Glossary
When it comes to the terminology behind online payments, a lot of foreign words are used. That's why we've compiled a list with explanations of the words and abbreviations that are typically used in connection with online payments.
| Term | Description |
|---|---|
| 3D-Secure | A security protocol designed to add an extra layer of protection to online payments by asking the customer to authenticate the payment using a unique authentication code provided by their bank. The process is managed by the card issuer. |
| Acquirer | A financial institution that processes payments on behalf of the card issuer. An acquiring agreement is needed to receive card payments. |
| Acquiring agreement | A contract between a merchant and an acquirer that allows for receiving card payments. |
| ACS | Access Control Server. A component of the 3D Secure protocol. |
| API | Application Programming Interface. Used for custom software integrations to communicate with OnPay. |
| Capture | The process of finalizing a payment, specifically transferring a payment amount from the customer to the merchant. (Will be marked with "Approved" in the log when successful) |
| Cardholder | The end customer (the person holding the card in their hand). |
| Challenge flow | 3D-Secure validation process with SMS code, password, mobile swipe, etc. |
| Chargeback | A dispute due to unresolved sales issues, payment card misuse, subscription payments where unsubscribing has not been possible means that the merchant must involuntarily refund the amount to the cardholder's bank account after the purchase has been completed. |
| Dankort Secured by Nets | 3D Secure validation of Dankort payments in Denmark, typically using MitID. |
| Data controller | The merchant. |
| Data processor | In this case, OnPay. |
| Data subject | The card holder/customer. |
| Four Party Scheme | The parties that make up the online payment network: the cardholder (the customer), the merchant, the card issuer (the bank) and the acquirer. The facilitating parties that make up the payment network are the payment gateway and the card organization. |
| Frictionless flow | The 3D-Secure validation process is attempted automatically, i.e. without “friction”. |
| High Risk | High-risk categorization of a webshop due to the product range can affect the webshop's possibilities when it comes to getting an acquiring agreement. |
| Interchange fee | A fee that the acquirer pays to the cardholder's bank in order to process the customer's card payment. |
| Liability shift | The transfer of responsibility for fraudulent transactions from the merchant to the card issuer or acquirer, depending on the payment method and authentication used. |
| PAN | Primary Account Number is the series of digits embossed on the front of a credit, debit or prepaid card. The PAN is usually also encoded into the magnetic stripe on the back of the card. |
| PCI DSS | The Payment Card Industry Data Security Standard is a certification and global forum that brings together payment industry stakeholders to develop and promote the adoption of data security standards and resources for secure payments worldwide. |
| PSD2 | Payment Service Directive 2 or PSD2 directive. PSD2 sets standards for how payments are handled in the European payments industry through SCA etc. |
| PSP | Payment Service Provider. This is equal to the service OnPay offers. |
| Recurring Payment | Subscription payment, where the merchant continuously deducts an amount from the customer's payment card based on a signed agreement. |
| Response codes | Codes returned by a PSP or acquirer indicating a simplified status of a payment transaction. |
| SCA | Strong Customer Authentication. A security protocol required by the Payment Services Directive 2 (PSD2), which aims to reduce fraud. In practice this is achieved using 3D Secure and is required for all EU payments. In some cases SCA can be achieved using a wallet service. |
| SSL | Secure Socket Layer. A security protocol that encrypts data transmitted over the internet. |
| Surcharge | Card fees charged to the customer. |
| TLS | Transport Layer SSecurity. A security protocol that encrypts data transmitted over the internet. |
| Tokenization | Tokenized payments is the process of replacing the traditional payment card account number with a unique digital token for online and mobile transactions. |
| URL | Uniform Resource Locator. The address of a resource on the internet, such as a web page or file. Commonly known as a web- or internet address. |
| Wallet | A wallet can be seen as a digital wallet containing tokenized payment cards. Payment is typically made via an app with PIN or biometric authentication. |
Notice: Information regarding coverage of any fraudulent transactions carried out with Dankort Secured by Nets and 3D-Secure: Nets does not have liability shift (coverage) for fraudulent transactions carried out through Dankort Secured by Nets. However, this is the case in the event of fraud on transactions carried out with 3D-Secure.