Payments and Fraud Glossary


Abuse list

Intelligence-sharing mechanisms used to widely disseminate tactical fraud intelligence like mule accounts, phishing sites, malware distribution sites, compromised websites, botnet IP addresses, compromised point-of-sale terminals, etc. Abuse lists may be private (available on subscription or as part of a larger fraud detection solution) or public.

Account takeover (ATO)

A form of identity theft where a criminal gains complete control of a consumer’s account, such as obtaining the PIN or changing the statement mailing address and/or making unauthorized transactions.


An acquirer (acquiring or merchant bank) is a bank or financial institution that processes credit or debit card payments on behalf of a merchant. The term indicates that the merchant accepts or acquires credit card payments from the card-issuing banks within an association.

Address Verification System (AVS)

A service used to check the billing address of the credit card provided by the user with the address on file at the credit card company. AVS is widely supported by Visa, Mastercard, and American Express in the US, Canada and the UK.

Affiliate Fraud

Refer to any false or unscrupulous activity meant to generate commissions from an affiliate marketing program.

Affiliate Monitoring

Supervising affiliate networks to check for fraudsters engaging in fraudulent activity in order to "earn" commissions from the merchant without actually fulfilling their responsibility to direct valid customer traffic to the merchant's website and the desired product page.

Agent Management

The training, maintenance and management of human risk assessment agents to manually review orders.

Agent Workflow Console

The Kount Agent Workflow Console features employs a number of tools that automate routine risk assessment tasks. For example, if Kount detects attributes in a transaction that indicate possible fraud, the Agent Workflow Console feature can evoke one or more rules.

Anti-Money Laundering (AML)

A set of procedures, laws or regulations designed to stop the practice of generating income through illegal actions. In most cases, money launderers hide their actions through a series of steps that make it look like money coming from illegal or unethical sources was earned legitimately.

AML Software

A type of computer program used by financial institutions to analyze customer data and detect suspicious transactions.

Artificial Intelligence

The simulation of the processes of human intelligence by machines, especially computer systems. These processes include learning (the acquisition of information and rules for using the information), reasoning (using the rules to reach approximate or definite conclusions), and self-correction.

Assurance IQ

A term from Mastercard, which enables the exchange of vital information from the merchant about the circumstances of a transaction. This enables Mastercard to provide a blended risk score about the transaction to the issuer, enhancing confidence in the approval.

Auto Agent

A workflow console featuring a number fo tools that automate routine risk assessment tasks. Features like "auto decision", which takes actions based on pre-defined merchant specifications, help risk assessment agents more quickly determine whether an order is valid, or if a manual review is even necessary.


A security measure that determines whether someone or something is, in fact, who or what it declares to be. An authentication process implies the verification of a cardholder with the issuing bank. Authentication often precedes authorization (although they may often seem to be combined). The two terms are often used synonymously but they imply two different processes.

Authentication factor

A piece of information and process used to authenticate or verify the identity of an entity based on one or more of the following:

  • Possession e.g., device signature, passport, hardware device containing a credential, private key;
  • Knowledge e.g., password, PIN;
  • Inherence e.g., biometric characteristic;
  • Context e.g., behavior pattern, geo­location.

A set of data presented as evidence of an asserted identity and/or entitlements.


Verifying that the entity initiating a transaction is entitled to perform that action.