This glossary contains general terms used in the payments industry and should help you demystify the world of payments.
Account Updater works by providing information to the acquirer about lost and stolen cards, non-activated cards, and closed card accounts. Visa and Mastercard provide their separate Account Updater solutions, while Adyen's Account Updater connects its customers to both Visa and Mastercard Account Updaters, without the need to formally enroll with the schemes and demonstrate compliance – which is handled by Adyen.
Acquirer (or Acquiring bank)
Sometimes, a payment service provider may operate as an acquirer in certain regions (for example, Adyen is eligible to providing acquiring services to its clients in the U.S., Brazil, Hong Kong, Australia and Europe).
Acquirer Reference Number (ARN)
In credit card transactions, the Acquirer Reference Number (ARN) is a unique number assigned to a transaction when it goes from the merchant's bank (acquirer) through the card scheme at the cardholder's bank (issuer).
The ARN can be used to track a payment or refund. Shoppers can contact their banks to do so and the banks can then use the ARN to track the payment or refund. Merchants can retrieve the ARN from the Customer Area or the shopper's bank.
A merchant who wants to use Adyen as a payment service provider needs to sign up for an Adyen account. After this account is approved, it gives merchants access to Adyen's payment services, which can be managed and customized using the Customer Area interface or the Adyen API.
Adyen accounts have two levels: company and merchant. A company-level account determines the global settings for the company, while merchant-level sub-accounts detail specific settings for each merchant.
Initially an Adyen account operates in test mode, allowing merchants to run test payments and safely implement all integrations with the Adyen payments platform. After successfully passing all integration tests, the Adyen account can be switched to live mode to accept real-time omnichannel payments.
Adyen payments platform
Adyen's PSP service and acquiring host. The integration connects to the Adyen payments platform to obtain authorisations and submit capture data. Processes like DCR as well as DCC are controlled in the Adyen payments platform. In POS, the cash register connects to the Adyen payments platform, via the library, to register itself and the terminals in the Customer Area (CA). The terminal and account configuration is done here. The Adyen payments platform sends out notifications to the merchant back-end.
Adyen POS Application
Acts as a hardware driver that also facilitates transactions using a built-in cash register. The application can be connected to a merchant cash register application through a simple interface while still offering a wealth of functionality.
Adyen POS Library
Provides payment functionality to the cash register. This includes registering the cash register with Adyen, boarding the terminals, and performing payment functions. The Adyen POS Application also uses this library to integrate with the merchant's cash register.
Application Programming Interface (API)
API stands for Application Programming Interface. This is a general term for programming techniques that are available for software developers when they integrate with a particular service or application. These techniques vary on the software type and may include web API, remote API, SDKs, libraries, frameworks, and much more.
In the payments industry, APIs are usually provided by any party participating in the money flow (e.g. payment gateways, processors, service providers) to facilitate the money transferring process. Adyen uses the most reliable and secure API, allowing its merchants to integrate with Adyen services using Client-Side Encryption, Hosted Payment Pages, and other modern techniques.
In ecommerce, in-app and point-of-sale payments, authorisation is implemented as an API call to the payment gateway. The gateway and payment processor then perform required validation and risk checks, and ask a corresponding card network to authorise this payment from an issuer to an acquirer. In Adyen API the term "authorisation" is used.
Note that authorisation is valid only for a limited amount of time. In case an authorised payment hasn't been captured or cancelled, it expires after the predefined deadline is missed.
Bank Identification Number (BIN)
The first six to eight digits of the card number are called as the Bank Identification Number (BIN) or Issuer Identification Number (IIN).
Cancel a payment
Note that cancelling a payment is not possible for transactions that have already been captured. In this case the merchant should initiate a refund to send funds back to a shopper. Captures, cancels, and refunds together are called modifications, since they modify the state of an authorised payment request.
Capture (or Clearing and settlement)
Adyen enables manual capture (both in the Customer Area or with the use of API calls), or automatic capture (by default, 3 days after an authorisation was made). It is also possible to make a partial capture, or cancel a payment. Captures, cancels, and refunds together are called modifications, since they modify the state of an authorised payment request.
Cardholder Verification Method (CVM)
Card networks (or Card schemes)
Payment networks that set rules and provide infrastructure to issue cards and process payments made with cards. For a payment to be made, both an issuer and an acquirer must be members of the same network as the card. Examples of some popular card networks are Visa, Mastercard, American Express, and UnionPay.
Card Not Present (CNP)
A payment transaction made with a card, where the shopper cannot physically present the card to the merchant at the time of the transaction. Examples of CNP transactions include online payments, in-app payments, and MOTO transactions.
CNP transactions are a common target for card fraud, because it is difficult for the merchant to verify that it is the actual cardholder making the purchase. To reduce the risk of card fraud arising from CNP, use 3D Secure and AVS features.
Card number (PAN)
Every payment card (be it a debit, credit, gift, or a similar card) has a unique number associated with it. This number is usually printed on the card and required to uniquely identify this card and to refer to it in every transaction.
The whole card number is called Primary Account Number (PAN), and the first six digits of it are also called as the Bank Identification Number (BIN).
Card on File (CoF)
When card details are stored to streamline the checkout process for returning customers. This can be used for one-click payments, pay-per use services, or any recurring payment that does not follow a fixed schedule.
A recurring payment that occurs on a fixed schedule is referred to as a subscription.
Plastic cards issued by shoppers' banks to enable cashless payments either on a point of sale, via an ecommerce website, or inside a mobile application. Cards may be debit, credit or prepaid, and are usually operated by card networks. Sometimes cards may be linked to ewallets or other local payment methods, but most commonly they are used to withdraw cash or make cashless payments.
A typical card contains a card number, which uniquely identifies a card. It also contains a security code, used in combination with other information (a card expiry date and cardholder name) to verify card-not-present payments (for example, when paying for goods or services on a ecommerce website or inside a mobile application).
Card security code (CVC, CVV, CID)
This code may have different names, for instance:
- Visa: Card Verification Value (CVV, CVV2)
- Mastercard: Card Validation Code (CVC, CVC2)
- Amex and Discover: Unique Card Code (CID)
An application that allows product selection and which calculates the total amount to be charged from a cardholder. Additional functionality may include loyalty handling, stock keeping interface, and so on. This term is often used interchangeably with POS.
The application can run on a physical machine, or can be hosted in combination with an interface for the staff or shopper for kiosks. To initiate payments, the cash register communicates with the Adyen API either via the library or mobile app.
If a shopper for some reason wants the funds returned from a merchant, they can ask the merchant to make a refund. If the merchant refuses, a shopper may ask their issuer to make a chargeback (sending the funds back from the merchant to a shopper).
After a chargeback is initiated, the merchant can dispute it in some cases. If a dispute is allowed, the merchant should provide all necessary documents to either the acquiring bank, or to the payment processor.
When possible, Adyen helps its merchants to automatically dispute chargebacks, and also provides extensive risk management services (RevenueProtect) to analyze fraudulent transactions and minimize chargebacks.
Contactless or Near Field Communication (NFC)
Contactless payments allow your shoppers to make payments without inserting or swiping their card. In the context of POS, NFC is the technology used in contactless payments. Apple Pay, Google Pay and Samsung Pay all use the standard NFC protocol and are therefore accepted. These payment methods are considered strongly authenticated and therefore support high-volume transactions.
When a payment method issued in one country is used to make a purchase from a merchant based in another country. This is also referred to as an "international payment".
Adyen makes it easy for you to accept and settle payments from more than 70 different countries. For more information on cross-border payments, see our Cross-border payments guide.
Customer Area (CA)
A cloud-based web interface, that can be accessed by merchants with an active Adyen account. The Customer Area allows merchants to manage users, submit and obtain data required to integrate with the Adyen payments platform, view and download comprehensive reports on all the payments, and much more.
The endpoints for accessing the Customer Area interface are different for test and live Adyen accounts.
Digital Customer Recognition (DCR)
When a shopper for some reason wants funds returned from a merchant, and a payment was already captured, the shopper can initiate a refund. If the merchant refuses, the shopper may ask their issuer to make a chargeback. If a merchant disagrees, they can dispute the chargeback.
If disputing a chargeback is allowed (for more information, see Payment methods), the merchant must provide documents confirming the delivery of a product/service, and send these documents either to the acquiring bank or the payment service provider.
When possible, Adyen helps its merchants to automatically dispute chargebacks, and also provides extensive risk management services (Risk management) to analyze fraudulent transactions and minimize chargebacks.
Dynamic Currency Conversion (DCC) or Cardholder Preferred Currency (CPC)
Allows shoppers to convert the transaction amount to their card's default currency when making a payment abroad.
The shopper is presented with the choice to convert the transaction amount, when the transaction is in a currency other than the default configured on the card and the terminal has been configured to allow DCC.
Full details on the exchange rate are provided to the shopper on the terminal to allow an informed decision, and simultaneously to the cash register for merchant information.
The shopper either accepts or rejects the DCC offer and proceeds with the selected amount and currency. If the shopper chooses DCC, related information is shown on the receipt.
Shoppers can immediately understand the full amount charged for the transaction in a familiar currency.
Ecommerce payments (or Online payments)
Payments made by shoppers via electronic commerce (like websites, webshops, social networks) for either goods or services provided by merchants. These payments are usually made using cards or local payment methods that have been optimized for ecommerce.
Other types of electronic payments are in-app payments and point-of-sale payments. Merchants usually require a payment service provider to process these payments. Adyen allows its merchants to accept omnichannel payments (ecommerce, in app, and in store).
Europay, Mastercard, Visa (EMV)
A global standard for integrated circuit cards (ICC).
Floor Limit is the maximum cash value the terminal allows for a transaction when processed offline. An inclusive limit is configured which applies to each individual transaction. If the amount of the transaction is below the configured Floor Limit and the terminal can not connect to the Adyen host for authorization the terminal will leave the decision up to the card to approve or decline the transaction. Debit cards will typically decline a transaction while most credit cards are configured to approve a relatively small amount offline.
Hosted Payment Pages (HPP)
These are web pages hosted by Adyen that can be integrated with an ecommerce site to provide payment functionality. In this case, a shopper is redirected from a merchant's site to the hosted payment page provided by Adyen. This helps merchants greatly reduce their scope of PCI compliance.
A hosted payment page can be customized with the use of skins to better match the whole UI and experience of the merchant's site, and/or to be optimized for mobile devices.
Although hosted payment pages are an easy way to integrate a website with the Adyen payments platform, we recommend using Pay by Link, or you can integrate with Drop-in or Components for a better shopper experience.
In-app payments (or Mobile payments)
Payments made by shoppers via mobile apps. These payments are usually made with cards or local payment methods, and utilize either native mobile APIs or web pages optimized for mobile (also called as mobile web).
Other types of electronic payments include ecommerce and in-store, which are based on similar infrastructure and usually require a payment service provider for merchants to automate and maintain these payments. Adyen allows its merchants to accept omnichannel payments (ecommerce, in app and in store).
Integrated Circuit Card (ICC)/Chip
In the context of payments, an EMV credit card with an embedded chip which is used to hold card information.
A fee that is paid to the issuer by the acquirer for each payment transaction made via a card network. The interchange fee amount is determined by the corresponding card network, as well as the scheme fee.
A further fee is then deducted from the total by the acquirer before paying into the merchant's account.
Issuer (or Issuing bank)
A bank that issued a card for a shopper to make cashless payments via an ecommerce website, inside a mobile app, or in a physical store. To be able to issue a card, an issuer must be a member of one or several card networks, or subscribe to one of the card services (for instance, ICS).
Sometimes a shopper's bank is referred to as an issuer even if there is no card issued. This is to distinguish between a shopper's bank, which sends funds, and a merchant's bank, which acquires funds.
Know Your Customer (KYC)
Know Your Customer (KYC) is the process of identifying and verifying the identity of your customers. This is required by the payment industry regulations as a prerequisite to allow individuals or business entities being paid out.
With Adyen for Platforms, you don't need to manually perform KYC checks for your customers. Instead, you send the collected KYC data to Adyen, and we automatically conduct required verification.
Local payment methods (or Alternative payment methods)
For merchants that want to sell goods and services globally to shoppers from all over the world, it is important to support local payment methods that are popular in each specific region.
A rewards program offered by a company to customers who frequently make purchases. Use Adyen's shopper recognition features to implement loyalty programs and further enhance the overall shopping experience of your loyal shoppers, while improving customer retention.
Magnetic Stripe Reader (MSR)/Swipe
Device that reads card data from the magnetic stripe on the reverse of the card.
Mail Order/Telephone Order (MOTO)
MOTO transactions are typically carried out offline: instead of entering payment details on an online payment form, shoppers make a call to a call center or send a coupon/voucher to communicate their credit card number.
With the Adyen MOTO features, you can integrate your webshop payments with your call center payments, and enjoy unified reporting covering both transaction flows.
Manual Keyed Entry (MKE)/Keyed
Manual Keyed Entry involves manually typing the details from a customer's card into either the cash register or the PIN entry device (PED).
An ecommerce website or a mobile app that enables third parties (referred to as sub-merchants) to provide their products or services to the users of a platform. Payments are processed through the platform and split between the marketplace and sub-merchant. Examples of online marketplaces are crowdfunding platforms, peer-to-peer marketplaces, ride sharing services, and so on.
Marketplaces need to implement sub-merchant onboarding, processing payments, performing KYC verification, and making payouts. With Adyen, you can benefit from using Platforms – a fully compliant end-to-end payment solution that enables you to do this, and maintain control over the frontend and user experience.
The party selling goods or services to shoppers via an ecommerce website, a mobile app, on a point of sale, or across all three channels. To accept payments made with cards or local payment methods, a merchant must have an acquiring bank account and subscribe to the services available from the payment service provider.
When the cash register has performed product selection and totaled the amount, the order is typically stored in the merchant back-end. The outcome of the payment process will be stored with the order.
Refunds for existing orders are communicated from the cash register to the merchant back-end where an API call to the Adyen payments platform is made to perform the refund. The merchant back-end receives notifications from the Adyen payments platform.
Merchant of Record (MoR)
An entity that operates a platform and manages interactions with its sellers (sub-merchants) or suppliers. The MoR performs due diligence by overseeing and controlling all commercial activity on the platform. In this way, the MoR's payment service provider has a relationship with only the MoR itself.
Responsibilities of an MoR include:
No CVM (Cardholder Verification Method)
A transaction where there is no owner verification check for a credit card. No CVM payments have a low transaction threshold.
Notifications (sometimes referred to as Instant Payment Notifications or IPN) are an essential part of the integration process with Adyen. They are used by merchants to ensure that they have processed all payment stages, and stored payment results in their database.
For more information, refer to Notifications.
A CVM that verifies the cardholder's PIN by encrypting the entered PIN before sending it to the card.
Terminals that support this method must also support the less secure Offline plain-text PIN method.
Adyen terminals process transactions online by default. Offline processing is optional and requires configuration.
Offline acceptance of payments in situations where no network connection is currently available. Debit cards will typically decline a transaction while most credit cards are configured to approve a relatively small amount offline.
Omnichannel payment solution
A set of services and technical solutions provided by a payment service provider, which allow a merchant to accept cashless payments across all channels (online, inside a mobile app or on a point of sale).
Most PSPs enable merchants to accept payments via specific channels only. Adyen is the only PSP that provides a true omnichannel solution for its customers. This gives merchants a single reporting dashboard from which to view all purchases made across different channels.
Simplifies the purchasing process for returning shoppers by allowing them to make a payment without entering their full card and address information. By enabling one-click payments, the shopper's details are stored during the first payment. For each successive payment the shopper only needs to enter their card security code (CVC/CVV) to complete the order.
One-click has the advantage of ensuring the full card authorisation takes place for each payment, including card security code checks and 3D Secure, if applicable. The potential disadvantage is that the shopper must be present for all payments to supply their card security code.
Where the entered PIN is sent online to the card issuer for verification. The entered PIN is encrypted before it is sent.
Online PIN is used when the specific card scheme (payment method) and specific card support it.
A service that helps merchants to initiate ecommerce, in-app and point-of-sale payments. It is not directly involved in the money flow; typically, it is a web server to which a merchant's website or a POS system is connected.
A payment gateway can be provided by a bank, or can exist as a separate service that connects to one or more payment processors. Adyen combines the functions both of a payment gateway and a payment processor, as well as a risk management system and an acquirer. This makes it a full-stack payment service provider.
An authorised payment can be either captured or canceled. If a payment has been already captured, it can be also refunded later. Capture, cancel, and refund actions are called modifications, since they modify the state of a payment.
Modifications can be done either manually (through the Customer Area interface), or automatically (using the Adyen payments platform API). If an API call is made, the merchant receives an acknowledgement in the response. After Adyen processes the payment modification, Adyen sends the result asynchronously through notifications.
A system that connects to a shopper's bank and a merchant's bank in order to make a payment transaction on behalf of a merchant. Usually, a payment processor obtains the payment information from a payment gateway.
Adyen combines the functionality of a payment gateway and payment processor, as well as risk management and acquirer. As such it is a full-stack payment service provider.
Payment Service Provider (PSP)
A company, which combines the functions of both a payment gateway and a payment processor, can connect to multiple acquiring and payment networks. Additionally it can be an acquirer and provide risk assessments and other financial services.
For merchants, it is often cheaper and more convenient to use services of a PSP, rather than have different contracts with various payment gateways, processors and acquiring banks.
Adyen not only operates as a full-stack Payment Service Provider, but also gives its customers a true omnichannel solution to accept payments anywhere in the world.
This term has multiple definitions in the payments industry and in general means a large amount of money paid at once to either an individual or a business entity. For example, an online marketplace transmits a payout to their sub-merchants for the products/services they provide to the marketplace customers.
Being PCI DSS-compliant means that you meet all applicable requirements of the current Payment Card Industry Data Security Standard (PCI DSS) on a continuous basis. PCI DSS was created by major card networks to increase safety of cardholder data and reduce the risk of fraud. All organizations that deal with payment card processing must be PCI-compliant, which means fulfilling very strict requirements on securing cardholder data.
Merchants who find it difficult or expensive to fully comply with PCI DSS requirements may consider using encrypted methods (such as Hosting the CSE library) or outsourcing card processing to a PCI-compliant payment service provider, such as Adyen. This way their PCI DSS-compliance scope can be significantly reduced.
Used by the merchant to bypass the PIN entry for the shopper. This option should only be used when the merchant trusts the shopper.
A cardholder is expected to know the PIN for the card issued. Comparing the signature as well as cardholder name with some form of identification is recommended.
Plain Text PIN
Verifies the cardholder's PIN by sending the unencrypted PIN to the card. This is commonly used by cards that can not support the more secure Offline enciphered PIN. (PosEntryMode ICC only).
Point of sale (POS)
A point-of-sale solution allows a shopper to make a cashless in-store payment in a merchant's shop. This payment is usually made using cards, although some local methods (like Apple Pay or Android Pay) can be used as well.
Adyen provides its own POS service, including devices and infrastructure. Merchants that also accept payments online or in-app can use Adyen as their omnichannel payment solution. This gives them a single reporting dashboard, where they can view all purchases.
Often the term "point of sale" is used in place of "cash register" to denote the software collecting POS payments.
Point-of-sale Entry Mode
Point-of-sale payments (or In-store payments)
Payments made by shoppers via point-of-sale systems to buy products or services from merchants on a physical location (for example, a store or a ticketing booth). These payments are usually made with cards (swipe, ICC, or contactless).
Other types of electronic payments include ecommerce and in-app, which are based on similar infrastructure and usually require a payment service provider for merchants to automate and maintain these payments. Adyen allows its merchants to accept payments across all possible channels (ecommerce, in an app and in a store).
Point-of-sale terminal (or payment terminal, pin entry device (PED), process data quickly (PDQ))
A device that communicates with a shopper's card at the point of sale. Usually, a card is swiped or inserted into a POS terminal. The shopper is then prompted to enter a PIN or sign (depending on the country, card type and the transaction amount). It is sometimes referred to as a Pin Entry Device (PED), though this only refers to the part of a terminal where the PIN is entered.
Adyen refers to the Payment terminal as "the terminal". The terminal accepts a request from the Adyen libraries to start transactions. The terminal displays the amount charged to the shopper and allows printing of a receipt. It will also offer DCC if applicable. Once an authorisation is obtained, the resulting data is sent to the Adyen payments platform for further processing. The receipt is sent with this data and you can see it in the Customer Area.
Adyen uses Verifone terminals, optimized for integration with the Adyen payments platform.
Point-to-Point Encryption (P2PE)
Secures card data that is being communicated from point A to point B.
Process Data Quickly (PDQ)
Every payment or modification request (such as a refund or a capture request) in Adyen's system has a globally unique 16-character string called the PSP reference associated with it.
Merchants can get the PSP reference from the Customer Area, the payment notifications, the API response, and our reporting. It is advised to quote the PSP reference when communicating with Adyen about specific transactions.
Adyen, as a PCI-compliant payment processor, can securely store payment details to enable recurring payments. For this, merchants must enable the recurring contract in the first authorisation call to the Adyen payments platform. In response, they get a token that uniquely corresponds to a specific shopper and their payment data.
When recurring payments are enabled, a merchant can use this token in the future. For this, a merchant passes the token along with the authorisation call every time a shopper should be charged for a subscription or initiates a card-on-file payment.
Stored card details become outdated over time as cards expire or are cancelled. To minimize this disruption, use Adyen Account Updater to ensure that you have the most up-to-date card information, enabling you to provide continuous subscription services.
When a shopper cancels the purchase of a product or service, after they have paid. When the merchant makes the refund, the funds are sent back from the acquirer to the issuer. If an authorised payment hasn't been captured yet, a merchant can cancel the payment; in other cases a refund is possible.
Refunds are also referred to as a modification, since they modify the state of an authorised payment request.
Risk management (RevenueProtect)
A set of services and techniques to analyze and assign a risk score to each payment transaction. Filtering high-risk transactions allows merchants to minimize the number of fraudulent payments and therefore maximize the revenue. Performing accurate risk management is extremely complex, and involves big data analysis.
Adyen introduced its own risk management system (RevenueProtect), which, thanks to its core features of ShopperDNA, allows merchants to identify and block fraudsters, while reducing friction for legitimate shoppers.
The fee amount is determined by the corresponding card scheme, in addition to the Interchange fee.
Sensitive Authentication Data
Security-related information that is used to authenticate cardholders and/or authorize payment card transactions. This can include card validation codes/values, full track data from the magnetic stripe or chip, PINs, PIN blocks, and more.
See also: Card security code (CVC, CVV, CID).
Depending on the Merchant's business model the accepted POS Entry Modes and CVM's can be configured to only consist of a subset of the above.
To accept payments via an ecommerce site or a mobile app, a merchant may use either Hosting the CSE library (CSE) or Hosted Payment Pages (HPP). In case of HPP, it is possible to customize these pages using skins to make them look similar to other pages on a merchant's website.
In addition, skins define the lists of local payment methods, which are available for a merchant. Therefore skins are used to enable local payments on a website or in a mobile app. For more information, contact Support Team.
A payment card with a monetary value that is stored on the card itself, instead of in a bank account. Examples are gift cards and prepaid cards. Some stored-value cards can be reused by transferring money to it, others are disposable cards that can't be reloaded.
Strong Customer Authentication (SCA)
SCA is mandated in PSD2 as a way to make online payments and online banking transactions more secure.
An authentication is considered strong if a shopper is able to provide two out of the following factors:
- Something the shopper has.
- Something the shopper knows.
- Something the shopper is.
For example, a shopper is required to supply a one-time authentication code received on their phone (something the shopper has), and a password that only the shopper knows (something the shopper knows).
Recurring payments that occur on a fixed schedule. Popular examples of subscription payments are music and TV streaming services.
If a recurring payment does not follow a fixed schedule, it is referred to as a Card on File (CoF) payment.
In the context of digital payments and terminals at Adyen, the tender is the entire process for the POS to start the transaction, receive card information, make optional changes to the amount, await authorization, print the receipt and receive a final status. This entire process is accompanied by a reference for the tender: the
Tokenization is the process of replacing sensitive data with non-sensitive data (known as a token), which can be later used to get access to the initial (tokenized) data. In the payments industry, it is used to safeguard a card number and other payment data by replacing it with a unique string of numbers. This string can be used later to implement recurring payments.
Transaction (or Tx)
In the payments industry, the term "transaction" is used to indicate exchanging of a specified amount of funds from a shopper for purchasing products or services from a merchant, or for fulfilling any other obligations between the two parties.
Tx is a commonly used abbreviation to denote a financial transaction.
A zero-value auth is an authorisation request with a value of 0 (EUR/USD/etc.). This is used to either store details or obtain shopper details to be able to look up previous purchases or other details from the merchant database.
Zero-value auth is used for example when submitting a BIN or a card verification request.