Glossary A

A.A.A.: Authentication, authorization, and accounting protocol.

Access Control: Mechanisms that limit availability of information or information processing resources solely to authorized persons or applications.

Account Data Compromise Event (ADCE): An event which account data may have been compromised and could lead to unauthorized use of the cardholder’s account. An account data compromise event does not mean account data was wrongfully disclosed or used, but that account data may have been wrongfully disclosed or used.

Account Number Truncation: The process of not printing the full primary account number and expiration date on a receipt. Usually, only the last four digits of the primary account number are printed.

Account number: Every cardholder's account is identified by an account number, also known as payment card number (credit or debit), that identifies the issuer and the particular cardholder account. Often called Primary Account Number (PAN).

Accounting: Tracking of users’ network funds.

Accounts Payable: The debts your business owes to creditors.

Accounts Receivable: The debts owed to your business.

Acquirer: A financial institution that initiates and maintains contracts and agreements with merchants for the purpose of accepting and processing payment cards (also: Financial Institution, Merchant Bank).

Activate: To prevent fraud, many card issuers require you to call them when you receive your new card in the mail to verify that the accurate person has received it. Until proper ownership is confirmed, the card cannot be activated.

Activity: Activity is any transaction that appears on your bill, including: purchases, cash advances, finance charges and fees and any payments made.

Additional Cardmember / Cardholder: An additional member that signs on the payment card and to your account, such as a spouse. You are liable for any charges that the additional cardholder incurs.

Address Verification Service (AVS): A MasterCard service to combat fraudulent activity for non–face-to-face transactions by cross-referencing the cardholder’s address information with the card issuer’s records.

Advance-fee loan: A loan calculated so that all the finance charges and other creditor operating expenses are deducted before the consumer receives the principal.

A.E.S: Advanced encryption standard. Block cipher adopted by NIST in November 2001. Algorithm is specified in FIPS PUB 197

Affiliate Member: A type of cardholder member that participates indirectly through an association member or a principal member in the activities of this corporation (for example, by issuing MasterCard® cards or by accepting transaction records from merchants).

Agreement: A contract produced by the issuer that describes to the cardholder the terms that apply to the card, including the interest rate charged, method of calculating interest, and any transaction fees. If your card issuer refuses to disclose fully the terms of your card agreement before you accept the card, you may want to shop around for an issuer that will.

American Express: A company that issues cards and acquires transactions through merchants. American Express is not an association of financial institutions like Visa and MasterCard.

Amount Due: In general, the minimum monthly payment you must make, not the total amount you owe.

Annual Fee: Card issuers may charge you a yearly fee additional to the interest that accumulates when you make purchases. Depending on how often you use it, a card with no annual fee but a high interest rate could cost you significantly more than one with a higher annual fee and a low, or no, interest rate.

Annual Percentage Rate (APR): The Annual Percentage Rate measures the cost of credit expressed as a yearly interest rate.

ANSI: American National Standards Institute is a private, non-profit organization that administers and organizes the U.S. voluntary standardization and conformity assessment system.

Anti-Virus Program: Programs which detect, remove, and protect against various forms of malicious code or malware, including: viruses, worms, Trojan horses, spyware, and adware.

Application: Comprises all purchased and custom software programs or groups of programs designed for end users, including both internal and external (web) applications.

Approved Standards: These are standardized algorithms (like in ISO and ANSI) and well-known commercially available standards (like Blowfish) that meet the intent of strong cryptography. Examples of approved standards are AES (128 bits and higher), TDES (two or three independent keys), RSA (1024 bits) and ElGamal (1024 bits)

ASCII (pron. "as-key"): American Standard Code for Information Interchange. A standard way of representing ordinary text as a stream of binary numbers with a code set of 128 characters. The first 32 characters are control codes, the remaining 96 are letters (both uppercase and lowercase), numbers, punctuation marks, and special characters.

Assessment Log: Chronological record of system activities. Provides a trail sufficient to permit reconstruction, review, and examination of sequence of environments and activities surrounding or leading to operation, procedure, or event in a transaction from the beginning to the final results. This is sometimes specifically referred to as security assessment trail.

Asset: Information available or information processing resources of an organization.

Audit: Examination and verification of financial accounts, records, and accounting procedures.

Authenticate: To confirm the identity of an Internet user or computer. For example: Before accepting an online order, some merchants will use advanced security systems to authenticate the customer's identity.

Authentication: In security, process of verifying identity of a subject or process; ensuring that a message is genuine.

Authorization: Approval of a transaction by a cardholder issuer according to defined operations regulations. The merchant receives, via telephone or authorization terminal, this approval to process the transaction.

Authorization Code: A six character numeric or alphanumeric code sent by the card issuer to verify that the sale has been authorized, or approved.

Authorization Message: Within a payment system, any message between a card acceptor and an issuer serving to establish whether the issuer approves for a transaction to proceed.

Authorization Response: Answer to an authorization request, most of the time a code, that advises the acquirer or merchant how to proceed with the transaction.

Auto Close: The process by which daily batches of transactions are automatically summarized and transmitted for end-of-day settlement processing at a scheduled time.

The Automated Clearing House ACH: a batch-oriented electronic funds transfer structure which provides for the interbank clearing of electronic payments for financial institutions. The Federal Reserve System acts as the ACH operator clearing transactions for financial institutions.

Automated Fuel Dispenser AFD : A terminal device used to accept payment for fuel at a gas station.

Automatic Bill Payment: An agreement between a merchant or service provider and a customer that allows recurring automatic charges for a service to an agreed-upon credit or debit account.

Automatic Payment: If you have a savings or checking account with the same bank that issued your credit card, you are able to automatically transfer money from your bank account to pay a credit card bill. Automatic payment eliminates the risk of paying a bill late and being assessed a late charge.

Available Credit: The unused share of credit that falls within the consumer's applicable credit limit.

Average Daily Balance (including or excluding new purchases): This is the most common method of calculating interest. To figure out your average daily balance, your bank will add up the amount you owe for each day of your billing cycle and divide that number by the number of days in the billing cycle (see billing cycle). New purchases may or may not be added to the balance, depending on the individual card's terms. The most favorable calculation excludes new purchases.