Q: What is Authentication?
The process of identifying a card holder. The authentication takes place via pin, password or hardware tokens like the ones used in internet banking.
Q: What is Authorization?
When a credit card payment request arrives at a bank, the bank will check the available funds for that card as well as other restrictions and limitations such as daily limits etc. The bank may then decide to Authorize the transaction, in which case the merchant sending the request will recieve the funds requested.
Q: What is 3DSecure?
A scheme developed by the card industry to allow a card holder to authenticate himself during an ecommerce transaction. Authentication takes place before a transaction is presented for authorization.
Q: What is MPI?
MPI stands for Merchant Plug In. MPI is the components that allows a card to be checked for enrollment and directs the card holder to a web page for authentication.
Q: What is CVV/CVC?
Typically a 3 digit code found at the back of a credit card, this number is mandatary for ecommerce and must be presented together with the credit card number. CVV/CVC must never be stored or printed by the merchant.
Q: What is VBV?
VBV stands for Verified by Visa and is the Visa part of 3DSecure.
Q: What is SecureCode?
SecureCode is the MasterCard part of 3DSecure.
Q: What is SafeKey?
SafeKey is the Amex part of 3DSecure.
Q: What is J/Secure?
J/Secure is the JCB part of 3DSecure.
Q: What is PCI DSS?
A Data Security Standard (DSS) created by Payments Card Industry (PCI). PCI is a certification process that all payment gateways, Banks and software providers must undergo.
Q: What is SSL?
SSL stands for Secure Socket Layer. SSL encrypts data in transit between two servers as it passes over the internet.
Q: What is VPN?
VPN stands for Virtual Private Network. VPN allows to remote networks to connect to each other, while encrypting all data in transit between the two networks.
Q: What do the status codes returned in PARES mean?
Y: the password is correct.
N: the password is incorrect.
U: it is not possible to validate the password (eg. failure of an ACS system component such as the cardholder database).
A: Proof of authentication attempt was generated.