A service that enables merchants to automatically update stored card details of their shoppers. Keeping this data up-to-date may be critical for accepting recurring payments.
Account Updater works by providing information to the acquirer about lost and stolen cards, non-activated cards, and closed card accounts. Visa and Mastercard provide their separate Account Updater solutions, while Adyen's Account Updater connects its customers to both Visa and Mastercard Account Updaters, without the need to formally enroll with the schemes and demonstrate compliance – which is handled by Adyen.
Acquirer (or Acquiring bank)
An acquirer is a bank or a financial institute that receives funds for its merchant from a shopper.
To accept card payments, an acquirer should be licensed by corresponding card networks and either partner with a payment processor, or be a payment processor itself.
Sometimes, a payment service provider may operate as an acquirer in certain regions (for example, Adyen is eligible to providing acquiring services to its clients in the U.S., Brazil, Hong Kong, Australia, and Europe).
Acquirer Reference Number (ARN)
In credit card transactions, the Acquirer Reference Number (ARN) is a unique number assigned to a transaction when it goes from the merchant's bank (acquirer) through the card scheme at the cardholder's bank (issuer).
The ARN can be used to track a payment or refund. Shoppers can contact their banks to do so and the banks can then use the ARN to track the payment or refund. Merchants can retrieve the ARN from the Customer Area or the shopper's bank.
A merchant who wants to use Adyen as a payment service provider needs to sign up for an Adyen account. After this account is approved, it gives merchants access to Adyen's payment services, which can be managed and customized using the Customer Area interface or the Adyen API.
Adyen accounts have two levels: company and merchant. A company-level account determines the global settings for the company, while merchant-level sub-accounts detail specific settings for each merchant.
Initially an Adyen account operates in test mode, allowing merchants to run test payments and safely implement all integrations with the plataforma de pagamentos da Adyen. After successfully passing all integration tests, the Adyen account can be switched to live mode to accept real-time omnichannel payments.
Adyen payments platform
Adyen's PSP service and acquiring host. Your integration connects to the plataforma de pagamentos da Adyen to obtain authorisations and submit capture data. Processes like DCR as well as DCC are controlled in the plataforma de pagamentos da Adyen. In point of sale (in-person payments), the payment terminals connect to the plataforma de pagamentos da Adyen to register itself and the payment terminals in the Customer Area (CA). The payment terminal and account configuration is done here.
Adyen POS Application
In combination with a classic library (Adyen POS Library), acts as a hardware driver that also facilitates transactions. The application can be connected to the merchant's POS app through a simple interface.The Ayen POS application and libraries are replaced by Terminal API.
Adyen POS Library
A classic library integration for the point of sale provides payment functionality to the merchant's POS app.
Adyen POS libraries are replaced by Terminal API.
Application Programming Interface (API)
API stands for Application Programming Interface. This is a general term for programming techniques that are available for software developers when they integrate with a particular service or application. These techniques vary on the software type and may include web API, remote API, SDKs, libraries, frameworks, and much more.
In the payments industry, APIs are usually provided by any party participating in the money flow (e.g. payment gateways, processors, service providers) to facilitate the money transferring process. Adyen uses the most reliable and secure API, allowing its merchants to integrate with Adyen services using Client-Side Encryption, Hosted Payment Pages, and other modern techniques.
This is the process of the card issuer (like Visa or Mastercard) verifying payment details and reserving the funds to capture it later.
In ecommerce, in-app and point-of-sale payments, authorisation is implemented as an API call to the payment gateway. The gateway and payment processor then perform required validation and risk checks, and ask a corresponding card network to authorise this payment from an issuer to an acquirer. In Adyen API the term "authorisation" is used.
When a payment was authorised but hasn't been captured yet, a merchant can also decide to cancel it for some reason (like a high risk of fraud).
Note that authorisation is valid only for a limited amount of time. In case an authorised payment hasn't been captured or cancelled, it expires after the predefined deadline is missed.
Bank Identification Number (BIN)
The first six to eight digits of the card number are called as the Bank Identification Number (BIN) or Issuer Identification Number (IIN). There is no direct way to know if a card number contains a six or an eight-digit BIN.
If you have business logic based on BIN values, you can either:
- Use fields from the API response to get the information you need.
- Check against the BIN ranges from card networks, if you handle raw card data.
The BIN can be used to determine the:
The BIN cannot be used to determine:
- The card type, for example credit or debit card.
- The country where the card was issued.
Cancel a payment
An authorised payment can be either captured (where funds are sent to a merchant's account) or cancelled (where a merchant decides to reject the payment for some reason like a high risk of fraud).
Note that cancelling a payment is not possible for transactions that have already been captured. In this case the merchant should initiate a refund to send funds back to a shopper. Captures, cancels, and refunds together are called modifications, because they modify the state of an authorised payment request.
Capture (or Clearing and settlement)
A payment that has been authorised by the payment processor must be captured to be completed. Capturing is the act of transferring the reserved funds from the shopper to the merchant.
By default, payments are captured automatically, immediately after authorisation.
Many payment methods support separate authorisation and capture. This means you can set up a capture delay; capture payments manually (both in the Customer Area and using API calls); perform partial captures; or cancel an authorisation.
Captures, cancels, and refunds together are called modifications, because they modify the state of an authorised payment request.
Cardholder Verification Method (CVM)
Type of verification method used to confirm a payment instrument, such as a credit card, being used in a purchase is in the possession of its owner.
Card networks (or Card schemes)
Payment networks that set rules and provide infrastructure to issue cards and process payments made with cards. For a payment to be made, both an issuer and an acquirer must be members of the same network as the card. Examples of some popular card networks are Visa, Mastercard, American Express, and UnionPay.
Card schemes charge fees for processing payments, and also regulate the value of the interchange fee, which depends on many factors for each specific payment.
Card Not Present (CNP)
A payment transaction made with a card, where the shopper cannot physically present the card to the merchant at the time of the transaction. Examples of CNP transactions include online payments, in-app payments, and MOTO transactions.
CNP transactions are a common target for card fraud, because it is difficult for the merchant to verify that it is the actual cardholder making the purchase. To reduce the risk of card fraud arising from CNP, use 3D Secure and AVS features.
Card number (PAN)
Every payment card (be it a debit, credit, gift, or a similar card) has a unique number associated with it. This number is usually printed on the card and required to uniquely identify this card and to refer to it in every transaction.
The whole card number is called Primary Account Number (PAN), and the first six or eight digits of it are also called the Bank Identification Number (BIN).
Also, a card may contain a card security code, which, along with the card number, can be used in card-not-present transactions.
Card on File (CoF)
When card details are stored to streamline the checkout process for returning customers. This can be used for one-click payments, pay-per use services, or any recurring payment that does not follow a fixed schedule.
A recurring payment that occurs on a fixed schedule is referred to as a subscription.
If a merchant is PCI-Compliant at Level 1/Level 2, they can store card details by themselves. Otherwise, they must store card details using a payment service provider like Adyen.
Plastic cards issued by shoppers' banks to enable cashless payments either on a point of sale, via an ecommerce website, or inside a mobile application. Cards may be debit, credit or prepaid, and are usually operated by card networks. Sometimes cards may be linked to ewallets or other local payment methods, but most commonly they are used to withdraw cash or make cashless payments.
A typical card contains a card number, which uniquely identifies a card. It also contains a security code, used in combination with other information (a card expiry date and cardholder name) to verify card-not-present payments (for example, when paying for goods or services on a ecommerce website or inside a mobile application).
Card security code (CVC, CVV, CID)
The 3- or 4-digit numeric code that is printed on a card in addition to the card number. The security code is used in card-not-present transactions to verify the identity of a cardholder.
This code may have different names, for instance:
- Visa: Card Verification Value (CVV, CVV2)
- Mastercard: Card Validation Code (CVC, CVC2)
- Amex and Discover: Unique Card Code (CID)
The security code is an example of Sensitive Authentication Data, and as such in scope of PCI DSS compliance restrictions
If a shopper for some reason wants the funds returned from a merchant, they can ask the merchant to make a refund. If the merchant refuses, a shopper may ask their issuer to make a chargeback (sending the funds back from the merchant to a shopper).
After a chargeback is initiated, the merchant can dispute it in some cases. If a dispute is allowed, the merchant should provide all necessary documents to either the acquiring bank, or to the payment processor.
When possible, Adyen helps its merchants to automatically dispute chargebacks, and also provides extensive risk management services (RevenueProtect) to analyze fraudulent transactions and minimize chargebacks.
Contactless or Near Field Communication (NFC)
Contactless payments allow your shoppers to make payments without inserting or swiping their card. In the context of POS, NFC is the technology used in contactless payments. Apple Pay, Google Pay and Samsung Pay all use the standard NFC protocol and are therefore accepted. These payment methods are considered strongly authenticated and therefore support high-volume transactions.
When a payment method issued in one country is used to make a purchase from a merchant based in another country. This is also referred to as an "international payment".
Adyen makes it easy for you to accept and settle payments from more than 70 different countries. For more information on cross-border payments, see our Cross-border payments guide.
Customer Area (CA)
A cloud-based web interface, that can be accessed by merchants with an active Adyen account. The Customer Area allows merchants to manage users, submit and obtain data required to integrate with the plataforma de pagamentos da Adyen, view and download comprehensive reports on all the payments, and much more.
The endpoints for accessing the Customer Area interface are different for test and live Adyen accounts.
Digital Customer Recognition (DCR)
Used to identify customers who have shopped with the merchant previously across channels. Can be used for loyalty programs.
When a shopper for some reason wants funds returned from a merchant, and a payment was already captured, the shopper can initiate a refund. If the merchant refuses, the shopper may ask their issuer to make a chargeback. If a merchant disagrees, they can dispute the chargeback.
If disputing a chargeback is allowed (for more information, see Payment methods), the merchant must provide documents confirming the delivery of a product/service, and send these documents either to the acquiring bank or the payment service provider.
When possible, Adyen helps its merchants to automatically dispute chargebacks, and also provides extensive risk management services (Risk management) to analyze fraudulent transactions and minimize chargebacks.
Dynamic Currency Conversion (DCC) or Cardholder Preferred Currency (CPC)
Allows shoppers to convert the transaction amount to their card's default currency when making a payment abroad.
The shopper is presented with the choice to convert the transaction amount, when the transaction is in a currency other than the default configured on the card and the terminal has been configured to allow DCC.
Full details on the exchange rate are provided to the shopper on the terminal to allow an informed decision, and simultaneously to the POS app for merchant information.
The shopper either accepts or rejects the DCC offer and proceeds with the selected amount and currency. If the shopper chooses DCC, related information is shown on the receipt.
Shoppers can immediately understand the full amount charged for the transaction in a familiar currency.
Ecommerce payments (or Online payments)
Payments made by shoppers via electronic commerce (like websites, webshops, social networks) for either goods or services provided by merchants. These payments are usually made using cards or local payment methods that have been optimized for ecommerce.
Other types of electronic payments are in-app payments and point-of-sale payments. Merchants usually require a payment service provider to process these payments. Adyen allows its merchants to accept omnichannel payments (ecommerce, in app, and in store).
Europay, Mastercard, Visa (EMV)
A global standard for integrated circuit cards (ICC).
Floor Limit is the maximum cash value the terminal allows for a transaction when processed offline. An inclusive limit is configured which applies to each individual transaction. If the amount of the transaction is below the configured Floor Limit and the terminal can not connect to the Adyen host for authorization the terminal will leave the decision up to the card to approve or decline the transaction. Debit cards will typically decline a transaction while most credit cards are configured to approve a relatively small amount offline.
In payments, this means that there was an attempted transaction made by a criminal. The target of a fraud can either be a merchant or a shopper (depending on the approach of the fraudster).
Fraud defense is an important part of the payment process and is a service that can be provided by the payment provider – as Adyen does with RevenueProtect.
In-app payments (or Mobile payments)
Electronic payments made by shoppers via mobile apps. These payments are usually made with cards or local payment methods, and utilize either native mobile APIs or web pages optimized for mobile (also called as mobile web).
Other types of electronic payments include ecommerce payments and point-of-sale payments, which are based on similar infrastructure and usually require a payment service provider for merchants to automate and maintain these payments. Adyen allows its merchants to accept omnichannel payments (ecommerce, in app and in store).
Integrated Circuit Card (ICC)/Chip
In the context of payments, an EMV credit card with an embedded chip which is used to hold card information.
A fee that is paid to the issuer by the acquirer for each payment transaction made via a card network. The interchange fee amount is determined by the corresponding card network, as well as the scheme fee.
A further fee is then deducted from the total by the acquirer before paying into the merchant's account.
Issuer (or Issuing bank)
A bank that issued a card for a shopper to make cashless payments via an ecommerce website, inside a mobile app, or in a physical store. To be able to issue a card, an issuer must be a member of one or several card networks, or subscribe to one of the card services (for instance, ICS).
Sometimes a shopper's bank is referred to as an issuer even if there is no card issued. This is to distinguish between a shopper's bank, which sends funds, and a merchant's bank, which acquires funds.
Know Your Customer (KYC)
Know Your Customer (KYC) is the process of identifying and verifying the identity of your customers. This is required by the payment industry regulations as a prerequisite to allow individuals or business entities being paid out.
With Adyen for Platforms and Issuing, you don't need to manually perform KYC checks for your customers. Instead, you send the collected KYC data to Adyen, and we automatically conduct required verification.
Local payment methods (or Alternative payment methods)
Payment methods that allow merchants to accept ecommerce and in-app payments without use of cards. These methods include bank transfers, direct debit, e-wallets, mobile payments and so on.
For merchants that want to sell goods and services globally to shoppers from all over the world, it is important to support local payment methods that are popular in each specific region.
With Adyen, merchants have access to all the key local payment methods already via Adyen's unified payments platform. For a list of these payment methods, see Payment Methods.
A rewards program offered by a company to customers who frequently make purchases. Use Adyen's shopper recognition features to implement loyalty programs and further enhance the overall shopping experience of your loyal shoppers, while improving customer retention.
Magnetic Stripe Reader (MSR)/Swipe
Device that reads card data from the magnetic stripe on the reverse of the card.
Mail Order/Telephone Order (MOTO)
A card-not-present transaction, where the payment details are presented to a merchant by a shopper by means of mail (not email), fax, or telephone.
MOTO transactions are typically carried out offline: instead of entering payment details on an online payment form, shoppers make a call to a call center or send a coupon/voucher to communicate their credit card number.
With the Adyen MOTO features, you can integrate your webshop payments with your call center payments, and enjoy unified reporting covering both transaction flows.
Manual Keyed Entry (MKE)/Keyed
Manual key entry involves manually typing the details from a customer's card into either the POS app or the payment terminal.
An ecommerce website or a mobile app that enables third parties (referred to as sub-merchants) to provide their products or services to the users of a platform. Payments are processed through the platform and split between the marketplace and sub-merchant. Examples of online marketplaces are crowdfunding platforms, peer-to-peer marketplaces, ride sharing services, and so on.
Marketplaces need to implement sub-merchant onboarding, processing payments, performing KYC verification, and making payouts. With Adyen, you can benefit from using Platforms – a fully compliant end-to-end payment solution that enables you to do this, and maintain control over the frontend and user experience.
The party selling goods or services to shoppers via an ecommerce website, a mobile app, on a point of sale, or across all three channels. To accept payments made with cards or local payment methods, a merchant must have an acquiring bank account and subscribe to the services available from the payment service provider.
When the POS app (cash register) has performed product selection and totaled the amount, the order is typically stored in the merchant back-end. The outcome of the payment process will be stored with the order.
Refunds for existing orders are communicated from the POS app to the merchant back-end where an API call to theplataforma de pagamentos da Adyen is made to perform the refund. The merchant back-end receives webhooks from the plataforma de pagamentos da Adyen.
Merchant of Record (MoR)
An entity that operates a platform and manages interactions with its sellers (sub-merchants) or suppliers. The MoR performs due diligence by overseeing and controlling all commercial activity on the platform. In this way, the MoR's payment service provider has a relationship with only the MoR itself.
Responsibilities of an MoR include:
Managing all transactions, refunds, cancellations, and disputes.
Providing the first line of customer support for shoppers.
Acting as the final arbiter of financial disputes.
Monitoring to ensure that no illegal, prohibited, or counterfeit products or services are sold.
No CVM (Cardholder Verification Method)
A transaction where there is no owner verification check for a credit card. No CVM payments have a low transaction threshold.
Webhooks are HTTP callbacks sent to an endpoint on your server. They inform you about authorised, captured and modified payments, as well as other events.
Webhooks are crucial for a successful integration with Adyen. You can use webhooks to automate business processes, for example order management or downloading reports for accounting.
For more information, refer to Webhooks.
A CVM that verifies the cardholder's PIN by encrypting the entered PIN before sending it to the card.
Terminals that support this method must also support the less secure Offline plain-text PIN method.
Adyen payment terminals process transactions online by default. Offline processing is optional and requires configuration.
Offline acceptance of payments in situations where no network connection is currently available. Debit cards will typically decline a transaction while most credit cards are configured to approve a relatively small amount offline.
Omnichannel payment solution
A set of services and technical solutions provided by a payment service provider, which allow a merchant to accept cashless payments across all channels (online, inside a mobile app or on a point of sale).
Most PSPs enable merchants to accept payments via specific channels only. Adyen is the only PSP that provides a true omnichannel solution for its customers. This gives merchants a single reporting dashboard from which to view all purchases made across different channels.
Simplifies the purchasing process for returning shoppers by allowing them to make a payment without entering their full card and address information. By enabling one-click payments, the shopper's details are stored during the first payment. For each successive payment the shopper only needs to enter their card security code (CVC/CVV) to complete the order.
One-click has the advantage of ensuring the full card authorisation takes place for each payment, including card security code checks and 3D Secure, if applicable. The potential disadvantage is that the shopper must be present for all payments to supply their card security code.
Where the entered PIN is sent online to the card issuer for verification. The entered PIN is encrypted before it is sent.
Online PIN is used when the specific card scheme (payment method) and specific card support it.
Capture payments with an amount that is higher than the authorised amount.
Card schemes usually allow overcapture only for a certain percentage and only for specific types of businesses.
An alternative is to adjust the authorised amount before capture.
A service that helps merchants to initiate online, in-app and in-person payments. It is not directly involved in the money flow; typically, it is a web server to which a merchant's website or a POS system is connected.
A payment gateway can be provided by a bank, or can exist as a separate service that connects to one or more payment processors. Adyen combines the functions both of a payment gateway and a payment processor, as well as a risk management system and an acquirer. This makes Adyen a full-stack payment service provider.
An authorised payment can be either captured or canceled. If a payment has been already captured, it can be also refunded later. Capture, cancel, and refund actions are called modifications, because they modify the state of a payment.
Modifications can be done either manually (through the Customer Area interface), or automatically (using the plataforma de pagamentos da Adyen API). If an API call is made, the merchant receives an acknowledgement in the response. After Adyen processes the payment modification, Adyen sends the result asynchronously through webhooks.
A system that connects to a shopper's bank and a merchant's bank in order to make a payment transaction on behalf of a merchant. Usually, a payment processor obtains the payment information from a payment gateway.
Adyen combines the functionality of a payment gateway and payment processor, as well as risk management and acquirer. As such it is a full-stack payment service provider.
Payment Service Provider (PSP)
A company, which combines the functions of both a payment gateway and a payment processor, can connect to multiple acquiring and payment networks. Additionally it can be an acquirer and provide risk assessments and other financial services.
For merchants, it is often cheaper and more convenient to use services of a PSP, rather than have different contracts with various payment gateways, processors and acquiring banks.
Adyen not only operates as a full-stack Payment Service Provider, but also gives its customers a true omnichannel solution to accept payments anywhere in the world.
Payment terminal (or POS terminal, pin entry device (PED))
A device that communicates with a shopper's card at the point of sale. Usually, a card is tapped, dipped (inserted), or swiped at a payment terminal. The terminal then prompts the shopper to enter a PIN or sign (depending on the country, card type, and the transaction amount). It is sometimes referred to as a Pin Entry Device (PED).
Adyen refers to the payment terminal as "the terminal". The terminal accepts an API request to start a transaction. The terminal displays the amount charged to the shopper and allows printing of a receipt. It will also offer DCC if applicable. Once an authorisation is obtained, the resulting data is sent to the plataforma de pagamentos da Adyen for further processing. The receipt is sent with this data and you can see it in the Customer Area.
Adyen uses various types of terminals, optimized for integration with the Adyen payments platform.
This term has multiple definitions in the payments industry and in general means a large amount of money paid at once to either an individual or a business entity. For example, an online marketplace transmits a payout to their sub-merchants for the products/services they provide to the marketplace customers.
Being PCI DSS-compliant means that you meet all applicable requirements of the current Payment Card Industry Data Security Standard (PCI DSS) on a continuous basis. PCI DSS was created by major card networks to increase safety of cardholder data and reduce the risk of fraud. All organizations that deal with payment card processing must be PCI-compliant, which means fulfilling very strict requirements on securing cardholder data.
Merchants who find it difficult or expensive to fully comply with PCI DSS requirements may consider using encrypted methods (such as Hosting the CSE library) or outsourcing card processing to a PCI-compliant payment service provider, such as Adyen. This way their PCI DSS-compliance scope can be significantly reduced.
Used by the merchant to bypass the PIN entry for the shopper. This option should only be used when the merchant trusts the shopper.
A cardholder is expected to know the PIN for the card issued. Comparing the signature as well as the cardholder name with some form of identification is recommended when bypassing PIN entry.
Plain Text PIN
Verifies the cardholder's PIN by sending the unencrypted PIN to the card. This is commonly used by cards that can't support the more secure Offline enciphered PIN. (PosEntryMode ICC only).
Point of sale
A point-of-sale solution allows a shopper to make a cashless in-person payment in a merchant's shop or other physical location. This payment is made using cards, NFC wallets (like Apple Pay), QR code wallets (like Alipay), or prepaid and gift cards.
Adyen provides its own point-of-sale service, including payment terminals and infrastructure. Merchants that also accept payments online or in-app can use Adyen as their omnichannel payment solution. This gives them a single reporting dashboard, where they can view all purchases.
Often the terms POS app and cash register are used to denote the software collecting point-of-sale payments.
Point-of-sale Entry Mode
The means by which the card number (PAN) is propagated to the payment terminal. For example, Keyed, Swiped, NFC.
Point-of-sale payments (or In-person payments)
Electronic payments made by shoppers via POS systems to buy products or services from merchants at a physical location (for example, a store or a ticketing booth). These payments are usually made with cards (swipe, ICC, or contactless).
Other types of electronic payments include online payments (ecommerce) and in-app payments, which are based on similar infrastructure and usually require a payment service provider for merchants to automate and maintain these payments. Adyen allows its merchants to accept payments across all possible channels (ecommerce, mobile, and point of sale).
Point-to-Point Encryption (P2PE)
Secures card data that is being communicated from point A to point B.
An application used at the point of sale that allows product selection and that calculates the total amount to be charged from a cardholder. Additional functionality can include loyalty handling, stock keeping, and so on. This term is often used interchangeably with cash register.
The POS app can run on a physical machine, or can be hosted in combination with an interface for the staff or customer (in kiosks). To initiate payments, the POS app communicates with the Adyen Terminal API. The POS app is part of a POS system that includes hardware components like a receipt printer, barcode scanner, cash drawer, and payment terminals.
Process Data Quickly (PDQ)
Legacy name, reading the Primary Account Number (PAN) from the Magnetic Stripe Reader (MSR) was quick compared to Manual Keyed Entry (MKE).
Every payment or modification request (such as a refund or a capture request) in Adyen's system has a globally unique 16-character string called the PSP reference associated with it. This string is alphanumerical (it can contain both numbers and letters).
Merchants can get the PSP reference from the Customer Area, webhooks, the API response, and our reporting. It is advised to quote the PSP reference when communicating with Adyen about specific transactions.
Adyen, as a PCI-compliant payment processor, can securely store payment details to enable recurring payments. For this, merchants must enable the recurring contract in the first authorisation call to the plataforma de pagamentos da Adyen. In response, they get a token that uniquely corresponds to a specific shopper and their payment data.
When recurring payments are enabled, a merchant can use this token in the future. For this, a merchant passes the token along with the authorisation call every time a shopper should be charged for a subscription, initiates a card-on-file payment, or initiates an unscheduled card-on-file payment.
Stored card details become outdated over time as cards expire or are cancelled. To minimize this disruption, use Adyen Account Updater to ensure that you have the most up-to-date card information, enabling you to provide continuous subscription services.
When a shopper cancels the purchase of a product or service, after they have paid. When the merchant makes the refund, the funds are sent back from the acquirer to the issuer. If an authorised payment hasn't been captured yet, a merchant can cancel the payment; in other cases a refund is possible.
If a merchant refuses to make a refund, a shopper can ask their issuer to make a chargeback. In some cases, a merchant is allowed to dispute a chargeback.
Refunds are also referred to as a modification, because they modify the state of an authorised payment request.
Risk management (RevenueProtect)
A set of services and techniques to analyze and assign a risk score to each payment transaction. Filtering high-risk transactions allows merchants to minimize the number of fraudulent payments and therefore maximize the revenue. Performing accurate risk management is extremely complex, and involves big data analysis.
Adyen introduced its own risk management system (RevenueProtect), which, thanks to its core features of ShopperDNA, allows merchants to identify and block fraudsters, while reducing friction for legitimate shoppers.
A fee that is paid by the acquirer to the card scheme for each payment transaction made with the card scheme.
The fee amount is determined by the corresponding card scheme, in addition to the Interchange fee.
Sensitive Authentication Data
Security-related information that is used to authenticate cardholders and/or authorize payment card transactions. This can include card validation codes/values, full track data from the magnetic stripe or chip, PINs, PIN blocks, and more.
See also: Card security code (CVC, CVV, CID).
A customer who buys goods or services from a merchant. In this glossary it is assumed that a shopper makes a cashless payment, which means that they use either cards or local payment methods to pay.
Depending on the Merchant's business model the accepted POS Entry Modes and CVM's can be configured to only consist of a subset of the above.
A payment card with a monetary value that is stored on the card itself, instead of in a bank account. Examples are gift cards and prepaid cards. Some stored-value cards can be reused by transferring money to it, others are disposable cards that can't be reloaded.
Strong Customer Authentication (SCA)
SCA is mandated in PSD2 as a way to make online payments and online banking transactions more secure.
An authentication is considered strong if a shopper is able to provide two out of the following factors:
- Something the shopper has.
- Something the shopper knows.
- Something the shopper is.
For example, a shopper is required to supply a one-time authentication code received on their phone (something the shopper has), and a password that only the shopper knows (something the shopper knows).
Recurring payments that occur on a fixed schedule. Popular examples of subscription payments are music and TV streaming services.
If a recurring payment does not follow a fixed schedule, it is a Card on File (CoF) payment or an Unscheduled Card on File (UCoF) payment.
In the context of payment terminals at Adyen, the tender is the entire process for the POS app to start the transaction, receive card information, make optional changes to the amount, await authorization, print the receipt, and receive a final status. This entire process is accompanied by a reference for the tender: the
Tokenization is the process of replacing sensitive data with non-sensitive data (known as a token), which can be later used to get access to the initial (tokenized) data. In the payments industry, it is used to safeguard a card number and other payment data by replacing it with a unique string of numbers. This string can be used later to implement recurring payments.
Together with Client-Side Encryption, tokenization enables merchants to securely pass their shoppers' data to a payment service provider, like Adyen.
Transaction (or Tx)
In the payments industry, the term "transaction" is used to indicate exchanging of a specified amount of funds from a shopper for purchasing products or services from a merchant, or for fulfilling any other obligations between the two parties.
Funds are usually transferred by means of card payments or local payment methods (bank transfers, e-wallets, mobile payments, etc.).
Tx is a commonly used abbreviation to denote a financial transaction.
Unscheduled Card on File (UCoF)
An unscheduled card-on-file payment is a type of recurring payment that's used for transactions that occur on a non-fixed schedule and/or have variable amounts. For example, automatic top-ups when a cardholder's balance drops below a certain amount.
A recurring payment that occurs on a fixed schedule is referred to as a subscription.
If a merchant is PCI-Compliant at Level 1/Level 2, they can store card details by themselves. Otherwise, they must store card details using a payment service provider like Adyen.
A zero-value auth is an authorisation request with a value of 0 (EUR/USD/etc.). This is used to either store details or obtain shopper details to be able to look up previous purchases or other details from the merchant database.
Zero-value auth is used for example when submitting a BIN or a card verification request.
Aggregator merchants are intermediaries between merchants and an acquirer. They are contracted by an acquirer to perform all or some of the following actions on behalf of the acquirer:
- Onboard merchants.
- Process transactions under an aggregated identifier.
In this case, the merchant interacts with the aggregator instead of the acquirer.
- Settle transactions and ensure payouts to the merchants.
The following are types of aggregators:
- Bill payment providers
- Digital Wallet operators
- Payment facilitators
Merchant Category Code
The Merchant Category Code (MCC) is a four-digit code that the card networks use to categorize a merchant's business based on what goods or services they offer. It is also referred to as the Card Acceptor Business Code. The acquirer usually assigns each merchant an MCC during onboarding, and populates it for all payments. If the merchant is a sub-merchant, the payment facilitator might assign the MCC instead.
For descriptions of the different MCCs, see Visa's merchant data standards and Mastercard's reference booklet.
Payment facilitator (payfac)
A payment facilitator is an entity that is authorized to onboard merchants to an acquirer's platform and receive settlement funds for them on behalf of an acquirer. Payfacs are a type of aggregator merchant. Payment facilitators can perform all the of the following actions:
- Onboard merchants on behalf of an acquirer.
Merchants onboarded by a payfac are called "sub-merchants".
- Process transactions for sub-merchants with the card schemes.
- Receive settlement funds from the acquirer and pay out sub-merchants.
A merchant who is onboarded to an acquirer through a payment facilitator. The payment facilitator processes all of the sub-merchant's transactions.