E-COMMERCE TERMS

Acquiring Bank / Merchant Bank
The bank that does business with merchants enabling them to accept Credit Cards. A merchant has an account with this bank and each day deposits the value of a day's Credit Card sales. Acquiring banks buy (acquire) the merchant's sales slips and credit the tickets' value to the merchant's account. Also called the acquirer.

Acquiring Processor
The processor provides Credit Card processing, billing, reporting and settlement, and operational services to acquiring banks. Many financial institutions do not do their own bankcard processing because it is more cost-effective to let someone invest in the equipment and people and do it for them.

Aggregator
Organizations that provide merchants (in many cases start-up companies) with an Internet merchant account. Newly established companies may have difficulty qualifying immediately for merchant services from local banks due to the company's age, lack of transaction history, etc. Aggregators will accept financial responsibility for these merchants' transactions, effectively acting as guarantor to the acquiring bank for the smaller and newly established companies that banks may not wish to accept directly due to the higher risk involved. Aggregators will combine these smaller merchants under their merchant account enabling them to participate in e-commerce.

Application Service Provider (ASP)
A third-party organization that manages and distributes software-based services and solutions to customers across a wide area network from a central data center.

Authorization
The act of insuring that the cardholder has adequate funds available against their line of credit. A positive authorization results in an authorization code being generated and those funds being set aside. The cardholder's available credit limit is reduced by the authorized amount.

Batch
The accumulation of captured (sale) transactions waiting to be settled. Multiple batches may be settled throughout the day.

Brick-and-mortar
A traditional business that operates by dealing with customers in a face-to-face environment, such as an office or store

Browser
A software application used to locate and display World Wide Web pages. NCSA Mosaic, Netscape Navigator, and Microsoft Internet Explorer are all browsers.

Business to Business Commerce (B2B)
Commercial transactions between two or more businesses. B2B was originally undertaken using EDI. XML is now the preferred solution.

Business to Consumer Commerce (B2C)
The sale of Goods or Services to a Consumer where the transaction takes place over the Internet.

Capture
Converting the authorization amount into a billable transaction record within a Batch. Transactions cannot be captured unless previously authorized and the goods or services have been shipped or transmitted to the consumer.

Card Association
Visa and MasterCard, which are the licensing and regulatory agencies for bankcard activities.

Cardholder
Any person who opens a Credit Card account and makes purchases using a Credit Card.

Card-not-present Transaction
A Credit Card transaction in which the merchant has received the card number from the buyer, but is unable to physically link the card to the buyer (i.e. Mail Order/Telephone Order or online transactions). This type of transaction carries the highest interchange rate due to high risk factor.

Card-present Transaction
A card transaction in which the buyer physically gives the merchant their Credit Card in which to pay for the purchase. This type of transaction carries the lowest interchange rate since the buyer is actually present for the transaction. Also called a face-to-face transaction.

Certificate Authority (CA)
A trusted third-party organization or company that issues digital certificates used to create digital signatures and public-private key pairs. The role of the CA in this process is to guarantee that the individual granted the unique certificate, is who he or she claims to be.

Chargeback
A chargeback is a transaction returned by a customer's card-issuing bank due to dispute or non-acceptance of the transaction.

Clearing
The process of exchanging transaction details between an acquirer and an issuer to facilitate posting the transaction on the cardholder's account and reconciling their settlement position.

Click-and-mortar
Click-and-mortar describes a store that exists both online and in the physical world, for example Barnes and Noble.

Consumer Fraud
Unauthorized use of cardholder information such as attempts to purchase products or services using another person's card.

Cryptography
The process of securing private information that is passed through public networks, by mathematically encrypting the information so that it is unreadable to anyone except the person(s) holding the mathematical "key" that is needed in order to decrypt the information.

Data Capture
The collection of merchant bank card sales receipts from the merchant's point-of-sale terminal or electronic cash register by an electronic means

Digital Certificate
An attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply.

Digital Signature
A digital code, attached to an electronic message that verifies the sender. Digital signatures are especially important for electronic commerce and are a key component of most authentication schemes. To be effective, digital signatures must not be open to forgery. A number of different encryption techniques use digital signatures.

Discount Rate
The fee a merchant pays its acquiring bank/merchant bank for the privilege to deposit the value of each day's credit purchases. The fee is usually a small percentage of the purchase value.

Disintermediation
Removing the middleman. This term is used to describe the function of many Internet-based businesses that use the World Wide Web to sell products directly to customers rather than going through traditional retail channels. By eliminating the middlemen, companies can sell their products cheaper and faster.

Domain Name
An organization's Internet address. For example, firstecom.com is the domain name of First Ecom, the payment processor. The '.com' designation indicates the site is for a company. Other popular suffixes are '.org' for non-profit organizations and '.net' which is used by organizations and businesses connected with Internet services. Organizations may add two letter endings to these addresses (e.g. www.microsoft.com.hk) to indicate they are in a specific country. The '.edu', '.mil', and '.gov' domains are traditionally reserved for government organizations.

Electronic Banking (E-banking)
A form of banking that allows individuals access to personal or business banking services over a public network such as the Internet. E-banking usually allows 24 hour access to basic banking services, including the ability to transfer funds through personal computers via telephone lines between financial institutions. E-banking uses computer and electronic technology as a substitute for paper transactions such as checks.

Electronic Commerce (E-Commerce)
The buying and selling of goods and services on the Internet, especially the World Wide Web. In practice, this term and a new term, 'e-business', are often used interchangeably. For online retail selling, the term 'e-tailing' is sometimes used.

Electronic Merchant (E-merchant)
A merchant that runs his/her business electronically via the Internet.

Electronic Payment (E-payment)
The ability to effect payment online without the physical transfer of cash or documents, regardless of time or location. E-payment methods include Credit Cards, debit cards, smart cards, e-checks,etc.

Encryption
A way of coding the information in a file or e-mail message so that if a third party intercepts it as it travels over a network it cannot be read. Only the person or persons that have the right type of decoding software (i.e. key) can decrypt the message.

ESD
Electronic Software Distribution, a system for selling software over a network. ESD systems provide secure communications that customers use to download and pay for software. These systems can operate over the Internet or on a direct modem-to-modem connection. ESD systems can also allow users to use software for a trial period before purchasing.

Firewall
A system designed to prevent unauthorized access to or from a private network, usually unauthorized access from the Internet into a private network.

Host(ing)
Web sites that are stored on a server by an Internet Service Provider (ISP)

HTTP
Hyper Text Transfer Protocol, the underlying protocol used by the World Wide Web. HTTP defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. For example, when you enter a URL in your browser, this actually sends an HTTP command to the Web server directing it to fetch and transmit the requested Web page.

HTML
Hyper Text Markup Language, the language used to create documents on the World Wide Web and which governs how Web pages are formatted and displayed. HTML defines the structure and layout of a Web document by using a variety of tags and attributes.

Internet Access Provider (IAP)
An organization that provides access to the Internet, whether through dial-up, cable modem or wireless. Often considered to be a subset of Internet Service Providers.

Internet Point-of-Sale (IPOS)
Allows merchants to safely channel and process traditional card-based transaction data over the Internet in real-time. The transaction is classified as a person present transaction, rather than an Internet (i.e. person not present) sale.

Internet Service Provider (ISP)
An organization that provides a range of Internet services such as access, Web development, and/or Web site hosting.

IP Address
An identifier for a computer or device on a TCP/IP network. Networks using the TCP/IP protocol route messages according to the IP address of the destination. The format of an IP address is a 32-bit numeric address written as four numbers separated by periods. Each number can be from zero to 255. For example, 1.160.10.240 could be an IP address. Within an isolated network, IP addresses can be assigned at random as long as each one is unique. However, connecting a private network to the Internet requires using registered IP addresses (called Internet addresses) to avoid duplicates.

Issuing Bank
The bank that extends credit to customers through bankcard accounts. The bank issues the Credit Card and receives the cardholder's payment at the end of the billing period. Also called the issuer or the cardholder bank.

Key
A password or table needed to decipher encoded data.

Mail Order/Telephone Order (MO/TO)
A Credit Card transaction where the order and payment information are transmitted to the merchant via the mail or telephone.

Merchant
The party that offers goods or services in exchange for payment. Merchants that accept payment by card must have a relationship with an Acquiring Bank.

Merchant Fraud
Fraud perpetrated against other parties, usually the cardholder or the bank, typically through the use of the card acceptor's payment system.

On-Us Transaction
Any electronic banking transaction in which the acquiring member and the issuing member are the same institution or are within the same network facility.

Payment Gateway
An electronic application that integrates with a merchant's Web site in order to transmit transaction data to the payment card acquirer for both authorization and settlement purposes. A payment gateway accepts transactions from online merchant storefronts and routes them to a financial institution's processing system.

Payment Switch
The switch routes payment card transaction data to the respective financial institution for the purposes of approving, processing, and settling electronic payment transactions.

Per Transaction Fee
A transaction is the process that takes place when a cardholder makes a purchase with a payment card. A fee is then charged on these authorized transactions to cover necessary costs associated with processing the transaction.

Personal Identification Number (PIN)
A number that must be entered along with a payment card number for certain credit or debit cards to make a transaction. The PIN functions as a password in that it does not allow the holder to use the card without first providing the PIN.

PKI
Public Key Infrastructure, an entire system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction. PKIs are currently evolving and there is no single PKI or even a single agreed-upon standard for setting up a PKI.

Plug-in
A software module designed to add functionality to an existing software application.

Point-of-Sale (POS)
The location at of the merchant's physical place of business where consumers make face-to-face purchases.

Point-of-Sale (POS) Terminal
A server that is placed in the merchant's location and connected to the banks' systems, interfacing cardholder software and acquirer payment systems. It is used to electronically read, authorize, record, and transfer data to and from the merchant for each sale. Also called a swipe box.

Public Key Cryptography
An encryption method that uses two Keys: one key to encrypt the message and another key to decrypt the message. The two keys are mathematically related so that data encrypted with either key can only be decrypted using the other. Each user has a public and a private key, and only the public key is distributed to parties with whom the user exchanges encrypted messages.

Recurring Payments
A type of transaction that allows the merchant to process multiple authorizations for the same buyer. Recurring payment can be either multiple payments for a fixed amount or repeated billings.

Secure Server
A secure Web server that encrypts and decrypts messages to protect them against third party tampering. Purchases made from a secure Web server ensure that a user's payment or personal information is encrypted and not accessible to unauthorized persons

Settlement
As the sales transaction value moves from the merchant to the acquiring bank to the issuer, each party buys and sells the sales ticket. Settlement is what occurs when the acquiring bank and the issuing bank exchange data or funds during that function.

Shopping Cart
Software that handles an online store's catalog and ordering process. A shopping cart is the interface between a business's Web site and its internal infrastructure. Shopping carts allow consumers to select merchandise from a Web page, review what they have selected, make changes or additions, and purchase the merchandise

Smart Card
A smart card is a Credit Card with a built-in microprocessor and memory used for identification and financial transactions. It allows electronic money to be stored in a secure, but portable medium and when inserted into a reader, it transfers data to and from a central computer.

SSL
Secure Sockets Layer, a standard that enables secure credit card transactions on the Internet. SSL is the leading security protocol developed by Netscape for transmitting private documents via the Internet. SSL uses a private key to encrypt data and then sends this over the SSL connection. Netscape Navigator, Internet Explorer, and most commercially available Web browsers support SSL. Many Web sites use the protocol to obtain confidential user information. By convention, Web pages that require an SSL connection start with https instead of http.

Stored Value Card
A card that contains either a computer chip of magnetic strip and is used to store or debit money electronically.

TCP/IP
Transmission Control Protocol/Internet Protocol, the suite of communications protocols used to connect hosts on the Internet. TCP/IP uses several protocols, principally TCP and IP. TCP/IP is built into the UNIX operating system and is used by the Internet, making it the de facto standard for transmitting data over networks.

Third-party Fraud
Unauthorized use of payment card information by individuals, such as hackers who have illegally obtained the card information.

Third-party Processor
A company that contracts with banks and financial institutions to perform some or all of the tasks necessary to process payment cards, including authorization and settlement.

URL
Uniform Resource Locator, the global address of documents and other resources on the World Wide Web. The first part of the address indicates what protocol to use, and the second part specifies the IP address or the domain name where the resource is located.

Web or World Wide Web (WWW)
A system of inter-connected Internet servers that supports specially formatted documents. The documents are formatted in HTML, which supports links to other documents, as well as graphics, audio, and video files. Internet users can jump from one HTML document to another simply by clicking on designated hot spots. Not all Internet servers are part of the World Wide Web.