Glossary

3D Secure or “3DS”

3D Secure (3DS) is a way for Issuing Banks to authenticate consumers who use their cards to pay online.

Online payments which have been authenticated do not carry a risk of fraud for the Merchant.

Acquirer or “Acquiring Bank”

The Acquirer or “Acquiring Bank” is a bank which acquires funds for merchants from a cardholder.

Authentication

Authentication is the process of proving an identity to be valid, typically using a shared secret.

This is commonly an act of “logging in” using a static password, or a One Time Password (OTP) sent over SMS or generated by a 2nd factor device, known only to the two parties.

In payments, Authentication is the process of the consumer proving their identity to an Issuing Bank usually as a precursor to an Authorisation.

Authorisation or Authorization

An Authorisation is the process of an Issuer verifying the payment details provided by a consumer and reserving funds in the consumer’s account.

Once an Authorisation has been granted, the payment is completed by ‘Capturing’ the authorisation.

Issuers subject Authorisation requests to risk analysis based around the consumer’s prior activity and the details of the Authorisation attempt itself.

Capture

Once an Authorisation has been granted, the payment is not complete until it has been Captured.

Capturing a payment starts the process of the funds transferring to the merchant from the consumer.

Chargebacks and Disputes

The terms Chargeback and Dispute are used interchangably but collectively refer to the process by which a cardholder seeks a return of funds from a Merchant.

The ‘Dispute Process’ is initiated by a cardholder complaint to their Issuing Bank about a particular transaction.

The Merchant then has an opportunity to Defend the transaction by submitting evidence to support their belief that the transaction was fair.

At the end of the process a decision is reached, at which point the cardholder and merchant will respectively Win or Lose.

GDPR

The General Data Protection Regulation (GDPR) applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location. Read more about Ravelin and the GDPR.

Issuer or “Issuing Bank”

The Issuer or “Issuing Bank” is a bank that issues cards for cardholder to make payments with.