Payments and Fraud Glossary


One-time Password (OTP)

A password that can be used only once, usually randomly generated by special software.

Open Authorization (OAuth)

An open standard for token-based authentication and authorization on the Internet. It allows an end user’s account information to be used by third-party services, such as Facebook, without exposing the user’s password. OAuth acts as an intermediary on behalf of the end user, providing the service with an access token that authorizes specific account information to be shared. The process for obtaining the token is called a flow.


An open standard that describes how users can be authenticated in a decentralized manner, eliminating the need for services to provide their own ad-hoc systems and allowing users to consolidate their digital identities. Users may create accounts with their preferred OpenID identity providers, and then use those accounts as the basis for signing on to any website which accepts OpenID authentication.

On-premise Solutions

A software that is installed and runs on computers on the organization’s premises (in the building), rather than remotely, such as a server farm or cloud.

Order Linking

Drawing associations across a variety of different data points (name, address, IP etc) to help uncover fraud trends that may not have been seen when looking at the individual transaction.

Out-of-band Authentication

The use of two separate networks working simultaneously to authenticate a user.