The 3D-Secure technologies "Verified by VISA", "MasterCard SecureCode" and "SafeKey" from American Express protect online merchants against the fraudulent use of credit cards. The merchant therefore no longer has the risk of chargebacks when transactions are revoked for fraudulent reasons and there is a reversal of liability ("liability shift") for all sales concluded via VISA, MasterCard or American Express!

Subscriptions, in this context, are payments that are automatically rebilled after the access time they pay for has expired.

Acceptance centre
Companies which accept payment by card (debit card and/or credit card)

An acquirer is a company which serves as an acceptance point for credit card payments (e.g. from stores, hotels, restaurants, car rental and airlines). Acquirers require a licence from the appropriate card organisation to carry out their activities.

Account Information Security (AIS)
VISA's data security programme. Certification is issued via a PSP (payment service provider) or is acquired by the merchant. The merchant is instructed to treat the cardholder's data in a secure environment, usually within that of the PSP (data protection).

Invoicing period
Fixed period in which turnover made by a merchant or service company is accounted.

Verification of the authenticity of a transaction. This can include, for example, a check of criteria such as the card's validity period, the accuracy of the card number, the accuracy of the PIN, and compliance with total payments limits for each month/week.

CGI (Common Gateway Interface)
The Common Gateway Interface is a general interface for data exchange between a web server and third-party software (e.g. Perl). For example, Perl scripts can be executed via this interface.

In this case, a customer and/or a bank contests the validity of a completed card payment; the money must be repaid.

Co-branding card
A card issued by a credit card organisation or one of its authorised banks together with a commercial company not in the banking industry; the card is specially customised to the needs of the company's customers.

In the online payment sector, 'content' means the content of internet pages, such as text, pictures and videos which are provided against a fee.

Coupons are an incentive tool used in advertising; the idea originated in the 1950s and 1960s and has been revived today. Customers are given discounts on presentation of a coupon. Merchants can use coupons to positively influence consumer behaviour.

CVC2 (Card Validation Code)
Three-digit card verification code on the back of MasterCard credit cards

CVV2 (Card Verification Value)
Three-digit verification code on the back of Visa credit cards

DCC (Dynamic Currency Conversion) offers your customers from "non-Euro" countries the opportunity to pay in their home currency. DCC makes it possible to convert the respective Euro invoice amount into (at present) six currencies: USD, GBP, CHF, DKR, SKR and Yen.

Debit card
Payment card which has a credit limit and with which a cardholder can pay for goods or services through an electronic cash register. When payment is made using a debit card, the amount is directly charged to the customer's account, either immediately or after a few working days. This is therefore often referred to as a "pay now" method.

Decryption of encrypted data.

The revenue-based commission that an acceptance point (merchant) pays to an acquirer.

Short for electronic business (e-commerce); all digitally transacted business processes (usually on the internet or intranet).

Electronic business which is transacted directly on the internet between suppliers and customers. E-commerce is a form of e-business

Electronic payments

E-payment system
System for the electronic payment of goods and services on the Internet.

Electronic cash
System used by the German banking industry that enables customers to pay merchants and service providers electronically. Online authorisation and entry of a PIN are always required in this system. The merchant receives a payment guarantee from the card issuing bank for all transactions.

Direct debit
The invoiced amount is automatically taken by direct debit from the customer's bank account.

Developed by the card issuers Europay, MasterCard and Visa, and from 2005 an obligatory security standard for credit and debit card payments that provides for the changeover from magnet strip to chip cards. EMV/ep2 involves reading and processing the card data from tamper-resistant chips and not from magnetic strips as was previously the case. This obligatory international standard for credit card and debit payments is intended to reduce misuse.

FAQ stands for "Frequently Asked Questions" . FAQs are offered on an internet page as an aid in which answers are provided to the most frequently asked questions

Distance selling
Contracts for services which involve the transmission of credit card data via the internet, mail, fax or telephone.

Floor limit
Amount above which a payment needs to be authorised. Payments below floor limits are guaranteed without authorisation at the acceptance point. The floor limit is determined individually by credit card companies, depending upon the industry and acceptance point.

Charge card
Term used by the German banking industry which in 1996 developed an electronic wallet on EC and customer cards issued by banks and savings banks.

A credit can either be of a financial type or in the form of additional access time to a service, assuming that the customer was unable to use it for a certain period of time.

Liability assumption declaration
Declaration by means of which a contractual partner assumes all risks of remote selling and the liability for all chargebacks.

Liability shift
Fundamentally, a merchant must bear the risk in e-commerce if a cardholder disputes a payment. However, MasterCard SecureCode, Verified by Visa and SafeKey by American Express mean that the risk of disputed payments is transferred elsewhere. This risk shift is termed "Liability shift".

Hash values are often used in order to ensure the correct transmission of data. A so-called 'hash function' (an algorithm) is used to map data of arbitrary length to a fixed length - the hash value. The receiver of the transmitted data can recalculate the hash value using the same algorithm. If the hash values agree, there is a high degree of probability that the sent and received data are identical. Hashes are also used to create a so-called 'finger print' of data that is not supposed to be visible, such as passwords or credit card data. The hash uniquely represents the data content without disclosing it or allowing any conclusions to be drawn about the data.

This is used to personalise credit cards. The characters on a card are marked in such a way that they are raised above the surface of the card. This is called 'embossing'.

Three-dimensional image of an object. Depending on how it is viewed, the object can be seen in the hologram from different angles.

HTML (Hypertext Mark-up Language) is a page description language for the representation of static content in a web browser. HTMLs can also be used to create graphics, links, input fields, etc.

An imprinter (also known as a "credit card machine") is used to transfer the embossed data on a card (see also embossing) onto an invoice form.

Card issuer
Institute issuing a card (e.g. a bank)

Person in whose name a credit or debit card is issued.

Card verification number
The 'card verification number' is on the back of the credit card in the signature field in the case of MasterCard and VISA cards, and on the front of the card in the case of American Express. It consists of 3 or 4 numbers which are listed after the actual card number (see also CVC2 and CVV2).

This is an abbreviation for 'credit card transaction', i.e. the payment of a transaction using a credit card.

Credit card
Card issued with an agreed credit limit by a card issuer. Payment from the cardholder is delayed (to a defined point in time) for all payments made between two billing cycles.

Credit card companies
Companies that own the rights to credit card brands and operate international networks for the transmission of credit card information (e.g. MasterCard International, VISA International, American Express, Diners Club International).

Credit card payment
When a credit card is used for payment on the Internet, the data is transmitted to the appropriate credit card company, which immediately checks its validity and, where applicable, authorises or blocks payment. The merchant can initiate a debit (capture) for an amount authorised in this way at a later stage, so that the card is debited and the money is transferred to the merchant.

Liability shift
Fundamentally, a merchant must bear the risk in e-commerce if a cardholder disputes a payment. However, MasterCard SecureCode, Verified by Visa and SafeKey by American Express mean that the risk of disputed payments is transferred elsewhere. This risk shift is termed "Liability shift".

Maestro is an international debit process which uses the MasterCard infrastructure.

Mail order
One version of remote sales (q.v.), in which the credit card data is transmitted by mail, fax or telephone.

MasterCard SecureCode (MCSC)
Provides security for the use of MasterCard cards in e-commerce transactions. Merchants who use MCSC (via a PSP or themselves) receive a secure payment guarantee for MasterCard transactions across Europe (avoids risk of chargebacks).

Network operators (NO)
A company that transmits credit card payment data from the merchant to the acquirer. NOs are primarily engaged in the retail business (POS hardware terminals in stores), but also offer solutions for e-commerce (software terminals). The NOs listed on our home page comply with our guidelines for secure transactions in the mail order business (CVC2).

Online personalisation of the terminal (OPT)
A security method that was adopted jointly by the German Central Bank and the Central Credit Committee (CCC): In Germany all ec cash payment terminals have used OPT since 1 January 2005.

Partner programme
Partner programmes- also 'affiliate systems' - offer the webmaster involved in a service a commission from sales. Webmasters with high-traffic web pages can easily earn money by advertising through Paycific's partner programmes. Paycific offers linked merchants commissions in the form of a percentage of turnover or a one-time commission payment on completion.

Payment costs
Payment costs refers to all costs which the payment service provider (PSP) charges the merchant for the services.

Payment Service Provider (PSP)
A company that, among other things, transmits credit card payment data from the merchant to the acquirer. Although PSPs are primarily active in e-commerce, they also offer solutions for standard mail order transactions (software terminal).

PHP is a script language which is mainly used to create and structure web pages or web applications.

The protected keyboard at a terminal used to enter a PIN number. In common usage, however, the entire terminal is referred to as a 'PIN pad'.

PIN (Personal Identification Number)
Usually a PIN is a 4-figure number which is used by a customer to identify themselves when paying for goods and services in a cashless transaction.

Plausibility test
Checking data to ensure that it complies with certain rules; usually checksums are used for this purpose.

The clearing of a card transaction (see sales accounting)

The term 'commission' refers to the share of revenue for services provided through Paycific.

Companies responsible for the technical aspects of card transactions; they review transactions, approve them and arrange for payment.

The contractual partner agrees not to submit transactions / sales obtained through mail order / telephone order / remote sales and / or e-commerce using other contractor numbers (e.g. retail contracts) for the distribution of revenues. Furthermore, it is necessary to separate the areas of mail order/telephone order/remote sales from the e-commerce area because of the different clearing paths. Violation of the agreement entitles the acquirer to terminate the contract without notice.

The repayment of a direct debit transaction is called a chargeback.

Side Data Protection (SDP)
A data protection programme provided by the MasterCard brand. Certification is required, merchants must use a PSP (payment service provider) or acquire this themselves. The merchant is instructed to treat the cardholder's data in a secure environment, usually within that of the PSP (data protection).

SSL stands for "Secure Socket Layer" and is supported by all current browsers as a standard for secure data transmission over the Internet. SSLs prevent unauthorised access to sensitive data (credit card numbers, account data). The main purpose is to provide for secure electronic payment transactions over the internet.

A transaction in which the amount payable is cancelled or returned.

Subacquiring / Master Merchant / Sales Cumulator / Concentrator
A contractual partner is obliged to distribute goods and / or services exclusively in his own name and for his own account. The acquirer reserves the right to verify this. Failure to comply gives the acquirer the right to terminate the agreement without notice.

A powered device, sometimes with a keyboard and display, which provides for data exchange in cashless payment transactions.

Ticket number
A ticket number is a unique series of numbers generated by Paycific's support system, which is created when a written query is sent to technical or customer services. It serves, among other things, to track the correspondence between Paycific services and the person asking the question.

The term 'transaction' covers the entire procedure during which payment data is verified and processed. Not only is a successfully settled payment called a transaction, this is also the term used for reservations, cancellations and interrupted payment processes.

URL (Uniform Resource Locator)
A unique and valid Internet address which can be visited directly by users from anywhere on the Internet (e.g. https// The individual elements of the address are separated by slashes. It starts with the data transfer protocol (HTTP), followed by the domain name and, optionally, a path to a particular file.

Verified by VISA (VbV)
Verified by Visa is the globally available solution for online authentications. According to projections, the system could reduce card misuse on the internet by about 80%. Verified by Visa provides for unambiguous identification of the cardholder through the entry of a personalised password. Since April 2002, participating merchants have been protected against losses caused by card fraud. This is even the case when the cardholder has not yet registered for the system at their bank. However, merchants continue to be liable for chargebacks for other reasons. Results of market research undertaken by Visa show that 90% of people who have never bought or paid online would be willing to pay through Verified by Visa, and that 70% of online shoppers use it often.

'Agent' can be used as a synonym for a webmaster who does not bill for his own services through Paycific, but rather advertises services in order to collect a commission payment on sales.

CC number
Abbreviation for contracting company number This can be used to clearly allocate each payment to a company which accepts credit cards. Merchants do not require their own CC number when billing through Paycific Direct.

Web browser
A web browser is a software programme that displays internet pages. Popular web browsers are, among others, Microsoft Internet Explorer, Mozilla Firefox and Opera.

Commercial information file
Acquirers retain the right to conduct credit checks and obtain information and data through commercial and credit agencies and other organisations, including the verification programmes used by the MasterCard/Visa brands (NMAS and MATCH) and any future such systems, and to use this information accordingly.