Payment glossary
This glossary contains general terms used in the payments industry and should help you demystify the world of payments.
Last updated
This glossary contains general terms used in the payments industry and should help you demystify the world of payments.
Last updated
A service that enables to automatically update stored card details of their . Keeping this data up-to-date may be critical for accepting .
Account Updater works by providing information to the about lost and stolen cards, non-activated cards, and closed card accounts. Visa and Mastercard provide their separate Account Updater solutions, while Carouseller's connects its customers to both Visa and Mastercard Account Updaters, without the need to formally enroll with the and demonstrate compliance – which is handled by Carouseller.
An acquirer is a bank or a financial institute that receives funds for its from a .
To accept , an acquirer should be licensed by corresponding and either partner with a , or be a payment processor itself.
Sometimes, a may operate as an acquirer in certain regions (for example, Carouseller is eligible to providing acquiring services to its clients in the U.S., Brazil, Hong Kong, Australia, and Europe).
In credit card transactions, the Acquirer Reference Number (ARN) is a unique number assigned to a transaction when it goes from the merchant's bank () through the card scheme at the cardholder's bank ().
The ARN can be used to track a payment or . Shoppers can contact their banks to do so and the banks can then use the ARN to track the payment or refund. Merchants can retrieve the ARN from the or the shopper's bank.
A who wants to use Carouseller as a needs to sign up for an Carouseller account. After this account is approved, it gives merchants access to Carouseller's payment services, which can be managed and customized using the interface or the .
Carouseller accounts have two levels: company and merchant. A company-level account determines the global settings for the company, while merchant-level sub-accounts detail specific settings for each merchant.
API stands for Application Programming Interface. This is a general term for programming techniques that are available for software developers when they integrate with a particular service or application. These techniques vary on the software type and may include web API, remote API, SDKs, libraries, frameworks, and much more.
Note that authorisation is valid only for a limited amount of time. In case an authorised payment hasn't been captured or cancelled, it expires after the predefined deadline is missed.
If you have business logic based on BIN values, you can either:
Use fields from the API response to get the information you need.
Check against the BIN ranges from card networks, if you handle raw card data.
The BIN can be used to determine the:
The BIN cannot be used to determine:
The card type, for example credit or debit card.
The country where the card was issued.
By default, payments are captured automatically, immediately after authorisation.
This code may have different names, for instance:
Visa: Card Verification Value (CVV, CVV2)
Mastercard: Card Validation Code (CVC, CVC2)
Amex and Discover: Unique Card Code (CID)
The endpoints for accessing the Customer Area interface are different for test and live Carouseller accounts.
Floor Limit is the maximum cash value the terminal allows for a transaction when processed offline. An inclusive limit is configured which applies to each individual transaction. If the amount of the transaction is below the configured Floor Limit and the terminal can not connect to the Carouseller host for authorization the terminal will leave the decision up to the card to approve or decline the transaction. Debit cards will typically decline a transaction while most credit cards are configured to approve a relatively small amount offline.
A rewards program offered by a company to customers who frequently make purchases. Use Carouseller's shopper recognition features to implement loyalty programs and further enhance the overall shopping experience of your loyal shoppers, while improving customer retention.
Refunds for existing orders are communicated from the POS app to the merchant back-end where an API call to the Carouseller payments platform is made to perform the refund. The merchant back-end receives webhooks from the Carouseller payments platform.
Responsibilities of an MoR include:
Monitoring to ensure that no illegal, prohibited, or counterfeit products or services are sold.
A transaction where there is no owner verification check for a credit card. No CVM payments have a low transaction threshold.
Webhooks are crucial for a successful integration with Carouseller. You can use webhooks to automate business processes, for example order management or downloading reports for accounting.
Terminals that support this method must also support the less secure Offline plain-text PIN method.
Offline acceptance of payments in situations where no network connection is currently available. Debit cards will typically decline a transaction while most credit cards are configured to approve a relatively small amount offline.
Where the entered PIN is sent online to the card issuer for verification. The entered PIN is encrypted before it is sent.
Online PIN is used when the specific card scheme (payment method) and specific card support it.
Card schemes usually allow overcapture only for a certain percentage and only for specific types of businesses. An alternative is to adjust the authorised amount before capture.
For merchants, it is often cheaper and more convenient to use services of a PSP, rather than have different contracts with various payment gateways, processors and acquiring banks.
Used by the merchant to bypass the PIN entry for the shopper. This option should only be used when the merchant trusts the shopper.
A cardholder is expected to know the PIN for the card issued. Comparing the signature as well as the cardholder name with some form of identification is recommended when bypassing PIN entry.
Verifies the cardholder's PIN by sending the unencrypted PIN to the card. This is commonly used by cards that can't support the more secure Offline enciphered PIN. (PosEntryMode ICC only).
Secures card data that is being communicated from point A to point B.
Every payment or modification request (such as a refund or a capture request) in Carouseller's system has a globally unique 16-character string called the PSP reference associated with it. This string is alphanumerical (it can contain both numbers and letters).
Security-related information that is used to authenticate cardholders and/or authorize payment card transactions. This can include card validation codes/values, full track data from the magnetic stripe or chip, PINs, PIN blocks, and more.
A payment card with a monetary value that is stored on the card itself, instead of in a bank account. Examples are gift cards and prepaid cards. Some stored-value cards can be reused by transferring money to it, others are disposable cards that can't be reloaded.
An authentication is considered strong if a shopper is able to provide two out of the following factors:
Something the shopper has.
Something the shopper knows.
Something the shopper is.
For example, a shopper is required to supply a one-time authentication code received on their phone (something the shopper has), and a password that only the shopper knows (something the shopper knows).
Tx is a commonly used abbreviation to denote a financial transaction.
A zero-value auth is an authorisation request with a value of 0 (EUR/USD/etc.). This is used to either store details or obtain shopper details to be able to look up previous purchases or other details from the merchant database.
Zero-value auth is used for example when submitting a BIN or a card verification request.
Onboard merchants.
Process transactions under an aggregated identifier. In this case, the merchant interacts with the aggregator instead of the acquirer.
Settle transactions and ensure payouts to the merchants.
The following are types of aggregators:
Bill payment providers
Digital Wallet operators
Marketplaces
Payment facilitators
Process transactions for sub-merchants with the card schemes.
Receive settlement funds from the acquirer and pay out sub-merchants.
Initially an Carouseller account operates in test mode, allowing merchants to run test payments and safely implement all integrations with the Carouseller payments platform. After successfully passing all integration tests, the Carouseller account can be switched to live mode to accept real-time .
Carouseller's service and . Your integration connects to the Carouseller payments platform to obtain and submit capture data. Processes like as well as are controlled in the Carouseller payments platform. In (in-person payments), the connect to the Carouseller payments platform to register itself and the in the . The and account configuration is done here.
A classic library integration for the point of sale provides functionality to the merchant's POS app.
Carouseller POS libraries are replaced by .
In the payments industry, APIs are usually provided by any party participating in the money flow (e.g. , , ) to facilitate the money transferring process. Carouseller uses the most reliable and secure API, allowing its merchants to integrate with Carouseller services using , , and other modern techniques.
This is the process of the (like Visa or Mastercard) verifying payment details and reserving the funds to it later.
In , and payments, authorisation is implemented as an to the . The gateway and then perform required validation and , and ask a corresponding to authorise this payment from an issuer to an acquirer. In Carouseller API the term "authorisation" is used.
When a payment was authorised but hasn't been captured yet, a merchant can also decide to it for some reason (like a high risk of ).
The first six to eight digits of the are called as the Bank Identification Number (BIN) or Issuer Identification Number (IIN). There is no direct way to know if a card number contains a six or an eight-digit BIN.
.
.
An payment can be either (where funds are sent to a 's account) or cancelled (where a merchant decides to reject the payment for some reason like a high risk of ).
Note that cancelling a payment is not possible for transactions that have already been captured. In this case the merchant should initiate a to send funds back to a shopper. Captures, cancels, and refunds together are called , because they modify the state of an authorised payment request.
A payment that has been by the must be captured to be completed. Capturing is the act of transferring the reserved funds from the to the .
Many payment methods support separate authorisation and capture. This means you can set up a capture delay; capture payments manually (both in the and using ); perform partial captures; or an authorisation.
Captures, cancels, and together are called , because they modify the state of an authorised payment request.
A who uses a issued by a to make cashless payments to a .
Type of verification method used to confirm a payment instrument, such as a , being used in a purchase is in the possession of its .
Payment networks that set rules and provide infrastructure to and process payments made with . For a payment to be made, both an issuer and an acquirer must be members of the same network as the card. Examples of some popular card networks are Visa, Mastercard, American Express, and UnionPay.
Card schemes charge for processing payments, and also regulate the value of the , which depends on many factors for each specific payment.
A made with a , where the shopper cannot physically present the card to the merchant at the time of the transaction. Examples of CNP transactions include , , and .
CNP transactions are a common target for , because it is difficult for the merchant to verify that it is the actual cardholder making the purchase.
Every (be it a debit, credit, gift, or a similar card) has a unique number associated with it. This number is usually printed on the card and required to uniquely identify this card and to refer to it in every transaction.
The whole card number is called Primary Account Number (PAN), and the first six or eight digits of it are also called the (BIN).
Also, a card may contain a , which, along with the card number, can be used in transactions.
When are stored to streamline the checkout process for returning customers. This can be used for , pay-per use services, or any that does not follow a fixed schedule.
A recurring payment that occurs on a fixed schedule is referred to as a .
If a merchant is , they can store card details by themselves. Otherwise, they must store card details using a like Carouseller.
Plastic cards issued by to enable cashless payments either , via an , or inside a . Cards may be debit, credit or prepaid, and are usually operated by . Sometimes cards may be linked to ewallets or other , but most commonly they are used to withdraw cash or make cashless payments.
A typical card contains a , which uniquely identifies a card. It also contains a , used in combination with other information (a card expiry date and name) to verify (for example, when paying for goods or services on a or inside a ).
The 3- or 4-digit numeric code that is printed on a in addition to the . The security code is used in to verify the identity of a .
The security code is an example of , and as such in scope of
If a for some reason wants the funds returned from a , they can ask the merchant to make a . If the merchant refuses, a shopper may ask their to make a chargeback (sending the funds back from the merchant to a shopper).
After a chargeback is initiated, the merchant can it in some cases. If a dispute is allowed, the merchant should provide all necessary documents to either the , or to the .
When possible, Carouseller helps its merchants to automatically dispute chargebacks, and also provides extensive risk management services to analyze and minimize chargebacks.
Contactless payments allow your to make payments without inserting or their card. In the context of , NFC is the technology used in contactless payments. Apple Pay, Google Pay and Samsung Pay all use the standard NFC protocol and are therefore accepted. These payment methods are considered strongly authenticated and therefore support high-volume transactions.
A cloud-based web interface, that can be accessed by with an active . The Customer Area allows merchants to manage users, submit and obtain data required to integrate with the Carouseller payments platform, view and download comprehensive reports on all the payments, and much more.
Used to identify who have shopped with the merchant previously across channels. Can be used for .
When a for some reason wants funds returned from a , and a payment was already , the shopper can initiate a . If the merchant refuses, the shopper may ask their to make a chargeback. If a merchant disagrees, they can dispute the chargeback.
If disputing a chargeback is allowed (for more information, see ), the merchant must provide documents confirming the delivery of a product/service, and send these documents either to the or the .
When possible, Carouseller helps its merchants to automatically dispute chargebacks, and also provides extensive risk management services () to analyze and minimize chargebacks.
Payments made by via electronic commerce (like websites, webshops, social networks) for either goods or services provided by . These payments are usually made using or that have been optimized for ecommerce.
Other types of electronic payments are and . Merchants usually require a to process these payments. Carouseller allows its merchants to accept (ecommerce, in app, and in store).
A global standard for (ICC).
In payments, this means that there was an attempted transaction made by a criminal. The target of a fraud can either be a or a (depending on the approach of the fraudster).
Fraud defense is an important part of the payment process and is a service that can be provided by the .
Electronic payments made by via mobile apps. These payments are usually made with or , and utilize either native mobile or web pages optimized for mobile (also called as mobile web).
Other types of electronic payments include and , which are based on similar infrastructure and usually require a for merchants to automate and maintain these payments. Carouseller allows its merchants to accept (ecommerce, in app and in store).
In the context of payments, an with an embedded chip which is used to hold card information.
A fee that is paid to the by the for each payment transaction made via a . The interchange fee amount is determined by the corresponding card network, as well as the .
A further fee is then deducted from the total by the acquirer before paying into the 's account.
A bank that issued a card for a to make cashless payments via an , , or . To be able to issue a card, an issuer must be a member of one or several , or subscribe to one of the card services (for instance, ).
Sometimes a shopper's bank is referred to as an issuer even if there is no card issued. This is to distinguish between a shopper's bank, which sends funds, and a merchant's bank, which .
Know Your Customer (KYC) is the process of identifying and verifying the identity of your . This is required by the payment industry regulations as a prerequisite to allow individuals or business entities being .
Payment methods that allow to accept and without use of . These methods include bank transfers, direct debit, e-wallets, mobile payments and so on.
For merchants that want to sell goods and services globally to from all over the world, it is important to support local payment methods that are popular in each specific region.
With Carouseller, merchants have access to already via Carouseller's unified payments platform. For a list of these payment methods, see .
Manual key entry involves manually typing the details from a customer's card into either the POS app or the .
An or a that enables third parties (referred to as sub-merchants) to provide their products or services to the users of a platform. Payments are processed through the platform and split between the marketplace and sub-merchant. Examples of online marketplaces are crowdfunding platforms, peer-to-peer marketplaces, ride sharing services, and so on.
Marketplaces need to implement sub-merchant onboarding, processing payments, performing , and . With Carouseller, you can benefit from using – a fully compliant end-to-end payment solution that enables you to do this, and maintain control over the frontend and user experience.
The party selling goods or services to via an , a , , or across . To accept payments made with or , a merchant must have an account and subscribe to the services available from the .
When the (cash register) has performed product selection and totaled the amount, the order is typically stored in the merchant back-end. The outcome of the payment process will be stored with the order.
An entity that operates a platform and manages interactions with its sellers (sub-merchants) or suppliers. The MoR performs due diligence by overseeing and controlling all commercial activity on the platform. In this way, the MoR's has a relationship with only the MoR itself.
Managing all , , , and .
Providing the first line of customer support for .
Acting as the final arbiter of .
Webhooks are HTTP callbacks sent to an endpoint on your server. They inform you about , and payments, as well as other events.
For more information, refer to .
A that verifies the cardholder's PIN by encrypting the entered PIN before sending it to the card.
Carouseller process transactions online by default. Offline processing is optional and requires configuration.
A set of services and technical solutions provided by a , which allow a to accept cashless payments across all channels (, or on a ).
Most enable merchants to accept payments via specific channels only. Carouseller is the only PSP that provides a true omnichannel solution for its customers. This gives merchants a single reporting dashboard from which to view all purchases made across different channels.
Simplifies the purchasing process for by allowing them to make a payment without entering their full card and address information. By enabling one-click payments, the shopper's details are stored during the first payment. For each successive payment the shopper only needs to enter their (CVC/CVV) to complete the order.
One-click has the advantage of ensuring the full card authorisation takes place for each payment, including checks and , if applicable. The potential disadvantage is that the shopper must be present for all payments to supply their card security code.
payments with an amount that is higher than the authorised amount.
A service that helps to initiate , and payments. It is not directly involved in the money flow; typically, it is a web server to which a merchant's website or a POS system is connected.
A payment gateway can be provided by a bank, or can exist as a separate service that connects to one or more . Carouseller combines the functions both of a payment gateway and a payment processor, as well as a and an . This makes Carouseller a full-stack .
An payment can be either or . If a payment has been already captured, it can be also later. Capture, cancel, and refund actions are called modifications, because they modify the state of a payment.
Modifications can be done either manually (through the interface), or automatically (using the Carouseller payments platform ). If an API call is made, the receives an acknowledgement in the response. After Carouseller processes the payment modification, Carouseller sends the result asynchronously through .
A system that connects to a and a in order to make a payment transaction on behalf of a . Usually, a payment processor obtains the payment information from a .
Carouseller combines the functionality of a payment gateway and payment processor, as well as risk management and acquirer. As such it is a full-stack .
A company, which combines the functions of both a and a , can connect to multiple acquiring and payment networks. Additionally it can be an and other financial services.
Carouseller not only operates as a full-stack Payment Service Provider, but also gives its customers a true to accept payments anywhere in the world.
A device that communicates with a shopper's at the . Usually, a card is tapped, dipped (inserted), or swiped at a payment terminal. The terminal then prompts the to enter a PIN or sign (depending on the country, card type, and the transaction amount). It is sometimes referred to as a Pin Entry Device (PED).
Carouseller refers to the payment terminal as "the terminal". The terminal accepts an API request to start a transaction. The terminal displays the amount charged to the shopper and allows printing of a receipt. It will also offer if applicable. Once an authorisation is obtained, the resulting data is sent to the Carouseller payments platform for further processing. The receipt is sent with this data and you can see it in the .
Carouseller uses various types of terminals, optimized for integration with the .
This term has multiple definitions in the payments industry and in general means a large amount of money paid at once to either an individual or a business entity. For example, an transmits a payout to their sub-merchants for the products/services they provide to the marketplace customers.
Being PCI DSS-compliant means that you meet all applicable requirements of the current on a continuous basis. PCI DSS was created by major to increase safety of data and reduce the risk of . All organizations that deal with processing must be PCI-compliant, which means fulfilling very strict requirements on securing cardholder data.
who find it difficult or expensive to fully comply with PCI DSS requirements may consider using encrypted methods (such as ) or outsourcing card processing to a PCI-compliant , such as Carouseller. This way their PCI DSS-compliance scope can be significantly reduced.
A point-of-sale solution allows a to make a cashless in a 's shop or other physical location. This payment is made using , NFC wallets (like Apple Pay), QR code wallets (like Alipay), or prepaid and gift cards.
Carouseller provides its own point-of-sale service, including payment terminals and infrastructure. Merchants that also accept payments online or in-app can use Carouseller as their . This gives them a single reporting dashboard, where they can view all purchases.
Often the terms and cash register are used to denote the software collecting point-of-sale payments.
The means by which the is propagated to the . For example, Keyed, Swiped, NFC.
Electronic payments made by via to buy products or services from at a physical location (for example, a store or a ticketing booth). These payments are usually made with (, , or ).
Other types of electronic payments include (ecommerce) and , which are based on similar infrastructure and usually require a for to automate and maintain these . Carouseller allows its merchants to accept payments (ecommerce, mobile, and point of sale).
An application used at the that allows product selection and that calculates the total amount to be charged from a . Additional functionality can include loyalty handling, stock keeping, and so on. This term is often used interchangeably with cash register.
The POS app can run on a physical machine, or can be hosted in combination with an interface for the staff or customer (in kiosks). To initiate payments, the POS app communicates with the Carouseller Terminal . The POS app is part of a POS system that includes hardware components like a receipt printer, barcode scanner, cash drawer, and payment terminals.
Legacy name, reading the ) from the ) was quick compared to .
Merchants can get the PSP reference from the , webhooks, the API response, and our reporting. It is advised to quote the PSP reference when communicating with Carouseller about specific transactions.
Carouseller, as a , can securely store payment details to enable recurring payments. For this, merchants must enable the recurring contract in the first call to the Carouseller payments platform. In response, they get a token that uniquely corresponds to a specific shopper and their payment data.
When recurring payments are enabled, a merchant can use this token in the future. For this, a merchant passes the token along with the authorisation call every time a shopper should be charged for a , initiates a , or initiates an .
Stored become outdated over time as cards expire or are cancelled. To minimize this disruption, use Carouseller to ensure that you have the most up-to-date card information, enabling you to provide continuous subscription services.
When a cancels the purchase of a product or service, after they have paid. When the makes the refund, the funds are sent back from the to the . If an payment hasn't been yet, a merchant can ; in other cases a refund is possible.
If a merchant refuses to make a refund, a shopper can ask their issuer to make a . In some cases, a merchant is allowed to a chargeback.
Refunds are also referred to as a , because they modify the state of an authorised payment request.
A set of services and techniques to analyze and assign a risk score to each payment transaction. Filtering high-risk transactions allows to minimize the number of and therefore maximize the revenue. Performing accurate risk management is extremely complex, and involves big data analysis.
In the payment world, a retrieval request refers to a formal inquiry made by a to a regarding a specific . The purpose of a retrieval request is to gather more information or documentation about a transaction in question.
A fee that is paid by the to the for each payment transaction made with the card scheme.
The fee amount is determined by the corresponding card scheme, in addition to the .
See also: .
A customer who buys goods or services from a . In this glossary it is assumed that a shopper makes a cashless payment, which means that they use either or to pay.
Depending on the Merchant's business model the accepted POS Entry Modes and can be configured to only consist of a subset of the above.
SCA is mandated in as a way to make online payments and online banking transactions more secure.
that occur on a fixed schedule. Popular examples of subscription payments are music and TV streaming services.
If a recurring payment does not follow a fixed schedule, it is a payment or an payment.
In the context of at Carouseller, the tender is the entire process for the to start the , receive card information, make optional changes to the amount, await , print the receipt, and receive a final status. This entire process is accompanied by a reference for the tender: the tenderReference.
Tokenization is the process of replacing sensitive data with non-sensitive data (known as a token), which can be later used to get access to the initial (tokenized) data. In the payments industry, it is used to safeguard a and other payment data by replacing it with a unique string of numbers. This string can be used later to implement .
Together with Client-Side Encryption, tokenization enables merchants to securely pass their shoppers' data to a , like Carouseller.
In the payments industry, the term "transaction" is used to indicate exchanging of a specified amount of funds from a for purchasing products or services from a , or for fulfilling any other obligations between the two parties.
Funds are usually transferred by means of or (bank transfers, e-wallets, mobile payments, etc.).
An unscheduled card-on-file payment is a type of that's used for transactions that occur on a non-fixed schedule and/or have variable amounts. For example, automatic top-ups when a cardholder's balance drops below a certain amount.
A recurring payment that occurs on a fixed schedule is referred to as a .
If a merchant is , they can store card details by themselves. Otherwise, they must store card details using a like Carouseller.
Aggregator merchants are intermediaries between and an . They are contracted by an acquirer to perform all or some of the following actions on behalf of the acquirer:
The Merchant Category Code (MCC) is a four-digit code that the card networks use to categorize a merchant's business based on what goods or services they offer. It is also referred to as the Card Acceptor Business Code. The acquirer usually assigns each merchant an MCC during onboarding, and populates it for all payments. If the merchant is a , the might assign the MCC instead.
For descriptions of the different MCCs, see and .
A payment facilitator is an entity that is authorized to onboard merchants to an platform and receive settlement funds for them on behalf of an acquirer. Payfacs are a type of . Payment facilitators can perform all the of the following actions:
Onboard merchants on behalf of an acquirer. Merchants onboarded by a payfac are called "".
A merchant who is onboarded to an acquirer through a . The payment facilitator processes all of the sub-merchant's transactions.
