Account Funding Transaction (AFT)

A type of transfer when bank account funds are debited from an account holder to load onto another financial account or service.

Account Name Inquiry (ANI)

Enables an account cardholder’s name to be checked against the name held by their Issuing bank. See Account Name Inquiry Service (ANI).

Acquirer

A financial institution or payment processor that facilitates and processes credit or debit card transactions on behalf of merchants, and plays a role in authorizing and settling transactions, moving funds from the customer's account to the merchant's account along the payments network.

Address Verification Service (AVS)

Used to verify the address of a payment card with the issuing institution. See Address Verification Service (AVS).

Anti-Money Laundering (AML)

Laws and procedures designed to prevent criminals from disguising illegal proceeds as legitimate income.

Application Programming Interface (API)

A way for software applications to communicate with each other through specified data formats to request and exchange information. APIs help bridge different systems together to build a platform of services.

Authorization (Auth)

The process of when a merchant confirms whether a customer has sufficient funds or credit to complete any card transaction, and when captured the transaction proceeds to settlement, transferring funds from the customer's account to the merchant's account.

Authorization Hold

A temporary hold placed on a cardholder’s funds, set aside for a pending transaction, which reduces the available balance until the transaction is completed (captured) or the hold is released (voided).

Authorization Reversal

Cancels all or part of a transaction, notifying the issuer to remove the authorization hold and adjust the available balance.

Automated Clearing House (ACH)

A financial network in the US that powers electronic fund transfers governed by NACHA. ACH transfers can be used to accept payments (pull) or to send payouts (push).

Bank Identification Number (BIN)

A unique set of four to eight digits on a payment card. See BIN Files.

Bearer Token

A type of token used for authorization in making a successful API request. This unique credential acts as a key to be able to access a protected resource like the TabaPay Sandbox, or Production environment.

Beneficiary

An individual or entity designated to receive funds from a payout, disbursement, or push transaction.

Boarding

Refers to when a client begins their integration steps to go live with TabaPay.

BSA (Bank Secrecy Act)

A U.S. law that requires financial institutions to assist government agencies in detecting and preventing money laundering.

Business-to-business (B2B)

A type of transaction flow or model where commerce and relationships conducted are between two businesses.

Business-to-consumer (B2C)

A type of transaction flow or model where commerce and relationships conducted are between a businesses and a customer.

Capture

Completing and recording an authorized financial transaction to secure the funds from the customer's account and ensure the payment is successfully processed.

Card

A physical or digital payment device issued by financial institutions to enable a cardholder to access funds in the assigned bank account or line of credit.

Corporate Credit or Debit (CCD)

Relates to the achEntryType field for ACH in Create Transaction.

Card Identification Number (CID)

Functions similarly to the Card Verification Value (CVV) for a security layer, and commonly associated with American Express cards, and typically displays a 4-digit code on the front of the card.

Card Number

Functions similarly to the Card Verification Value (CVV) for a security layer, and commonly associated with American Express cards, and typically displays a 4-digit code on the front of the card.

Card on File (COF)

Refers to storing a customer’s card details on a digital platform for future transactions, eliminating the need to re-enter payment information. An example of COF is using Create Account to save card details.

Card Security Code

Refers to all the various security codes such as CVV, CVV2, CVC, and CID, which are required to authenticate card transactions where the card is not physically present.

Card Verification Code (CVC)

This 3-4 numerical code provides a check of the card's validity and is used to prevent fraud in transactions without physical cards. Also known as CVV, CSC, and CID.

Card Verification Value (CVV)

Encompasses different types of verification values including card not present (CVV2), magnetic stripes (CVV1) and other types of values: CVC, CID, etc.

Card Verification Value 2 (CVV2)

A 3 or 4-digit number that adds an extra layer of security, for card-not-present (CNP) transactions, or when you're buying something without swiping your card. Also known CVC, CVV2, CSC.

Card-not-present (CNP)

A transaction flow where the customer's card and the merchant are not physically together, but the purchase is made using the card details like online shopping.

Cardholder

An individual to whom a payment card (credit, debit, or prepaid card) is issued. The cardholder is authorized to use the card for making transactions and is responsible for any charges incurred on the card.

Cardholder Data Environment (CDE)

Consists of the people, processes and technologies that store, process, or transmit cardholder data or sensitive authentication data.

CAVV (Cardholder Authentication Value)

A unique value generated by the card issuer during the authentication of a cardholder in an online transaction. It is part of the 3-D Secure (3DS) protocol, and helps confirm that the existing cardholder is authorized to use the card.

Chargeback

An outcome of a disputed transaction initiated by the cardholder, transferring funds back from the merchant to the cardholder.

Chip Card

An EMV card with a microchip that provides a security layer by creating a unique transaction code for each payment for in-person transactions.

Client ID

Your unique 22-character string issued during onboarding. This value is used in your URLs for TabaPay APIs. For questions on what string to use, ask TabaPay support.

Customer Initiated Transaction (CIT)

A transaction where the cardholder actively participates or make a request at the time of purchase.

Cryptogram

Unique encrypted codes generated at each transaction to authenticate the transaction and help ensure its security. Example cryptogram values dynamically generated from each transaction are CAVV, or TAVV but not static values like CVV2.

Demand Deposit Account (DDA)

A bank account from which funds can be withdrawn at any time without any advance notice, commonly known as a checking account. Customers use their DDA to write checks, make debit card transactions, and withdraw cash from ATMs.

Destination Account

The JSON object "destinationAccount", which typically contains a card, bank account, or link object with an owner object. Not used with "destinationAccountID". See Create Account.

Destination Account ID

22-character TabaPay Account ID. For pull transactions, use your Settlement Account ID here (issued during onboarding). For push transactions, you will generate an AccountID beforehand using Create Account.

Digital Wallet

A virtual repository that stores payment methods or funds that allows contactless payments like near-field communication (NFC) technology, electronic transfers.

Disbursement

A payment flow that moves funds from a sender's bank account to a recipient's bank account.

Electronic Commerce Indicator (ECI)

A numeric value that indicates the type and security level of an online transaction. It helps payment processors and issuers identify and handle transactions appropriately based on their security status.

Enabled

Refers to turning on a product or feature for an existing TabaPay client using any required configurations.

Error Codes (EC)

A TabaPay specific field in the API response used by TabaPay team members and TabaPay Support. If you are getting an error refer to Status Codes or Error Handling.

Error Message (EM)

A TabaPay specific field in the API response used by TabaPay clients and TabaPay Support that contains limited details due to PCI, for internal Error Handling. Not intended for a customer-facing message.

Europay, Mastercard, and Visa (EMV)

A physical payment card that contains both a smart chip and a magnetic strip for physical terminals. Also known as a chip card, and are used for modern credit, or debit cards.

Federal Deposit Insurance Corporation (FDIC)

A United States government agency that provides deposit insurance to account holders in U.S. banks and savings institutions. The FDIC's insurance protects up to $250,000 per depositor, per insured bank, for each account ownership category in the event of a bank failure.

Foreign Exchange (FX)

The process of converting one currency into another that is used in international, or cross-border transactions.

Fully Qualified Domain Name (FQDN)

Replace FQDN with the appropriate domain. Ensure the domain you're using is consistent with the environment you're testing in (sandbox, production, etc.).

Hypertext Transfer Protocol Secure (HTTPS)

An extension of HTTP, the protocol used for transmitting data over the web. HTTPS uses encryption (typically via SSL/TLS) to secure data in transit, helping protect from eavesdropping, tampering, and intercepting attacks. It helps ensure that the communication between a user's browser and a website is secure.

Independent Sales Organization (ISO)

A third-party middleman that helps connect businesses to use payment services with payment processors and banks. TabaPay assigns a 4 digit-ID to clients. Incompatible with International Organization for Standardization (ISO).

International Organization for Standardization (ISO)

An independent, non-governmental organization that develops international standards, comprising representatives from various countries to create standards for a wide range of industries, and resource codes. Incompatible with Independent Sales Organization (ISO).

Issuer

The bank or financial institution that provides a card to the cardholder, authorizing the card's use for transactions and oversees the card's activities.

Individual Identification Number (IIN)

A unique identifier generated by TabaPay Clients for every transaction. Must be unique for each combination of Company Name and Company ID. Must be unique over a rolling 10-day period (TabaPay recommends this being unique for every transaction). While using ACH API, the referenceID in our Create Transaction requests maps to IIN.

JavaScript Object Notation (JSON)

A lightweight data format that systems can parse and generate for humans to read. It is commonly used for transmitting data between a server and a web application as text. JSON structures data as key-value pairs, arrays, and objects.

Know Your Business (KYB)

The process of verifying an organization and the nature of its business to ensure compliance with regulatory requirements, prevent fraud, and manage risk.

Know Your Customer (KYC)

The process of verifying the identity of a customer and assessing any risks in doing business with them to help prevent identity theft, financial fraud, money laundering, and terrorist financing.

Merchant Category Codes (MCC)

Four-digit numbers used by credit card networks to classify businesses based on the type of goods or services they provide, affecting rewards, tax reporting, and fraud detection.

Me2Me

Refers to a type of payment flow where an account holder transfers funds from one account to another account they own.

Merchant Identifier (MID)

Identifies a specific program, or merchant with TabaPay.

Multi-Factor Authentication (MFA)

A security process that requires users to provide two or more verification factors to access a resource, enhancing protection against unauthorized access.

Merchant Initiated Transaction (MIT)

Any transaction that is successfully conducted without the active participation of the cardholder.

Money Services Business (MSB)

A company that provides financial services like money transfers, currency exchange, and payment processing, that serve as accessible financial points for consumers, especially those who may not have access to traditional banking services.

Money Transmission

The process of transferring funds from one person or entity to another, often through different financial services or systems. It includes various methods like electronic payments, wire transfers, and physical cash transfers.

Money Transmitter License (MTL)

A state regulated license a businesses to provide money transmission services, including transferring funds between parties, currency exchange, and issuing or selling payment instruments.

National Automated Clearing House Association (Nacha)

An organization that governs the ACH payments Network to deliver payments education, accreditation and advisory services.

Near Field Communication (NFC)

Near Field Communication is a technology that allows two devices—like a smartphone and a payment terminal—to communicate when they are close together to allow for contactless payment systems, and data transfer.

Office of Foreign Asset Control (OFAC)

Enforces sanctions based on foreign policy and national security goals against specific entities, countries, terrorists, narcotics traffickers, and those involved in weapons proliferation, to help safeguard US security, policy or the economy.

Original Credit Transaction (OCT)

A transaction where funds are first transferred into a bank account.

Originating Depository Financial Institution (ODFI)

The bank or financial institution that initiates an ACH (Automated Clearing House) transaction. The ODFI submits the ACH entries into the network on behalf of its customers. For example, a payroll processor sends direct deposit payroll files to its ODFI, which then forwards these entries into the ACH network for processing

Payment

A transfer of funds when a merchant, or individual accepts a transaction for any goods, services, or legal obligation.

Payment Account Reference (PAR)

A 29 unique character identifier associated with a specific cardholder PAN and its affiliated tokens to be used in place of sensitive consumer identification fields, and transmitted across the payments ecosystem to facilitate consumer identification.

Payout

A transaction that moves funds from a sender's bank account to a recipient's bank account.

Payment Card Industry Data Security Standards (PCI-DSS, or PCI)

A set of standards that participants in the payment card ecosystem must follow to help ensure the safety of payment card data.

Person to Person (P2P)

A transaction that moves funds from a sender's bank account to a recipient's bank account.

Personally Identifiable Information (PII)

Any information that can be used to distinguish or trace a person's identity, such as their name, Social Security number, biometric records, or other data linked to them.

Point of Sale (POS)

The system where customer transactions are processed, and completed.

Politically Exposed Persons (PEP)

Individuals who hold a prominent public position, or those associated with them, which can be susceptible to heightened risks of corruption and bribery.

Prearranged Payment and Deposit (PPD)

Relates to the achEntryType field for ACH in Create Transaction.

Pretty Good Privacy (PGP)

An encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for securing emails, files, and directories.

Primary Account Number (PAN)

A unique identifier assigned to an individual payment card, such as a credit or debit card.

Pull

A transaction initiated by the receiving party that draws funds out of a source account into a receiving, or destination bank account. See Overview of Instant Pull Payments.

Push

A transaction initiated by the sending party that credits an account where funds are being sent out of a source account into another account, or card. Also known as a Payout or Disbursement. See Overview of Instant Push Payments.

Quasi-Cash

A type of transaction related to the purchase of items that can be directly converted to cash. For example, casino game chips, lottery tickets, cryptocurrency, or money orders.

Real Time Payments (RTP)

An instant payments platform from The Clearing House that allows financial institutions to clear and settle payments between them in real time.See Overview of RTP.

Receiving Depository Financial Institution (RDFI)

The bank or financial institution that receives ACH entries from the ACH network and posts them to the accounts of the intended recipients. For example, When a customer receives a direct deposit of their paycheck, their bank acts as the RDFI by accepting the ACH entry and crediting the funds to their account.

Remittance

A transfer of money by one person in one country to a person in another country, usually to a family member

Remote Payment and Presentment Service (RPPS)

A fully electronic solution for bill payment processing that provides electronic routing, posting, and same day settlement of financial transactions. See Bill Payments using RPPS.

Request for Payment (RFP)

A digital request from a receiver to a sender, specifying the amount and expiration date. It streamlines and secures financial transactions by automating Real-time payment processes. See RTP for Non-Bank Clients.

Response Codes (RC)

Specific values that indicate a result returned from networks, servers or verifications after an API request.

Secure File Transfer Protocol (SFTP)

Secure File Transfer Protocol securely transfers files over a network, encrypting both commands and data, typically via Transmission Control Protocol (TCP) port 22.

Self-Assessment Questionnaire (SAQ)

A validation tool intended to assist merchants and service providers report the results of their PCI DSS compliance assessment. There are different question program specific questionnaires for merchants (e.g. A, D).

Sender

An individual or entity who is sending funds to a beneficiary.

Settlement

When a financial transaction completes by crediting the destination bank account.

Software as a Service (SAAS)

A cloud-based solution where applications are hosted by a provider and accessed by users over the internet, offering accessibility, automatic updates, scalability, and reducing the need for on-premises software and hardware.

Source Account

The JSON object "sourceAccount", which typically contains a card, bank account, or link object with an owner object. Not used with "sourceAccountID". See Create Account.

Source Account ID

22-character TabaPay Account ID. For push transactions, use your Settlement Account ID here (issued during onboarding). For pull transactions, you will generate an AccountID beforehand using Create Account.

Sponsor Bank

A bank that enables payment processors and Independent Sales Organizations (ISOs) to access major card networks like Visa and MasterCard for transaction processing.

Status Codes (SC)

Standardized Numerical Values to indicate the result of an API server request. Also known as HTTP Status Codes, or HTTP Response Codes.

Stored Credentials

Payment credentials that have been stored to process future card payments. If you are creating an account for each user to transact using TabaPay’s API, you are storing credentials.

SubClient ID

A 4, 6, or 8-digit value, specifying a program under a client. If you're unsure what value to use, ask TabaPay support. You may need to append this value to your ClientID with the "_" character as a separator (i.e. ClientID_SubClientID) within your API URL.

TabaPay

Did you know TABA stands for There And Back Again (subtitle to The Hobbit). TABA. Round trip payments. Push and Pull. It all makes sense, doesn't it?! TabaPay offers secure, reliable, and lower cost instant payments for any business to accept payments, or disburse funds through one unified API.

The Clearing House (TCH)

An organization and network of financial institutions that facilitates the clearing and settlement of payments in the United States including ACH, wire payments, check image clearing, and real-time payments through the RTP network.

Three-Domain Secure (3DS)

A messaging protocol used to authenticate cardholder information when processing card-not-present (CNP) payments.

Token

A unique identifier for sensitive information, used to protect data while passing information. TabaPay uses many different tokens including: Bearer Token, PCI-Token, Account IDs, and third party Processor Tokens.

A transfer of funds from one party to another that is a push or pull and uses many forms including cash, check, electronic funds transfer, credit or debit card transactions, or online payment services.

Transaction Authentication Verification Value (TAVV)

Similar to CAVV and is used in the context of the 3-D Secure (3DS) protocol for card authentication. It is a value provided by the card issuer to verify the authenticity of a transaction, ensuring that it is being conducted by the legitimate cardholder.

Ultimate Beneficial Owner (UBO)

The person(s) who owns or controls a legal entity or arrangement, such as a company or a trust.

Visa Merchant Identifier (VMID)

A unique id number that represents a merchant transacting using the Visa network.

Void

Cancels an authorized transaction before it is settled, preventing funds from being withdrawn and removing any authorization hold on the cardholder’s account.

WEB

Web Application/Internet/Mobile Initiated Entry. Relates to the achEntryType field for ACH in Create Transaction.

Webhooks

Automated messages sent from TabaPay when something happens, so that different systems are in sync without manual input.



Questions? Contact Sales or make a post