An XML-based protocol designed by Visa, which acts as an additional security layer for online credit and debit card transactions. Adopted by MasterCard, American Express and JCB, it allows shoppers to create and assign passwords to their cards as additional authentication.
These systems protect all parties including the shoppers, banks and merchants against unauthorised card use. Available to all companies using the Vellaris Payment Solution.
A bank or financial institution that is a registered member of a card association. Provides the ability to accept credit and debit cards online. With the help of a payment gateway, it is able to acquire payments from the card-issuing banks.
It also supplies the financial backing to support the risk of merchant processing.
An extra security measure that verifies a cardholder’s billing address. The system checks the address of the card provided by the user against the address that is on the credit card’s system.
AVS is an extra security measure by Visa and has proved successful in substantially reducing the number of disputed transactions.
A procedure whereby a card holder or the card holder’s bank disputes transactions to credit cards. Initiated by the issuing bank, it allows shoppers to forcibly reverse a transaction by refunding the customer from the merchant’s bank account. In addition, the merchant must pay a fine to the bank and credit card associations penalize them.
Also known as the Card Security Code (CSC), CVC or CVV, CV2 stands for “Card Verification Value“. It is the three-digit number printed in the signature space on the back of most credit cards, such as Visa, Mastercard, and Discover cards.
A Merchant Account is offered by the Acquiring Bank to the merchant upong entering into a merchant agreement. It acts as an open line of credit that allows the acquiring bank to accept transactions on behalf of a business and deposit funds from sales into the business’ deposit account.
A unique identification number assigned to each Merchant Account, which allows a business to be identified by the banks and credit card institutions, in order to accept credit card payments on behalf of your business.
An essential part of accepting payments online, a payment gateway is a unique and highly advanced program that secures the information from credit and debit cards and generates a message in a coded format about a transaction. This message is then passed onto the bank for processing. The bank can then approve or decline before settling.
Payment Card Industry Data Security Standard is a world-wide benchmark established by various card schemes (Visa, MasterCard) to help increase the security of card payment processing. It does this by imposing certain security controls surrounding the storage, transmission and processing of cardholder data that businesses handle. This way, credit card data protection is partially a responsibility of the merchant, as well as anyone who deals with processing payment information. This includes Vellaris, with technology that reached the highest PCI DSS Level 1.
There are 12 PCI DSS Requirements.
Build and Maintain a Secure Network
1. Install and maintain a firewall configuration to protect data
2. Do not use vendor-supplied defaults for system passwords and other security parameters.
Protect Cardholder Data
3. Protect stored data (use encryption)
4. Encrypt transmission of cardholder data and sensitive information across public networks
Maintain a Vulnerability Management Program
5. Use and regularly update anti-virus software
6. Develop and maintain secure systems and applications
Implement Strong Access Control Measures
7. Restrict access to data by business need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data
Regularly Monitor and Test Networks
10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes
Maintain an Information Security Policy
12. Maintain a policy that addresses Information Security
A way of making regular payments to a merchant. A customer may give a third party authorisation to claim regular payments from a cardholder. A useful feature for subscription web-sites. This is a slightly different set-up from Direct Debit, where a customer gives access to a third party to collect payments directly from the bank account.
Self-Assessment Questionnaire is a validation tool for merchants, originated by the PCI DSS Council. It is a questionnaire that assist merchants in self-evaluating their compliance with the above-mentioned PCI DSS requirements.
The Secure Socket Layer protocol was created by Netscape to allow sensitive information such as credit card numbers and login credential to be transmitted securely. It uses a cryptographic system to encrypt customer data while online payments are being processed.
All electronic transactions using Vellaris will be encrypted using SSL technology.