Is amdcpusettlement com a scam or legitimate

Here you can also find our glossary as a PDF download (glossar.pdf).

3D Secure! 3dsecure, 3DSecure

3D Secure is a security standard for online retailers that was jointly developed by Mastercard and Visa. This is not only intended to minimize the risks of fraud in the e-commerce sector, it can also generate additional sales and promote customer loyalty via the Internet. The procedure enables cardholders to authenticate themselves during the payment process with a personally assigned password. The introduction of the security standard is accompanied by a liability shift, which means that e-commerce sales complained about by the customer can no longer be returned to the retailer if the retailer supports the 3D Secure technology. For more information, see Mastercard Secure Code or Verified by Visa.

Negative response to an authorization request: The card issuer bank (its representative or contracted service provider) rejects the requested turnover.

Procedure for bringing about mutual payment settlement between the issuer and acquirer banks for the card transactions billed per day (including fees).

All transaction data required to properly settle card transactions between acquirer and issuer banks, such as MCC (Merchant Category Code), country code, amount, time.

Information obtained during the transaction is not or only partially printed out on receipts. Example: Mastercard stipulates that ATM receipts may only contain the card number in abbreviated form. Many retailers are also starting to program the terminals in such a way that the card number is no longer printed out in full on the receipt. In this way, fraudsters can be prevented from gaining possession of valid card data through discarded receipts, e.g. from the recycle bin.

The infrastructure created by the merchant bank to guarantee the acceptance of payment cards. The infrastructure usually includes: ATMs, POS terminals and communication networks for routing transaction data and information.

This term encompasses all technology that is required for network access. This includes the following individual components: Access to the online routing service, to the authorization services and additional security modules for PIN encryption and verification.

An account number issued by the card-issuing bank to assign a card account to be charged for transactions.

Dealer bank through which the merchant settles.

The card usage file contains the transaction data for a specific card account within a specific period of time. In the case of services performed 'on behalf of a card-issuing bank', each time a transaction is authorized, a comparison is made with this file in order to ensure that the credit limit specified by the card-issuing bank is not exceeded.

Member institute with a sub-license from a main license holder (e.g. card organization). The sub-licensee can act as an issuer and / or acquirer under licensing responsibility of the main license holder.

Account information security. The objective of Visa AIS is to support merchant banks, merchants, service providers and other external service providers in the secure handling of sensitive card and transaction data. The program defines security requirements for the processing, storage and transmission of confidential information. This is intended to identify any security gaps in your own systems and avert possible consequential damage. AIS is part of the common PCI standard.

Acceptance of payment cards by an authorized dealer (institute - ATM / trade - POS)

The infrastructure created by the merchant bank to guarantee the acceptance of payment cards. The infrastructure usually includes: ATMs, POS terminals and communication networks for routing transaction data and information.

Retail and service companies that conclude a contractual agreement with an acquirer bank for the acceptance of payment cards. Such an acceptance contract (dealer contract) regulates the conditions under which payment types are accepted.

Prima facie evidence

The prima facie evidence (also: proof of the first prima facie evidence) is a method of indirect evidence used in civil proceedings. Based on empirical statements, conclusions can be drawn from proven facts to facts that have to be proven. The facts must correspond to a typical, i.e., according to general life experience, indicate a certain cause or a certain process as decisive for the occurrence of a certain success.


In payment card law, for example, such empirical sentences that indicate a certain typical misconduct by the payment service user are recognized and are to be used within the framework of §§ 675v-675w BGB. According to this, prima facie evidence generally suggests that either the payment service user authorized a disputed transaction with the card and PIN himself, or that the payment service user violated his duty of care when handling the card and PIN and an unauthorized third party after the theft or other loss of the card was only able to gain knowledge of the PIN because it was stored together with the card (or because of other breaches of duty of care).

= application programming interface: A programming interface that is made available by a software system for connecting other programs.

Application Authentication Cryptogram

A cryptogram that is created during the authenticity check of rejected chip transactions.

An approval request for a transaction (transaction) is forwarded by the merchant to the card-issuing bank (issuer) or its service provider. The acquirer issues the approval (authorization) of the sales and forwards this approved transaction to the merchant.

A fee that each member bank has to pay to the card organization for the performance of joint control, management and security tasks.

Asymmetrical encryption method

In contrast to symmetric encryption, the asymmetric encryption method requires two keys for encryption and decryption. Both keys are independent of each other and cannot be mutually determined. See also private key and public key.

Automated Teller Machine / Cash Dispenser (GA / GAA)

ATSAutomated plate system; ats

Automated Teller System (multi-function ATM)

Automated Teller System: Multifunctional device for cash dispensing and depositing, among other things

Request to contact us

After the authorization request from the dealer, he receives the authorization response that he should contact the card-issuing institute or its processor for approval. Only used for additional identification of the legitimate cardholder in the event of unusual sales behavior and not for creditworthiness monitoring.

Exchange of accounting data (clearing) clearing

Clearing describes the processing of the payment (debiting and crediting of the payment amount) between the merchant bank and the card-issuing institution

Authentication authentication, customer authentication

Legitimation of the customer for payment through his signature, PIN entry or other biometric features.

The authorization number is issued by the card issuing bank (issuer) as a result of an authorization request and is in turn confirmed by the acquirer to the merchant. Without this authorization number, the merchant has no guarantee of payment for the transaction.

The card-issuing institute sets parameters for the possible uses and the limit of the card. Each authorization request is checked according to these parameters and a corresponding response code is sent (-> Approval -> Rejection -> Call Referral -> Withdraw card).

Authorized certification authority

Central authority within a cryptographic system, commissioned and authorized to sign public keys for all system participants and to send the results back to the respective key holder in the form of 'public key certificates'.

Authorization authorization

Procedure for approving or rejecting card sales requests. The sales request is sent through the dealer terminal or the ATM to the card-issuing bank or savings bank or the commissioned computer center (processor). The answer can mean an approval, a rejection of sales, a request for a card debit or an authentication check.

The card-issuing institute sets parameters for the possible uses and the limit of the card. Each authorization request is checked according to these parameters and a corresponding response code is sent (-> Approval -> Rejection -> Call Referral -> Withdraw card).

Abbreviation for Federal Financial Supervisory Authority. Since May 2002, BaFin has united the supervision of banks, financial service providers, insurers and securities trading under one roof.

Account balance query of a cardholder at the ATM.

Bank Identification Number

Is the unique identification number of a payment system that is assigned to a member bank or savings bank.

Mastercard's own communication network for handling the entire 'interregional' and signature-supported Mastercard transaction traffic. BankNet and EPS network are connected to one another via an access point. This enables non-European acquirer banks to exchange data with European issuer banks and vice versa. See also Mastercard Debit Switch (MDS).

Banknet telecommunications network

Mastercard's worldwide telecommunications network as the primary data transmission facility that integrates all Mastercard customers and Mastercard data processing centers into a single online financial services network.

The process of withdrawing cash, e.g. from an ATM. If several functions are offered at the ATM, e.g. loading the GeldKarte chip, a selection must be made. When abroad, cash withdrawals from ATMs are usually displayed as 'Cash Withdrawal'.

Card disposal for cash procurement - either at an automated teller machine (ATM) or in the branch of a member bank or an agency authorized to do so.

Observation of card usage with regard to transactions that are out of the ordinary. Behavioral scoring is a fraud prevention method. It is checked to what extent the current card usage of a cardholder in relation to the transactions contradicts his previous card usage.

A fee that each member bank has to pay to the card organization for the performance of joint control, management and security tasks.

Fraudulent card application

Describes the behavior of a person who, in their card application, provides the card-issuing bank or savings bank with false information about the fraudulent acquisition of a payment card.

Fraudulent card use

If the cardholder neither carries out a transaction himself nor authorizes another person to use his or her card or card number, the occurrence of a transaction is fraudulent use of the card. In some of these types of fraud, the dealer / contractual partner can also be involved as an accomplice.

Fraudulent dealer

This term refers to a trader who knowingly and willfully engages in fraudulent activity.

BIC (Bank Identifier Code) is an internationally standardized bank code with which every partner participating directly or indirectly worldwide can be clearly identified. It consists of an 8-11-digit combination of letters and numbers that provide information about the institute, country, location and, if applicable, branch office.

Is the unique identification number of a payment system that is assigned to a member bank or savings bank.

BioLoginBio login, biologist, bio login, bio login

A dynamic authentication process using BioPIN, in which all data typed by the user, i.e. the user name and, in the case of two-factor authentication, the password, are evaluated using typing biometrics.

Technical processes that enable unambiguous identification due to unmistakable physical characteristics. These include, for example, fingerprints, field of view dimensions, IRIS recognition (eye).

A science that measures and analyzes biological data and characteristics (e.g. DNA, fingerprint, iris).

Biometric identification procedures

Technical processes that enable unambiguous identification due to unmistakable physical characteristics. These include, for example, fingerprints, field of view dimensions, IRIS recognition (eye).

BioPINBio PIN, Biopin, bio pin, Bio-Pin

One-time PIN generated by the authentication server, which is presented to the user and who has to type it in in words. The typing behavior is recorded as a biometric feature. In this way, the BioPIN is biometrically linked to the person typing it in. The BioPIN serves as a dynamic biometric authentication factor in contrast to the static authentication factor password and is therefore immune to replay attacks.

BioTANBio Tan, biotan, bio tan

Essentially a BioPIN, which is not generated randomly, but is derived from the data of an existing online transaction. This means that the BioTAN is tied to both the transaction and the person typing it in.

Bitcoin is the world's leading cryptocurrency based on a decentralized booking system. Payments are cryptographically legitimized and processed via a network of equivalent computers. Unlike in the classic banking system, no central clearing of money movements is necessary.

Black BoxBlack-Box, black-boxing, blackboxing, blackbox

In black box attacks, criminals connect an unauthorized device directly to the ATM and cause it to dispense the cash. The black box must have USB or hardware interfaces that connect it to the target device.

These are white plastic cards with only a magnetic strip. Criminals often apply the data from real cards to these blank cards (-> skimming = reading out a magnetic strip on a real card) and use these cards fraudulently.

One speaks of blocking when a card-issuing bank decides to either prevent certain functionalities on the chip or the use of the card itself.

Blockchain, in English: data block chain, describes an innovative technology that was specially developed for processing payments for transactions with the virtual currency Bitcoin.

BotnetBotnet, botnets, botnets

A group of illegal, automated computer programs.

Subdivision of companies depending on your business activity or your range of products or services.

The brand name of a specific card product that is approved for use as a payment medium within a specified territory.

Combination of names, symbols and colors as a proprietary trademark for the visual embodiment of the brand identity.

Federal Office for Security in Information Technology

A card type for companies, usually with fewer than ten employees, to pay for business expenses. Both the name of the authorized card holder and the company name can appear on the card. The monthly payment settlement takes place, depending on the internal company agreement, via the business account or at the expense of the employee's private account.

Business-to-Business CommerceB2B

With the abbreviation B2B (B-to-B, short form for: business to business) are business relationships between companies.

When answering an authorization request, the issuer asks the acquirer to transmit additional information to him (or his service provider). Only then will the issuer decide whether this transaction will be approved or rejected.

Card Authentication Method

Procedure for checking the authenticity of a card. In the case of credit cards with magnetic stripes, this also includes the presence of a hologram, which is visually checked by the merchant. The authenticity check of the encrypted data in the magnetic stripe is carried out by the issuer. In the case of chip cards with encrypted data in the chip, the authenticity check is carried out by the chip terminal or also by the issuer.

A bank that issues payment cards, accepts transactions from its cardholders from other member banks or merchants, guarantees payments with the card and collects the corresponding transactions made with the card from the cardholder's account.

Production (printing), embossing and coding of the cards as well as equipping them with all the features and service functions that an issuer bank would like to make available to its cardholders.

Card reader internal skimming device card reader internal skimming device

This type of device, type skimmer, is placed in various places inside the motorized card reader.

In relation to chip cards, this term describes a number of checking options and processing options that are available with a chip in order to reduce damage caused by fraud. For example, a chip card could be programmed in such a way that every 'nth' transaction has to be authorized online. An online limit can also be set - an amount from which online authorization is required from the card.

Card SchemeCard Scheme, Card Schemes

Card organization / s

Card trapping card trapping

Describes a form of trick theft in which ATMs are manipulated in such a way that the payment cards are no longer released after they have been inserted into the card slot. Customers then mistakenly assume that their card has been withheld. In fact, however, it is still in the manipulated card slot and is removed by the tricksters as soon as the injured party has left the machine.

Card-Not-Present-Environment CNP, CNP-Evironment

An environment in which transactions are made under the following conditions: the cardholder is not present in a physical store and / or the card is not physically present. These include transactions in the areas of: electronic commerce, orders in writing or by telephone (mail order), direct debit orders and telephone services.

Card-not-present-Fraud Card not present Fraud

A “card-not-present-environment” refers to transactions in which the card is not physically present. That means, when making purchases on the Internet (e-commerce), by telephone or by mail order (mail order / telephone order) or when ordering by post or fax. This can also lead to fraud, which is then called "CNP fraud". Card issuers, acquirers, merchant banks and, in some cases, merchants themselves use various systems to avoid damage, such as B. 3D-Secure.

A person for whom a card has been lawfully issued. The card account is assigned using the card number of the holder.

Cardholder activated terminal

Terminal machine for self-service, makes certain products or services available and can usually be found in train stations, airports, petrol stations, toll stations, parking garages and other service areas.

Cardholder verification method

Procedure for determining the personal legitimacy of a cardholder. These include, for example, signature comparisons and PIN checks; In the future, biometric verification procedures can also be used.

Card disposal for cash procurement - either at an automated teller machine (ATM) or in the branch of a member bank or an agency authorized to do so.

Cash trapping (literally translated as money trap) describes the manipulation of the ATM, in which a deceptively real-looking additional cover strip is attached to the output shaft in such a way that the banknotes are prevented from being dispensed. Customers who wait in vain for their money get the impression that money is being paid out. As soon as the customers have moved away from the ATM, the perpetrators remove the cover with the cash attached to it.

The process of withdrawing cash, e.g. from an ATM. If several functions are offered at the ATM, e.g. loading the GeldKarte chip, a selection must be made. When abroad, cash withdrawals from ATMs are usually displayed as 'Cash Withdrawal'.

CDACombined Data Authentication

The abbreviation CDA stands for "Combined Data Authentification", a security procedure for new generations of cards with chips that is supposed to provide better protection against misuse. At CDA, a combination of dynamic card and terminal data is signed with its own, non-readable RSA key for authentication purposes. The data cannot be copied, and the PIN is only encrypted over the line. The German credit industry prescribes the use of DDA or CDA for debit cards.

A central acquirer processes transactions from an international company (airline, hotel, car rental company, etc.).

Cross-border contract business with central billing.

An international company with employees in different countries issues cards from a central bank.

CEO FraudCEO Fraud, CFO Fraud, CFO Fraud

In this scam, which is still relatively new in Germany, the fraudster pretends to be a managing director or member of the board of directors of the company and asks an employee responsible for banking transactions, usually via a fake email address, to urgently transfer a large amount of money abroad.

This process is used to encrypt data on the basis of so-called public encryption methods. This is the digital assignment of a 'public key'. The owner hands this over to an authorized certification authority for digital signing. The result is sent back to the owner in the form of a 'public key certificate'

Central authority within a cryptographic system, commissioned and authorized to sign public keys for all system participants and to send the results back to the respective key holder in the form of 'public key certificates'.

Payment card or credit card for a card account on which the current disposals / transactions are billed collectively over a certain period of time and then on the reference date or usually on a monthly basis. The cardholder then fully balances the total balance for the respective billing period.

Charging of a card transaction back to the acquirer by the issuer bank. The procedure is used if the cardholder complains or disputes a transaction that has already been billed for reasons for which a chargeback right is provided. The term 'chargeback' also refers to the electronic data exchange between the issuer bank and the acquirer bank that causes the chargeback.

Chargeback period

Number of calendar days, calculated from the date of issue of the transaction receipt (or the day on which the transaction was processed, depending on the applicability) during which an issuer can make use of the chargeback right.

The smart programs often act as online assistants and are used on websites or in apps to communicate with customers. You can automatically respond to chat questions and are available around the clock for other customer concerns. You recognize the topics by means of keywords and generate automated answers.

POS terminal that can read chip cards.

Chip-TAN procedureChipTAN

The Chip-TAN procedure (often also referred to as SmartTAN procedure) only works with a separate TAN generator. The customer inserts his PIN-protected payment card equipped with a chip into the TAN generator to authorize the respective transaction.

Card with an integrated microprocessor (chip) for carrying out chip and magnetic stripe transactions. Chip cards have a data memory and logical computer capacity. In addition to being used in payment transactions, chip cards can also take on additional service functions. The terms 'smart card', 'integrated circuit card', 'ICC' and 'IC card' are also often used for chip cards.

Chip card transaction

Transaction with chip card at a terminal with chip card reader. The data is electronically read in the chip by the terminal and sent in encrypted form with the approval request.

Cirrus is the name and trademark of an international ATM (network of ATMs) system owned by Mastercard International and operated by Cirrus System Incorporated (Mastercard subsidiary). Mastercard cards and the bank's own cards from national debit and credit systems participate in the Cirrus program. Cardholders from participating banks have access to the international ATM network known as the Cirrus ATM Network.

Clearing describes the processing of the payment (debiting and crediting of the payment amount) between the merchant bank and the card-issuing institution

All transaction data required to properly settle card transactions between acquirer and issuer banks, such as MCC (Merchant Category Code), country code, amount, time.

ClearnetClearnet, Clearnets

In contrast to the Darknet, the Clearnet is more or less the normal Internet that can be accessed via normal browsers. These pages can be found with normal search engines.

Virtual storage space

Cloud BiometricCloud-Biometric, Cloudbiometric

Sensorless and therefore cloud-enabled biometric process.

Co-branded cardCo-branded card, co-branding, co-branding

Co-branded card = payment card issued by a member bank in partnership with another company, with the company logos of both organizations appearing on the card. The target group is the customer base of the partner involved in the program from the retail, service sector or other business sectors.

Complicity (through fraudulent consent). This term describes the knowingly and willful participation in fraudulent activities.

This term refers to a trader who knowingly and willfully engages in fraudulent activity.

Percentage of sales that an acceptance point pays to its acquirer.

A point of acceptance where there is suspicion that cardholder data has been used unlawfully without the knowledge of the cardholder, e.g. by copying the contents of the magnetic stripe data to create duplicate cards ('white plastic'). In the debit area, the term 'point of compromise' or 'POC' is used for this.

If the complaint cannot be dealt with in the conventional way (chargeback regulations), there is the option of having the matter clarified in an arbitration procedure by submitting all evidence.

The date on which an amount (card transaction) is converted from one currency to another using the conversion rate applicable on that day for transactions of this type.

The rate at which amounts are converted from one currency to another.

Mastercard or Visa card product intended for large companies and their employees to pay for business-related expenses. Both the company name and the name of the authorized card holder appear on the card. Company cards are generally used to pay for travel and entertainment expenses, which are usually settled via a central company account, with the issuing bank also providing additional information (e.g. separate listing of VAT), which makes it easier for the company to centrally monitor and control such business costs.

Counterfeit Cardcounterfeit

A counterfeit card produced for fraudulent purposes, which is personalized by printing or embossing in a way and / or bears system identifiers that give the impression that it is a genuine card actually issued by the issuer in question. The term counterfeit card is also used for cards that were legally issued, but later falsified by re-stamping and recoding, etc.

Code number to identify a specific country. The digits belong to a block of internationally recognized numerically and alphabetically structured code numbers that are often used in electronic messages to identify countries.

The issuing bank grants the holder of a credit card or charge card a maximum amount of credit per billing cycle. The amount of the maximum amount is determined by the bank and depends individually on the creditworthiness and account history of the cardholder.

During the credit check, the issuer bank determines whether the card application is approved or rejected. The criteria of the credit check include age, occupation, average monthly income, etc.

The cardholder and the card-issuing bank are in different countries.

International transaction or cross-border transaction in which the acquirer and the bank (issuer) are located in different countries.

Cross-border debit processing

The processing of sales made with German debit cards abroad or with cards from foreign banks in Germany.

Crowdfunding is made up of the two English words crowd (crowd) and funding (financing) and is usually translated in German as crowd financing. With this type of fundraising, private donors as well as organizations or companies usually support projects / business ideas with equity. Crowdfunding is not only exciting for people who want to realize ideas in this way, but also for those who help. Most of the funding takes place on the Internet via crowdfunding platforms specially set up for this purpose.

CTIComputer Telephony Integration

Computer Telephony Integration (CTI) is a technology that enables computers to interact with telephones. Primarily used in call centers, this technology is often used to describe desktop interactions that improve human agent productivity.

Conversion of the transaction currency into the billing currency of the card issuer bank. This facilitates the data exchange in the authorization, clearing and settlement process. In the EPS network and BankNet (Mastercard) or VisaNet (Visa), the automatic currency conversion is an integral part of the exchange of authorization, clearing and settlement data.

In this type of attack, the ATM is infected with malware using a USB stick and prompted to pay out.

CVC2Card Verification Code

Card Verification Code (Mastercard) - Card verification code is used for security in mail order and Internet transactions. The cardholder is requested by the merchant to provide the card verification number in addition to the card number and the validity date. The card verification number is located on the signature strip on the back of the card. This additional security query is necessary to ensure that the data on the front of the card alone cannot be misused for fraudulent purposes via the Internet or mail order.

CVMCardholder Verification Method

Card Verification Method. Procedure for determining the personal legitimacy of a cardholder. These include, for example, signature comparisons and PIN checks; In the future, biometric verification procedures can also be used.

CVV2Card Verification Value

Card Verification Value (Visa International) - Card verification code is used for security in mail order and Internet transactions. The cardholder is requested by the merchant to provide the card verification number in addition to the card number and the validity date. The card verification number is located on the signature strip on the back of the card. This additional security query is necessary to ensure that the data on the front of the card is not misused for fraudulent purposes via the Internet or mail order.

According to the Federal Criminal Police Office, cybercrime includes crimes that are directed against the Internet, data networks, information technology systems or their data or that are committed using this information technology.

Darknets are criminal online marketplaces in the covert, anonymous area of ​​the Internet (underground economy) in which goods are traded illegally.

Data Encryption StandardDES

Data encryption standard, algorithm for data encryption, is mainly used in the banking and financial services industry to encrypt sensitive data. DES is a symmetrical encryption method and supports 128, 192 and 256-bit keys. Attacks that could be decrypted after just a few hours with the 56-bit keys at the time using special hardware will, according to various experts, be impossible for years to come.

DDoS stands for Denial of Service and in information technology means that Internet services are not available, although they should actually be. This is mostly related to an overload of the data network, which is brought about in a targeted manner.

Payment card linked to a bank (giro) account. Every transaction made with this card results in an immediate account debit.

Payment card linked to a bank (giro) account. Every transaction made with this card results in an immediate account debit.

Negative response to an authorization request: The card issuer bank or its processor (e.g. First Data) rejects the requested turnover.

DeepwebDeepweb, Deepwebs, Deep Web, Deep Webs

The deep web is an area of ​​the normal Internet that cannot be found with normal search engines. The reason: such pages are not linked, they are not listed by search engines, or you need access data to be able to call them up.

DeviceTANDevice-TAN, device tan, devicetan

A TAN generated on a separate device, the device or TAN generator, dependent on the transfer text.

The German Credit Industry of the German Credit Industry, DK

The German credit industry includes the five central associations of the German credit industry (Federal Association of German Volksbanks and Raiffeisenbanks eV, Federal Association of German Banks, Federal Association of German Public Banks, German Savings Banks and Giro Association and Association of German Mortgage BanksV.) merged. The Deutsche Kreditwirtschaft sees itself as a lobby group for the central banking associations.

Service company

A company that provides contractually agreed card business services for a member bank (or several) (-> processor). Services in the card industry can be, for example: authorization, approval service, complaint processing, prevention, abuse processing, invoicing and dispatch, replacement card service, transaction processing, card dispatch.

Digital girocardDigital girocard, digital girocard, digital payment card, digital payment card, digital card, digital card

With the digital version of the payment card, the information that would otherwise be stored in a chip card is stored in the software of your mobile phone. Then you can pay with your smartphone wherever you can otherwise pay contactless with the NFC-enabled girocard as a chip card. To do this, your smartphone must be NFC-capable. In addition, the digital girocard must be offered by your bank or savings bank. Then you can install the corresponding app from your institute on your smartphone. You can find out whether your house bank offers the digital card for your smartphone on their website, banking app or ask your advisor.

The digital (or electronic) signature is the transfer of the signature in electronic media. With the signature, the signer can be identified and, above all, authenticated, that is, it can be determined whether the signer is really who he claims to be. The digital signature not only enables secure communication on the Internet, but also acts as a seal for electronic data.

Payment method in which the sales are collected directly from the current account by direct debit.

Percentage of sales that an acceptance point pays to its acquirer.

General terms and conditions of a card-issuing bank for cardholders.

willful / malicious

A turnover-dependent, percentage or transaction-dependent, fixed fee that the merchant bank has to pay to the card-issuing bank based on the national interchange fee regulations.

A transaction made domestically between the merchant and the cardholder.

Down option authorization

If the card-issuing bank cannot be reached for an authorization request, a replacement authorization is carried out by a previously defined data center. The prerequisite is that the card issuing bank has approved this procedure beforehand.

Bank or savings bank that has acquired a license for acquiring (connection of authorized dealers) and connects both acceptance points for Mastercard and Visa.

A card-issuing bank or savings bank that issues both Mastercard and Visa cards.

Dual dealer bank

Bank or savings bank that has acquired a license for acquiring (connection of authorized dealers) and connects both acceptance points for Mastercard and Visa.

A card-issuing bank or savings bank that issues both Mastercard and Visa cards.

This is the white card blank. In the case of a duplicate card, the read card data can be applied to the magnetic strip.

With the dynamic currency conversion, the cardholder pays in his home currency. If the DCC transaction is carried out correctly, the purchase price is automatically converted from the merchant's currency into a so-called transaction currency, which corresponds to the cardholder's currency.

Dynamic Currency Conversion

With DCC (dynamic currency conversion) the cardholder pays in his home currency. If the DCC transaction is carried out correctly, the purchase price is automatically converted from the merchant's currency into a so-called transaction currency, which corresponds to the cardholder's currency.

Dynamic Data AuthenticationDDA

A security procedure for new generations of cards with chips that is supposed to provide better protection against misuse. With DDA, a combination of fixed card and dynamic terminal data is signed with its own, non-readable RSA key for authentication purposes. The data cannot be copied, and the PIN is only encrypted over the line. The German credit industry prescribes the use of DDA or CDA (Combined Data Authentication) for debit cards.

The Euro Alliance of Payments Schemes (EAPS) is an association of various national card payment systems, which enables the mutual acceptance of debit cards in the respective European countries. With this system, holders of a German girocard can withdraw cash and pay at the cash registers in some European countries. Merchants who use the electronic cash system, in turn, are expanding the number of foreign debit cards through the EAPS that they can accept without using one of the international payment systems from Visa or Mastercard, under the same terms and conditions as with electronic cash.

EASTEuropean Association for Secure Transactions

EAST stands for European Association for Secure Transactions and was founded in early 2004 as a voluntary association to combat card crime in Europe. The members are made up of representatives from the banking industry (e.g. EURO card systems), ATM manufacturers and network operators. The participants come from most European countries and - since skimming now also plays a major role internationally - from some countries outside Europe. EAST is supported by Europol, the European Police Office in The Hague.

European Banking Authority / European Banking Authority

Electronic Banking Internet Communication Standard. Describes a standard that is multibank-compatible in Germany for the transmission of payment transaction data over the Internet.

Security procedure which the recipient uses to check whether a message he has received is not only genuine and complete, but actually comes from the source specified in the message. With chip cards, digitized signatures are used, whereby two bodies communicating with one another (e.g. chip card and chip terminal or chip card and issuer-host computer of the issuing bank) are able to carry out a mutual authenticity check.

(Instant Payment) ... is an online transfer or a money transfer between transaction partners in a few seconds or minutes. Posting and valuation of the monetary amounts take place in real time.

ECRBEuro Cyber ​​Resilience Board

The Euro Cyber ​​Resilience Board for Pan-European Financial Infrastructures is a forum for strategic discussions between financial market infrastructures. Its goals are to raise awareness of cyber resilience - catalyzing joint initiatives to develop effective solutions for the marketplace - and provide a place for sharing best practices, as well as fostering trust and collaboration. The decision to found the ECRB was made during an ECB meeting on cyber resilience in June 2017.

A software developed by Visa and made available to the processors to check and process accounting data of the BASE II system (clearing and settlement).

Term used to designate the connection nodes that exist between two networks to enable global network communication.

Submission of transaction data

Electronic clearing message with all sales data that is forwarded to the issuer bank by the acquirer bank for the settlement of payments.

Fee payable by the party filing a chargeback or compliance case with Mastercard for arbitration purposes. After Mastercard has finally decided on the case, this fee can also be claimed from the opposing party who lost the arbitration procedure.

EKS-Net is the online-based system for recording, managing, evaluating and preventing claims with debit cards, such as lost or stolen cards, duplicates (counterfeit) and postage losses.

In general, this term describes the buying and selling of goods or services using electronic payment. In Germany, electronic cash stands for the national PIN-based debit payment method.

Business transactions that are carried out by the parties via electronic media (e.g. Internet) and include payment services in electronic form.

Electronic Funds Transfer

Term used to describe transaction processes in which electronically recorded card data is accepted as a means of payment by an authorized dealer instead of cash.

Electronic purse

Functionality of a chip card that allows credit to be stored in the chip. The saved amount is reduced with each purchase by the respective transaction amount without online authorization being necessary.

Electronic money transfer

Term used to describe transaction processes in which electronically recorded card data is accepted as a means of payment by an authorized dealer instead of cash.

Electronic Warning Bulletin

Term for a 'blocking file' maintained by Mastercard, which, in connection with 'stand-in' services, serves the purpose of recognizing cards registered as 'blocked' and preventing fraudulent transactions.

Electronic Checks

Embossing of the plastic cards with the required data.

Member bank that issues payment cards to its customers, manages the card accounts of its customers, authorizes card transactions (either itself or through contracted service providers) and guarantees the acquirer bank the payment settlement for valid card transactions.

Emotet is a form of malware and belongs to the ransomware category. Once on the system, the software appropriates the victim's data in order to threaten to publish it and / or to encrypt the data and demand a ransom for the decryption. Emotet also reads the contact information from the mailboxes of infected systems for its own dissemination and is able to independently download new malware.

Europay, Mastercard, Visa - the three card organizations have agreed to develop and promote global standards for electronic financial transactions. The abbreviation 'EMV' also refers to the technical specifications adopted by all three companies to ensure global compatibility and interoperability for chip cards, chip terminals and the corresponding data formats in the transaction.

The EMV chip on a payment card is responsible for communication between the chip card and the terminal (POS and / or ATM). It enables the data stored in the chip to be protected against falsification, spying or copying.

EMVCo is a joint venture between American Express, JCB, Mastercard, UnionPay and Visa. The company is responsible for maintaining and further developing the EMV standard for chip-based payment cards and acceptance terminals (POS and ATMs) and serves as the official source for information on the EMV standard.

Process engineering for the encryption of data by means of an algorithmic calculation process and a key (value).

Key that is used as part of a data encryption process. This security component, often in the form of a specific sequence of numbers and / or letters, is used to encrypt data using an algorithmic calculation process in order to protect the confidentiality of information.

End-to-End-IDend to end id, end-to-end-id

In the course of the SEPA changeover, the end-to-end ID replaces the previous reference number and continues to apply to cross-border payment transactions.

Mastercard's own telecommunications network for the 'real-time' exchange of transaction data between member institutions.

Replacement authorization service

Substitute authorization: Authorization of a transaction by a subordinate, central authorization system which was developed for communication with the Banknet communication network and which authorizes instead of and on behalf of the issuer. Stand-in steps in if the issuer is not online, is temporarily unavailable, or is too late, i. H. responds outside of the time limits defined in the network.

Term for a document in paper form that an acquirer makes available as a 'replacement' for a card transaction receipt. Such 'substitute receipts' may only be created for the following transaction categories: mail order / telephone order, hotel / motel, petrol stations, parking garages, car rental companies and airlines.

Extended parameters for account number ranges

Additional parameters that allow the issuer bank to monitor the risk of their cards even more strictly as part of the Mastercard Dynamic Stand-in program. For transactions that meet a number of linked criteria (e.g. country of origin, MCC (Merchant Category Code) and transaction amount), special limits can be set in this way.

Eurojust is a judicial authority of the European Union based in The Hague. The task is to coordinate cross-border criminal proceedings at the European level. This includes coordinating the work of national judicial authorities and exchanging information in Europe, for example when it comes to cross-border organized crime.

Europay Common Clearing FormatECCF

A uniform data processing format that is binding for all member banks and is used to exchange clearing and settlement data between acquirers and issuers.

An interface (processor) module from Europay / Mastercard consisting of hardware and software, which is installed on site at the individual member institutions. It connects the members' own central computers with the EPS-Net and thus enables access to the IT systems and other Mastercard services.

Europay Security ModuleESM

Europay security module - a particularly secure device controlled by a microprocessor and connected to an EM (Europay Module) with special memory for cryptographic secret information (key) and for carrying out special cryptographic operations. This includes the calculation of key values ​​for PIN verification and authentication of transaction messages as well as the encryption of private data before they are transmitted.

European Payments Council EPC

Association of European banks to create the basis for a cost-effective, fully automated and standardized payment infrastructure.

Settlement center in the GeldKarte system. Receives the sales from the retailer, initiates payment transactions, checks the security of the system and settles the corresponding fees among the parties involved. Each banking sector has its own central registry. A distinction is made between the dealer registration center and the card registration center.

European Economic Area

Excessive Chargeback Compliance Program

A program developed by Mastercard to reduce the number of chargebacks, especially for certain types of transactions (e.g. electronic commerce). An acquirer bank whose monthly chargeback rate exceeds the industry average and the permissible tolerance threshold runs the risk of being fined.

Generally designates the validity date (month and year) printed or embossed on a payment card as well as stored on the magnetic stripe and chip. From this date the card is no longer valid and the cardholder may no longer use it for purchases or cash withdrawals. From this date onwards, the merchant is prohibited from accepting the expired card.

expressPay is the name of the contactless payment technology from American Express. Simply hold the credit card based on Near Field Communication technology (NFC) briefly to the payment terminal to make a payment. For small amounts without entering a PIN or signature!

Extended Account Range Parameters