PCI DSS: Glossary of Terms

Payment Card Industry Compliance
PCI DSS: Glossary of Terms
e-Commerce            The process of conducting payment transactions over a computer network. In
                                     e-commerce, the merchant card is usually not present; instead, the payer enters
                                     the data into a web form remotely.
EMV Chip card        Europay, MasterCard and Visa Chip card. Also known as “smart cards”, these
                                     payment cards store their data on integrated circuits embedded on the card, rather
                                     than magnetic stripes. Many EMV cards also have stripes for backward compatibility
                                     with payment terminals. Payment cards that comply with the EMV standard are
                                     often called chip-and-PIN or chip-and-signature cards, depending on the exact
                                     authentication methods required to use them.
Merchant                   The RIT department or group that collects payments via a payment card.
Merchant Card         Debit or credit cards, including Visa, MasterCard, Discover and American Express.
Merchant ID              A merchant identification code assigned by the bank and used to identify the owner
                                      of merchant card transactions.
PAN                              Primary Account Number. The number that is embossed and/or encoded on the
                                      plastic card that identifies the issuer and the particular cardholder account.
PCI DSS                       The Payment Card Industry Data Security Standards. Defines security requirements
                                      for card transactions and is required by a consortium of card providers
                                      (American Express, Visa, MasterCard, Discover, etc.)
Payment Card          See Merchant Card
PIN                              Personal Identification Number.  A secret numeric password used to authenticate
                                     the user to the system.
POS System               Point-of-Sale system. A computer-based system that processes payments over a
                                      network. A POS system differs from an e-Commerce system in that the payer and
                                      card are usually present at the time of the transaction.
Service Provider     Organization that processes, stores or transmits cardholder data on behalf of merchants.
Terminal                     A machine used to electronically process credit or debit card payments. Card data
                                      may be captured by swiping the card through a designated slot in the terminal, by
                                      inserting an EMV Chip card, or by keying in the card number by hand. Payment
                                      information may be transmitted over phone lines.
CVV                              Card Validation Value. Also known as Card Validation Code. This is the 3 or 4 digit
                                      number on the back of the credit/debit card next to the signature line.