Glossary

API (Application Programming Interface) is a collection of functions that allows the merchant's IT system to communicate with Escalion Merchant Admin in an automated manner. For example such communication is, a query from the merchant to Escalion regarding a transaction in order to ascertain its status.

Address Verification Service / Address Verification System

The bank maintaining the special merchant account and providing services in connection with the merchant account. When paying online with bank card, the amount of the transaction initiated by the customer arrives at the merchant account maintained by this bank.

The service provider combining payment and merchant services.

The system verifying the address of the card users. Upon making a purchase with card, the AVS system compares the address data provided by the cardholder with the information assigned to the card by the issuer bank. The AVS system is devised to check whether the actual owner of the card is using it or not, since in case of a potential card theft, the perpetrator is not necessarily in possession of this information of the cardholder, as the data is not found on the card. In addition to the address and the name, the verified data includes the CVC/CVV2 code, because the latter is not stored on the magnetic strip located on the card. In other words, the primary goal of the AVS is to screen all online purchase attempts, where the card is not physically available and the personal data of the cardholder is not known.

A user platform, through which you can set databases and e-mail accounts and can check upon the operation of your hosted web content

A symmetric-key encryption standard. The algorithms operating on the basis of the AES standard encrypt the data in certain block sizes, the size of these blocks is expressed in bits. Accordingly, the 256-bit encryption means blocks of 256 bits and since the size of the key necessary to decrypt the encryption corresponds to the size of the block, this data also shows the cryptographic "strength" of the encryption. The AES-256 currently means strong, or in other words, high-level encryption.

Payment solutions, other than cash payment. Such alternative payment methods are for example bank card payment, money transfer, payment by mobile phone (such as premium rate SMS), various checks.

The sum total of the executed transactions, which were disbursed to the account of the beneficiary, but the bank has not yet accounted for the amount, because it was implemented before or after the settlement period. The amount is still on the bank account, but cannot be spent again.

Activities preventing fraud. A service, system, method or procedure devised to prevent fraud or the abuse of sensitive information.

The software that plays a specific role in an IT system. For example the Escalion payment page is an application, more accurately a "Web Application", whose role is to solicit the bank card data from the potential purchaser, and transfer it to the back-end system, where another application is responsible for transferring the data to the banks.

When a transaction is accepted by the Escalion system, the issuer bank places an authorization hold on the given amount on the card of the customer, so this amount cannot be spent again from the cardholder's balance. At this time the amount is not yet transferred to the merchant’s account, the transfer is a separate process, which takes place later (see Clearing /Settlement).

Business to Business. Services provided by business organizations and companies to one another / among each other, transactions taking place between corporate partners.

A website, where partners using a common technology platform can sell and buy. There are private (closed business circle) and public B2B exchanges (open to any company for a fee).

A 85x54 mm plastic card that gives its holder access to the bank account and can be used for making payments.

The Escalion payment page can display the merchant’s logo. In addition to the basic display theme, a configurable theme can be selected as well, in which case apart from the merchant’s logo, certain colors can be changed to match the appearance of the Escalion payment page (payment page) to the website of the merchant.

Services provided by business organizations and companies to one another / among each other, transactions taking place between corporate partners.

Communication and interaction between a corporation or company and its customers (natural persons).

The card companies conduct the settlement of the bank card transactions. The two largest card companies are VISA and Mastercard. The logo of the card company is always displayed on the card. The banks do not differentiate in terms of the fee, so it does not matter which company our card belongs to. However, for the cardholder, it is advisable to carry the cards of both companies in his wallet, because sometimes operational disturbances occur at the companies and their cards can not be used for hours.

The card verification/authentication code. In case of Visa and MasterCard cards, it is a 3-digit number, which is the last 3 digits of the sequence of numbers printed on the back of the card on the signature strip and which is usually separated by space from the rest of the inscription. In case of American Express cards, it is the 4-digit number on the front of the card, the only inscription on the front, which is printed and not embossed. It is important information in case of online shopping, since this value is not included in the data stored in the card's magnetic strip. With the help of this code, the payment system makes sure that someone does not make an illegal purchase with a previously read and saved magnetic strip or a card number stolen from a database, rather the card is physically available at the time of the transaction.

The software which allows the easy management and update of the product range on an e-commerce site. Typically it is a part of the "Shopping cart" package.

The Ceiling Limits refer to the chargeback percentages, that is, they indicate the maximum number of chargebacks, which can be accepted of all transactions in a month.

It means the "refund" of the amount of a particular transaction at the request of the customer. The cardholder discovers a problem in connection with the purchase / disputes the legitimacy of the transaction and contacts his issuer bank about the issue. The issuer bank investigates whether the complaint is justified (contacts the customer as well). If the chargeback is valid, the merchant forfeits the amount and the acquiring bank informs the merchant accordingly.

The insurance which protects credit card accepting merchants against bank card abuses.

The customer service available to customers. Escalion provides client service, which is available during business hours in English and Hungarian, where customers can receive information in connection with transactions or online bank card payments.

The enumeration of rights and obligations stipulated in writing based on the agreement of the parties.

A 85x54 mm plastic card, which is in compliance with international standards and with which –with the help of data stored on the magnetic strip on the back of the card, or lately on the microchip on the front of the card- after identifying the cardholder (electronically or by documentary evidence) bank account transactions, typically payment transactions can be performed. Various convenience-, and security services are connected to the credit card. Purchases can be executed even if the balance of the credit card is negative.

a border crossing operation (e.g. transaction)

Transactions where the customer is not physically present at the POS (typically telephone or mail transactions). In these cases, the chance of abuse is higher.

Transactions where the customer is physically present (face-to face transactions) and provides his information at the POS personally.

A 85x54 mm plastic card, which is in compliance with international standards and with which –with the help of data stored on the magnetic strip on the back of the card, or lately on the microchip on the front of the card- after identifying the cardholder (electronically or by documentary evidence) bank account transactions, typically payment transactions can be performed. Various convenience-, and security services are connected to the debit card. Purchases can only be executed if the balance of the debit card is positive.

The text address of the servers and websites available through the Internet (e.g. www.escalion.com).

The purchase and use of an individual name identifying an Internet site. It always consists of two or more parts separated by a point. For example: www.escalion.com .

Deliberate masking of certain data in such a manner, that in the knowledge of the so-called key, the unencrypted data can be recovered. The communication taking place between the computers of Escalion and the customers is encrypted, thus the potentially intercepted data will be unusable for the intercepting party, since only the customer’s computer and the Escalion’s system can decrypt the encryption.

A summary concept, which examines the human factors involved in production and the interaction of people, equipment, machinery and environment with a scientific approach. Ergonomics means the application of principles, models and methods in the formation and development of the system of people-machine environment with the purpose of increasing the efficiency of the system operation and (or) reducing the use of manpower.

The company engaged in developing and providing online payment solutions, that guarantee reliable and convenient technology and client service to the participants of online commerce, the buyers and merchants, manage their online sales and purchases. Escalion is a Payment Service Provider (PSP).

The unintentional leaking of sensitive data; a major part of the security measures is devised to prevent the occurrence of such events (see PCI DSS).

Electronic business management.

Electronic sale, commerce.

Defrauding, abuse of sensitive data.

The screening services designed to filter the transactions suspected of being fraudulent or deceptive based on various selected parameters.

The merchant's liability and obligation to perform. The merchant is responsible for delivering the purchased product to the customer (that is, for fulfilling the order) after the customer provided his card information in the system of Escalion, an authorization hold was placed on the required amount and the system of Escalion informed the system of the merchant accordingly.

The amount available on the bank account to settle purchases.

Disc space on a server’s computer, which is dedicated to your Website by a service provider in order to allow interested parties to access it with the help of the domain name/Internet address.

At all times one site is active in the merchant admin thus searches (transaction, package, etc.) are always done exclusively among the data of this selected site. Within the Hot Links menu the active site can be changed to another one, if the merchant has more than one site.

Internet Merchant Service – An online service, which entails card payments through a payment system provider and the connected services.

The fraud control system operated by the service provider offering electronic payment solutions. Escalion operates a unique anti-fraud system, with which we filter blatant attempts to commit card fraud and prevent the less obvious attempts by using heuristic methods, thereby reducing the merchants` chargeback percentage, while ensuring that the chance of rejecting legitimate purchases by mistake is reduced to a minimum level.

The payment procedure conducted online.

The company/organization engaged in providing online payment services; the payment service provider.

A special bank card, which can be used to make purchases on the Internet. Its essence is that there is always a separate account behind it, where only the exact amount for the online purchase is transferred and only directly before the purchase. This is a security measure, because providing card information via the Internet carries higher risks . The main feature of the Internet card is that, even if its details are compromised it can not be abused, because there are no funds behind it and therefore the bank will deny the transaction.

The issuing bank of the customer’s bank card.

The applications written in Java, which accept and transmit HTTP queries and mediate between the back-end and front-end systems.

International and ATM bank card.

One of the most widespread and internationally accepted bank cards. Card issuing company, which is present in more than 210 countries and regions worldwide.

The trader engaged in online sales.

The Internet merchant account, which is handled by the acquiring bank.

The control/administrative platform/page, where the merchant controls the transactions conducted on the merchant account and also can intiate operations (statistics, data and report queries, graphic representation).

The form document used to provide the data, which is necessary to conclude contract with Escalion.

The form document used to provide the data, which is necessary to conclude contract with Escalion.

The service provided/supported by the acquirer bank, which allows the merchant to use the bank card payment solution.

Merchant Service ID (identification data) is a personalized identification data, which is used to identify the services of a certain merchant.

Offline, as opposed to online, means using the computer while it is not permanently connected to the Internet. The status when there is no data-connection.

The indicator of the operating mode, when a direct network connection is established. Direct network connection.

Displaying products on a website in catalogue format. The majority of the e-commerce software allows the preparation and use of catalogues.

Paying with bank card online; paying through the Internet. The customer selects the product in the web shop from the comfort of his home, makes the purchase by using his bank card and receives the purchased product.

Exceeding the credit limit.

On 15 December, 2004, American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., - the largest card issuing companies - standardized their security regulations and published them in a document titled Payment Card Industry Data Security Standard (PCI DSS). It includes technical and operating requirements which were adopted in order to fight fraud, data theft and other security threats committed against organizations accepting bank cards. The founding members of PCI SSC (Council) enforce compliance with the standard. Compliance checks must be passed annually. The common standard of the card issuing companies (American Express, Discover Financial Services, JCB International, MasterCard, Visa). Full Name: Payment Card Industry Data Security Standard (PCI DSS).

An apparatus, that credit and debit card transactions can be processed with.

An open-source, computer script language, which is typically used for designing dynamic websites. PHP is a programming language that allows users to prepare dynamic web pages. The web applications of the Escalion system were written in this language.

One of the most widespread encryption methods, for example in case of SSL connections (HTTPS), the encryption of the communication channel is ensured by applying this method. In a nutshell, it means that after establishing connection by "handshake" in a complex manner, data is transferred encrypted and only the applications at the two ends of the connection can decrypt the encryption, thus making it more difficult to intercept the communication.

A device with which bank card purchases and payments can be processed (in shops, restaurants etc.). The device sends the purchase data to the authorization system of the issuer bank, where the purchase is identified, the availability of the funds is checked and it is also verified whether the card is listed as banned card, or not. In case of authorizing the transaction, the equipment prints the data of the purchase and – if the transaction is denied- a smaller slip, indicating the reasons of denying the purchase.

An encrypted platform, where the transaction is initiated by the customer. He/she provides his/her bank card information and the purchase amount, and then approves the payment.

A periodic/regular/recurring payment; regular deduction/payment made by an online payment solution.

The status of a transaction is “pre-authorization”, if an authorization hold was not yet placed on the amount on the card of the customer. Accordingly the purchase was not executed in practice, but the customer has already provided his card data.

A method of storing the information and the services ordered by the clients, and deducting the amount regularly based on these details.

Refund means that in case of cancelling the purchase, or otherwise the merchant decides to remit the amount under authorization hold on the customer’s account or which has already been paid. The refund has no significant expenses, within 24 hours it is typically free, after 24 hours the fee is approx. EUR 1. Such as, for example, if the buyer cancels the purchase within 8 days of the purchase and returns the product in a new condition.

Retail trader.

In other words "refund" or "cancellation" means reversing the transaction. Accordingly, the amount is remitted from the merchant account to the account of the customer, or -if only an authorization hold was placed on the amount (until 23:55 on the transaction day)- then the hold is cancelled and the amount will appear in the customer’s balance after a while. The length of this time depends on the customer’s bank, generally it takes 1-2 weeks and if cancellation is made on the date of the purchase, only 1-2 days.

Risk management means the continuous monitoring and evaluation of the transactions running through the system of Escalion. In the course of the risk management, we examine the latest fraud trends, prepare impact assessments and thus minimize the chance that risky transactions occur.

Small-and medium-sized enterprises, SME.

Transactions, which are transferred through safe channels, are secured by digital signatures and certificates, between the payment system and the bank of the customer. Eventually the system has not become truly widespread, and instead of this method, the so-called 3D Secure system was introduced (Verified by Visa, MasterCard SecureCode, J-Secure).

The browser transfers the secure form to the server through HTTPS protocol, in other words, the data provided in the secure form is transmitted on the web encrypted, therefore intercepting the communication is futile. The browsers use various methods to indicate secure connections, usually the text of the address bar is green, and/or a lock icon is placed next to the title.

A server that supports access through connections encrypted by SSL or other technology (HTTPS), accordingly there is no point to intercept the communication between the client and the server, since all transmitted data is encrypted.

The Secure Sockets Layer (SSL ) is a cryptographic protocol which allows Internet based communication through encrypted channels. The SSL is already obsolete, it was replaced by the TLS (Transport Layer Security), which is more sophisticated, but its function is practically identical to its predecessor. The SSL/TLS, in addition to the encryption of the communication, provides an opportunity for users to verify the identity of the participants online and detect if external third party wants to deliberately influence the communication.

Escalion pays extensive attention to data security; therefore our websites secure their authenticity and the encrypted communication between the browsers and the web servers by certifications issued by VeriSign. In addition, our system has Level 1 PCI DSS certification, which verifies compliance with the highest security criteria assembled by the card companies (Visa, MasterCard, etc.).

The time period between placing the authorization hold on the amount (authorization, transaction date) and the actual cash transfer. At the end of the Settlement Period, the transaction amount is credited to the merchant account, which usually happens a couple of days after placing the authorization hold.

It is a virtual shopping cart. The customer of the webshop puts the product, that he/she wants to purchase into the shopping cart.

Business transaction, deal, e.g. stock exchange transactions, banking transactions (e.g. using bank card).

A design, which focuses on the user. Usability takes into account how the programs, functions, application can be used simply to achieve the user’s objective and how satisfied the user is with the application method.

Virtual Private Network. The point of the virtual private network is to seclude the communication conducted between different networks from the outside world, thereby making it safer.

A system developed for e-commerce transactions in order to identify cardholders, which significantly reduces the possibility of abuses committed on the Internet and improves confidence in online shopping. The Visa cardholders, registered in the Verified by Visa system, choose a password, with which they can identify themselves when shopping online and which provides protection against the unauthorized use of Visa cards. Secure and identifiable e-commerce transaction solution of market leader Visa International.

When we do not purchase with a card online, but in a shop, then a so-called POS (Point Of Sale) terminal handles our card information, which is read from the magnetic strip. Various payment sites on the Internet serve this purpose, such as the Escalion payment page, but instead of the magnetic strip, they use card data visible for the human eye. These services can also be considered as virtual POS terminals.

One of the most internationally accepted bank cards. It has various types (e.g. Visa Delta, Visa Electron) offering different rights and services.

The webhosting service (or shared hosting service) is an Internet service, where the resources of a server are distributed among multiple users. Each user occupies a storage space dedicated to him by the system, whose public content can be reached at an individual domain name.

The webstore (aka webshop or e-shop) is a website which sells products or services. Generally an online shopping cart belongs to it, where we put the selected goods virtually into. With the rapid spread of the Internet, online commerce has become very advantageous for merchants. Traditional shop owners noticed the new business opportunity entailed by e-commerce, and this has led to the proliferation of webshops. The number of products sold on the Internet and total amount of payments made online are dynamically growing.

XML is a set of rules, that allows us to store data in a form, that computers can read. The point of the XML is flexibility, and possibility to store data of any structure in a transparent and automatically processable manner.

The option, that with the commands written in XML, we can instruct an automatic system to intiate an operation without physically accessing the computer(s).