Payments and Fraud Glossary
- Abuse list
Intelligence-sharing mechanisms used to widely disseminate tactical fraud intelligence like mule accounts, phishing sites, malware distribution sites, compromised websites, botnet IP addresses, compromised point-of-sale terminals, etc. Abuse lists may be private (available on subscription or as part of a larger fraud detection solution) or public.
- Account takeover (ATO)
A form of identity theft where a criminal gains complete control of a consumer’s account, such as obtaining the PIN or changing the statement mailing address and/or making unauthorized transactions.
An acquirer (acquiring or merchant bank) is a bank or financial institution that processes credit or debit card payments on behalf of a merchant. The term indicates that the merchant accepts or acquires credit card payments from the card-issuing banks within an association.
- Address Verification System (AVS)
A service used to check the billing address of the credit card provided by the user with the address on file at the credit card company. AVS is widely supported by Visa, Mastercard, and American Express in the US, Canada and the UK.
- Anti-Money Laundering (AML)
A set of procedures, laws or regulations designed to stop the practice of generating income through illegal actions. In most cases, money launderers hide their actions through a series of steps that make it look like money coming from illegal or unethical sources was earned legitimately.
- AML Software
A type of computer program used by financial institutions to analyze customer data and detect suspicious transactions.
- Artificial Intelligence
The simulation of the processes of human intelligence by machines, especially computer systems. These processes include learning (the acquisition of information and rules for using the information), reasoning (using the rules to reach approximate or definite conclusions), and self-correction.
- Assurance IQ
A term from Mastercard, which enables the exchange of vital information from the merchant about the circumstances of a transaction. This enables Mastercard to provide a blended risk score about the transaction to the issuer, enhancing confidence in the approval.
A security measure that determines whether someone or something is, in fact, who or what it declares to be. An authentication process implies the verification of a cardholder with the issuing bank. Authentication often precedes authorization (although they may often seem to be combined). The two terms are often used synonymously but they imply two different processes.
- Authentication factor
A piece of information and process used to authenticate or verify the identity of an entity based on one or more of the following:
- Possession e.g., device signature, passport, hardware device containing a credential, private key;
- Knowledge e.g., password, PIN;
- Inherence e.g., biometric characteristic;
- Context e.g., behavior pattern, geolocation.
A set of data presented as evidence of an asserted identity and/or entitlements.
Verifying that the entity initiating a transaction is entitled to perform that action.