Rice University logo
 
 
 

Glossary of Credit Card Terms


Term
 
  Definition 
AMEX Merchant #

 
: The Merchant ID used by Global Payments to process American Express payments for a particular Merchant.

 
Application service provider

 
 : Business that provides software or services that are directly involved in the processing, storage or transmission of cardholder data.

 
Average ticket amount

 
 : The total of all payments received divided by the total number of payment transactions for a given period of time.
 
 
Cardholder data (CHD)

 
 : Primary Account Number (PAN) plus any one or more of the following:  cardholder name, expiration date, service code, card validation codes/values, full magnetic-stripe data, PINs and PIN blocks.

 
e-Commerce

 
 : The process of conducting payment transactions over a computer network, usually the Internet. In e-commerce the merchant card is usually not present; instead, the payer enters that data into a form remotely.

 
e-Merchant

 
 : A merchant who uses an e-commerce system to generate revenue.

 
Global Payments

 
 : Our transaction processing company, Global Payments accepts, authorizes and transmits our payment transactions to the appropriate credit card network.

 
GPS Merchant #

 
 : The Merchant ID used by Global Payments to process VISA, MasterCard and Discover payments for a particular Merchant.

 
Mail/Telephone Order

 
 : The process of conducting payment transactions using either paper documents transmitted by the mail or cardholder data provided over the telephone. The merchant card is usually not present and the data is entered by someone in your department.

 
Merchant

 
 : A department, school, or other organization that collects revenue. Although merchants may receive payments in various forms (i.e. cash, check) this policy applies to merchants who wish to receive at least some of their payments from credit or debit card transactions.

 
Merchant Card

 
 : Debit or credit cards, including those under the Visa, Master Card, and American Express brands.

 
Merchant ID

 
 : A merchant identification code assigned by the bank and used to identify the owner of merchant card transactions.

 
PA DSS

 
 : Payment Application Data Security Standard defines security requirements for payment applications.

 
PAN

 
 : Primary Account Number.

 
PCI DSS

 
 : The Payment Card Industry Data Security Standard (PCI DSS) defines security requirements for card transactions and is required by a consortium of card providers (i.e. Visa, Master Card, Discover, and American Express). Failure to comply with PCI DSS may result in substantial fines and increased auditing requirements if a breach occurs. The full text of the standard and other supporting documents are available at https://www.pcisecuritystandards.org/.

 
Payment Card

 
 : See "Merchant Card."

 
Payment frequency:  For a short period, ANNUALLY

 
 : Situations where payments will be collected for no more than a few weeks once a year (e.g., an annual conference).

 
Payment frequency:  For a short period, EACH SEMESTER

 
 : Situations where payments will be collected for no more than a few weeks each semester (e.g., money is collected only during the first two weeks of each semester).
 
 
Payment frequency:  All the time

 
 : Situations where payment may be collected as part of an ongoing enterprise.
 
 
Personal identification number (PIN)

 
 : Secret numeric password shared between a user and a system used to authenticate the user to the system.

 
POS System

 
 : Point-of-Sale system. A computer-based system that processes payments over a network. A POS system differs from an e-commerce system in that the payer and card are usually present at the time of the transaction.

 
Self Assessment Questionnaire (SAQ)

 
 : A questionnaire created by Payment Card Industry's Security Standards Council to assist Merchants and Acquirers in evaluating compliance with PCI DSS. There are five (5) versions. The version you will be required to complete depends upon how you accept credit card payments.

 
SAQ A

 
 : Version A is for Merchants who only accept card-not-present payments with all cardholder data functions outsourced.
 
 
SAQ B

 
 : Version B is for Merchants who only accept payments using imprint machines or standalone, dial-out terminals. No cardholder data is stored electronically.
 
 
SAQ C

 
 : Version C is for Merchants who only accept payments via internet-based payment application systems. No cardholder data is stored electronically.

 
SAQ C-VT

 
 : Version C-VT is for Merchants who only process payments by entering them using web-base virtual terminals. No cardholder data is stored electronically.
 
 
SAC D

 
 : Version D is for all Merchants who don't qualify for one of the other SAQs. It is the most complex and requires the greatest amount of scrutiny. To the extent possible, no department should enter into an agreement with an application service provider or otherwise create a business situation where the completion of SAQ D will be required.

 
Terminal (Swipe machine)

 
 : A machine for electronically processing credit or debit card payments. Card data may be captured by swiping the card through a designated slot in the terminal or by keying in the card number by hand. Payment information may be transmitted over phone lines or the Internet.

 
TouchNet Payment Gateway (TPG)
 
 : PA DSS validated payment application hosted by TouchNet that processes payment transactions communicating with both Global Payments and Banner.  TPG is the preferred payment gateway for all credit card activity requiring a payment gateway.

 
TouchNet tLink

 
 : PA DSS validated payment application hosted by TouchNet that allows business applications to communicate securely with the TouchNet Payment Gateway (TPG) where payment transactions occur. tLink allows information not protected by PCI DSS to be communicated both to and from the business application and TPG.

 
TouchNet uPay

 
 : PA DSS validated payment application hosted by TouchNet that allows web-based business applications to securely transmit payment-related information to the TouchNet Payment Gateway (TPG) where the payment transaction occurs.

 
TouchNet uStore

 
 : PA DSS validated payment application hosted by TouchNet that allows the creation of online malls, storefronts, registration sites and shopping cart applications that process payments through the TouchNet Payment Gateway (TPG).

 
Validation code

 
 : Also known as Card Validation Code, Card Validation Value and Card Security Code. For the purposes of this policy, the 3 or 4 digit number printed or embossed on the back or front of a credit card used to validate the actual presence of the plastic credit card for which a PAN has been recorded. Often called CID, CAV2, CVC2 or CVV2.

 

 
 
 
Click here to go back to previous page