• 3-D Secure Protocol

    An XML-based protocol designed to be an additional security layer for online credit and debit card transactions.

A

  • Account Takeover Fraud (ATO)

    When a legitimate customer’s account is illegally accessed for the purposes of committing fraud.

  • Address Verification System (AVS)

    System used to check the billing address of credit cards with the address on file at the credit card company. AVS is widely supported by Visa, Mastercard, and American Express in the US, Canada and the UK.

  • Affiliate Fraud

    Refers to any false or unscrupulous activity meant to generate commissions from an affiliate marketing program.

  • ATO
  • Authorization

    Merchant-determined threshold over which purchases must be authorized. Merchant obtains authorization from the bank for the charge, and ensures the credit card is approved for use and has sufficient funds for the purchase.

  • AVS

B

  • Bust-out

    Type of credit card fraud where an individual establishes a normal usage pattern and solid repayment history, then racks up numerous charges, maxes out the card and defaults.

C

  • Card Not Present (CNP)

    Type of fraud generally perpetrated online where the card is not present for the transaction.

  • Card Testing

    Card testing is a process in which fraudsters visit online stores to make random purchases for the purpose of verifying stolen credit card information, making sure it is not blocked or canceled or has exceeded the credit limit.

  • Card Verification Value (CVV)

    Card verification value (CVV) is a three- or four-digit number printed, not embossed, on a credit card to help verify that a customer possesses the card.

  • Chargeback Fraud

    The customer files a chargeback on a legitimate transaction, either claiming they didn't receive the order or didn't place the order, so they can keep the product and receive a full refund on the original purchase. This leaves the merchant on the hook for the lost revenue they would have earned on the sale, plus expensive chargeback fees — not to mention the potential loss of their merchant account if their chargeback ratio is too high.

  • Chargebacks

    The reduction of unpaid invoices owed to a trade creditor due to fraud, a dispute, return, offset, or any reason other than an account debtor's inability to pay.

  • CNP
  • Collusion

    Two or more parties acting together to defraud.

  • Credential Stuffing

    An attack that tests stolen credentials on website and mobile application API servers, to discover instances of password reuse across those applications and enable large-scale account takeovers.

  • Credit Card Fraud / Credit Write-Off Fraud

    Fraud committed using a credit card or any similar payment mechanism as a fraudulent source of funds in a transaction. The purpose may be to obtain goods without paying, or to obtain unauthorized funds from an account.

  • Customer Insult

    When a legitimate customer’s transaction is mistakenly declined, generally for suspected fraud.

  • CVV

D

  • Drop Box Shipping

    Drop box shipping fraud occurs when a buyer uses stolen credit card information to purchase product online from a merchant. The product is drop shipped to a location that differs from the billing address. Upon discovering the stolen credit card information, the merchant is still responsible for paying the drop shipper and as a result has lost not only the money but also the product.

E

  • e-Commerce

    Electronic commerce (e-commerce) refers to transactions that occur through an electronic medium between businesses and consumers. Can be B2B, B2C or C2C

  • EMV

    Abbreviation for Europay, MasterCard, Visa. It is the global standard for chip-based Debit and Credit Card transactions.

F

  • False Decline / False Positive

    When a legitimate customer’s transaction is mistakenly declined, generally for suspected fraud.

  • Friendly Fraud

    The customer files a chargeback on a legitimate transaction, either claiming they didn't receive the order or didn't place the order, so they can keep the product and receive a full refund on the original purchase.
    This leaves the merchant on the hook for the lost revenue they would have earned on the sale, plus expensive chargeback fees — not to mention the potential loss of their merchant account if their chargeback ratio is too high.

G

  • GDPR
  • General Data Protection Regulation (GDPR)

    Regulations for businesses in the EU or anyone processing transacations from EU end users specifying what personal data can be collected and how it can be used. Also specifies fines for noncompliance.

I

  • Issuer

    A bank or FI that issues cards to consumers on behalf of the card networks (Visa, Mastercard). The issuer acts as middleman between consumer and the card network by contracting with the cardholders for the terms of the repayment of transactions.

K

  • Know Your Customer (KYC)

    The process of a business verifying the identity of its clients and assessing potential risks of illegal intentions for the business relationship. The term is also used to refer to the bank regulations and anti-money laundering regulations which govern these activities.

  • KYC

L

  • Liability Shift

    The liability for chargebacks resulting from fraudulent transactions moves from the merchant to the issuing bank if the merchant has authenticated the transaction using any of the 3-D Secure protocols. Without Consumer Auth, merchants are liable for chargebacks.

M

  • m-Commerce

    Mobile commerce (m-commerce) refers to transactions that occur through a mobile device between businesses and consumers. Can be B2B, B2C or C2C

P

  • PA DSS
  • Payment Application Data Security Standard (PA DSS)

    PA DSS is a system designed by the Payment Card Industry Security Standards Council and adopted worldwide. The standard aims to prevent developed payment applications for third parties from storing prohibited secure data including magnetic stripe, CVV2, PIN.

  • Payment Card Industry Data Security Standard (PCI-DSS)

    A widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions, and protect cardholders against misuse of their personal information.

  • Payment Service Provider (PSP)

    Provides online businesses with services for accepting electronic payments via credit card, direct debit, bank transfer, etc.

  • Payment Services Directive (PSD)/PSD2

    PSD2 is an update to the Payment Services Directive (PSD) that was adopted in 2007 by the European Commission (EC). PSD created the legal foundation for a Single Euro Payments Area (SEPA), essentially establishing a single market for payments (e.g. credit transfers, direct debits, cards) in the European Union.

  • PCI-DSS
  • POS

    Point of Sales

  • Promotion Abuse

    Fraudster opens many accounts to take advantage of a promotion offered to customers who open a new account

  • PSD2
  • PSP

S

  • SCA
  • Strong Customer Authentication (SCA)

    Increased requirement under PSD2 for securing online payments using Strong Customer Authentication (SCA). SCA must use two or more of the following independent factors: Knowledge, Possession, Inherence

  • Syntehtic Fraud

    Fraudsters create a false identity using bits of real and fake data combined to form a new fictitious identity, then use it to obtain credit, make purchases or open new accounts.