to obtain a merchant account with an acquiring bank. If the terminal/software that you will use to process the transactions is supplied and/or owned by the acquiring bank, you usually only need to apply for the product and the merchant account will come as standard.
Cardholder Authentication
This is when the cardholder gets the chance to authenticate themselves (usually by a password associated with their card), using the 3-D Secure protocol.
Card Scheme(s)
Card schemes set the business rules that govern the issue of the payment cards that carry their logo. Where as a card issuer is the actual business who issues the card to the customer, the card scheme is the organisation who would govern the rules relating to how that card is issued and used. Examples of card schemes who operate in the UK are: Visa, MasterCard®, American Express, Diners, Solo, Switch, Maestro.
Chargeback A chargeback is where a cardholder queries or disputes a transaction, with their card issuer and the business who took the money from the card will be requested to pay it back by their acquiring bank. The reason for this query could be for various different reasons such as:
- The cardholder claims that the goods have been paid for but not reveived by them.
- The cardholder claims that the goods have been received but are damaged.
- The cardholder claims that the goods have been received but are not as described when the transaction took place.
- The cardholder claims that they neither participated in or authorised the transaction. This would usually result in a chargeback due to the card being fraudulently.
For more information on chargebacks, see the "chargeback" section of this website or click here.
CNP
Cardholder Not Present or sometimes known as Card not present.This means any method of processing the card where the cardholder and the card are not present at the point of sale. Usually CNP transactions are processed via Mail order, Telephone order or over the World Wide Web.
eCommerce
Electronic commerce (also referred to as EC, e-commerce or ecommerce) consists primarily of the distributing, buying, selling, marketing, and servicing of products or services over electronic systems such as the Internet.(Reference, Wikipedia)
Internet Authentication
(See "3D Secure" below)
Inter-Regional
The region defined by the card schemes that includes issuers outside of the "local region". For UK merchants these will include Asia, USA and Australia amongst others.
Intra-Regional
The region defined by the card schemes as (inside) the "local region". For UK merchants this will include UK and most European countries.
JCB JSecure™
(See "3D Secure" below)
Maestreo (www.maestrocard.com)
Maestro are a well known Card Scheme and are part of the MasterCard® group. They are normally only issued in Europe. Maestro cards are only debit cards and not credit cards which mean that they will normally be issued by your bank and be directly linked to your bank account.
MasterCard®
MasterCard® are one of the worlds most recognised Card Schemes. (See "Card Scheme(s)", above).
MasterCard SecureCode®
This is MasterCard's version of the Internet Authentication service. Cardholders with MasterCards can register their card for an internet trading password. (See "3D Secure", below).
PAN (Primary Account Number)
This is another way of describing the full card number.
PCI DSS (Payment Card Industry, Data Security Standard)
(www.pcisecuritystandards.org PCI Security Standards Council (PCI SSC)).
(www.visaeurope.com/aboutvisa/security/ais/For information from Visa)
(www.mastercard.com/us/sdp/index.html For information from MasterCard)
*This is a standard by which card details need to be handled and stored. The PCI DSS is a set of industry-wide requirements and processes, which are supported by all international payment card systems. The "PCI Security Standards Council (PCI SSC)" is an independent body formed to develop, enhance, disseminate and assist with implementation of security standards for payment account security. It was founded by American Express, Discover Financial Services, JCB, MasterCard® Worldwide, and Visa International. All of the documentation that will need to be PCI DSS compliant will be here.
Visa (www.visa.com main website) (www.corporate.visa.com business dedicated website)
Visa are one of the worlds most recognised Card Schemes. (See "Card Scheme(s)", above).
Verified by Visa (http://www.visaeurope.com/merchant/handlingvisapayments/cardnotpresent
/verifiedbyvisa.jsp)
This is Visa's version of the Internet Authentication service. Cardholders with Visa Cards can register their card for an internet trading password. (See "3D Secure", below).
3D Secure™ (http://partnernetwork.visa.com/pf/3dsec/main.jsp)
(Verified By Visa http://www.visaeurope.com/merchant/handlingvisapayments/cardnotpresent
/verifiedbyvisa.jsp)
(MasterCard® Securecode )
The 3-D Secure™ protocol was originally developed by Visa to improve the security of Internet payments. It is designed to allow authentication of cardholders by prompting them to enter an internet trading password which is associated with their card. 3-D Secure relates to the way in which the data is transmitted over the internet & over time Visa has allowed other card schemes to use it with their cards.
*Cardholders: If you hold a card which carries the Visa, MasterCard®, Maestro or JCB logos you can either currently or will soon be able to register your card for a password. When you shop at a website that is using the 3-D Secure service, you will be prompted for the password. Visa's service is called "Verified by Visa (VBV)", MasterCard's is called "MasterCard SecureCode® (MCSC)" & JBC's is called "JSecure™" .
*Merchants: The main benifit of using the 3-D Secure service on your website because of the "liability shift" on fraudulant chargebacks. You need to communicate with your payment provider and acquirer to get the service setup.