No matter how familiar you are with the payment card industry, you have undoubtedly heard a variety of terms and acronyms thrown around. And though the terms are used frequently, this doesn’t mean that everyone knows exactly what the words or letters mean. While learning all of these terms won’t necessarily make you a payment card industry expert, they can help you familiarize yourself, so you can better understand what is being discussed and how it may impact you and your business.
Here are 11 payment card industry terms that everyone should know:
1. Acquirer: An acquirer is an organization licensed as a member of Visa/MasterCard as an affiliated bank or bank/processor alliance that is in the business of processing credit card transactions for businesses (acceptors) and is always acquiring new merchants.
2. Encryption: This is the process of converting information into an unintelligible form of a specific cryptographic key. The use of encryption protects valuable card data information from the encryption process, until the decryption process, against unauthorized disclosure. This helps to make the card information essentially useless to those who attempt to intercept the card data while in transit.
3. Interchange Fee: This is a fee paid by an acquirer to an issuer for transactions entered into interchange. The interchange fee is a percentage applied, according to Visa/MasterCard regulations, to the dollar value of each transaction.
4. Merchant Identification Number (MID): This number is generated by a processor/acquirer and is specific to each individual merchant location. This number helps to identify the merchant during processing of daily transactions, rejects, adjustments, chargebacks, end-of-month processing fees, and more.
5. Payment Application Data Security Standards (PA-DSS): This standard, formerly referred to as the Payment Application Best Practices (PABP), is the global security standard created by the PCI SSC, which was implemented in an effort to provide the definitive data standard for software vendors that develop payment applications. The goal of PA-DSS is to help software vendors and others develop secure payment applications that do not store prohibited data.
6. PCI: This is the acronym for the Payment Card Industry.
7. Payment Card Industry Data Security Standards (PCI DSS): The PCI DSS is an information security standard for organizations that handle cardholder information for the major debit, credit and point of service cards. The PCI DSS standard includes requirements for security management, policies and procedures.
8. PCI Compliance: PCI Compliance refers to the industry-mandated security standards (PCI DSS and PA-DSS) that apply to all businesses that handle, process or store credit or debit cards. Businesses much meet the set requirements of the standards in order to be deemed PCI compliant.
9. PCI Compliance Level: All merchants fall under four categories of PCI compliance (Level 1, Level 2, Level 3 and Level 4), depending on the number of transactions they process each year, and whether those transactions are performed from a brick and mortar location or over the Internet. Each merchant must meet the compliance requirements for their PCI compliance level.
10. Point-to-point Encryption: Point-to-point encryption (P2PE) ensures cardholder data is protected from card swipe all the way through to the processing banks. The valuable cardholder data is encrypted prior to performing an electronic payment transaction, making it useless to potential theft,
11. Point of Sale (POS): A location where credit card transactions are performed with the cardholder present, such as a retail store. The card is read magnetically, and the cardholder's signature is obtained as insurance against the transaction. This is the most secure form of credit card commerce.
To learn more about PCI Compliance, the payment security industry and how it can effect your business, contact Element Payment Services today.