The payments space has a language all of its own. Who are acquirers? What’s a payment terminal? What about a PayFac? Whether you’re a new business owner, software developer or established merchant expanding to new channels, understanding how payments work can be challenging.
To help, we’ve broken down all the essential information you need to know about payments; this glossary explains everything from how transactions work, the players in the payment chain and payment security to billing, compliance and the factors that impact payment processing fees.
By the time you finish reading this, you’ll be your company’s resident payments expert.
General Payment Terms
While most people are familiar with digital payments, there are several terms that can be tricky to wrap your mind around. Still, it’s useful for ISOs, ISVs and their merchants to be able to refer to the solutions they use – and new payment methods they want to offer – in industry terms. Here’s an overview of general payment terms.
A payment terminal (sometimes referred to as a card reader) is a device that reads payment cards and transmits data about the transaction for approval. It can be integrated with the merchant’s point of sale (POS) system to streamline checkout processes and automatically share data with the merchant’s accounting system.
Payment terminals may also be nonintegrated, working as a standalone solution to get approval for a payment card transaction. However, nonintegrated systems require manually entering data into the POS or accounting system.
Card Present vs. Card Not Present
A card-present transaction involves a physical payment card. These transactions occur when a consumer pays at a merchant’s location. For instance, they may purchase something at a checkout counter or with sales associate assistance on a mobile POS device. The merchant can see the customer and request to see the card.
A card-not-present transaction occurs when a customer pays online or by phone. In these cases, the merchant can’t see the card. Card-not-present transactions are considered riskier, and payment processing fees are usually higher.
With card-not-present, it isn’t always obvious how the transaction will be classified. For example, say a customer pays via a QR code in a restaurant. If they pay through a hosted payments page, that purchase will be considered card-not-present, even though a server could see the card.
If you have any questions about the classification of a purchase or payment processing fees, check with your merchant services provider.
Contact vs. Contactless
The technology used in card readers and payment cards impacts how they work. There are two main types of card readers, contact and contactless:
Contact: Some card readers require direct contact with the payment terminal. For example, customers must insert or swipe their cards to communicate with the reader.
Contactless: Other card readers are designed to be contactless, allowing the consumer to simply tap or wave the card near the reader to make a payment.
Near-field communication (NFC) is the technology that enables contactless and mobile wallet payments. It’s a form of radio frequency identification (RFID) that works when two devices or a chip card and a device are about 4 centimeters from each other. NFC enables card data to transmit wirelessly, without contact.
Tap to Mobile
Tap-to-mobile technology allows merchants to accept contactless payments directly onto a smartphone. All merchants need to do is download an app and set up an account. Once their account is approved, they can begin accepting payments via their smartphone; without purchasing and using a payment terminal device.
Attended vs. Unattended
Attended and unattended payments are two additional payment types. With attended payments, a sales associate or cashier assists with the transaction. On the other hand, unattended payments are part of a self-service process where the consumer buys something independently at a kiosk or self-checkout.
eCommerce refers to buying and selling online. Payments are critical to efficient ecommerce processes. Giving online shoppers the option to use their preferred payment methods securely while keeping processes fast and straightforward can minimize shopping cart abandonment and increase revenues.
Consumers make mobile payments using mobile devices. Mobile payments include mobile wallets, such as Apple Pay or Google Pay, mobile peer-to-peer payments, text-to-pay, QR codes and in-app payments.
Buy Now, Pay Later (BNPL)
BNPL is a payment method that allows consumers to split large purchases into interest-free installments without prior credit approval. As inflation rises and budgets tighten, merchants can take advantage of buy now, pay later to capture more sales from cash-strapped consumers by making it easier to pay over time.
Biometric payments use unique biological features to authorize a payment. These features may include fingerprints, facial scans, palm vein scans or voice recognition. Biometric payments offer a unique (and secure) way to confirm a consumer’s identity and authorize a transaction.
Full Commerce Enablement
Full commerce enablement platforms provide solutions across the entire payment ecosystem, from sign up to pay out and benefit both merchants and their payments providers.
For ISOs, ISVs, banks and other merchant acquirers, full commerce enablement solutions streamline the merchant acquiring, underwriting, onboarding and management processes along with providing robust payment solutions across all business channels, including in-store, online, via mobile devices at unattended kiosks, and more, creating one seamless experience for their merchants and to their customers.
The Payments Ecosystem
In addition to general payment terms, it’s essential to understand what happens after a customer inserts a payment card in a terminal or purchases something online. An entire payments ecosystem operates behind the scenes to ensure money flows from consumer to merchant as it should.
The following businesses and solutions work together to provide transaction approvals and ensure that funds are transferred to merchants accurately, securely and expediently.
A payment processor is a service that manages the process of accepting digital payments. Data must move securely from the customer to the merchant (and through various backend approval systems) before the merchant can accept payment. A payment processor provides the infrastructure to manage this process quickly and efficiently.
A payment processor is a service enabling merchants to process payments. A payment gateway, on the other hand, is a tool that securely transmits payment data to various parties for transaction approvals. A payment gateway makes online payments possible and is useful for in-person charges initiated with a card reader or embedded in software applications.
An issuer is a bank, credit union or other financial institution that issues credit or debit cards to consumers. When a customer uses a payment card, the issuer will pay the merchant and charge (or debit) the cardholder’s account.
An acquirer is a bank or payment processor that accepts payments on behalf of a merchant and deposits funds into the merchant’s account. An acquirer communicates with all players in the transaction process to ensure funds reach the merchant securely.
Independent Sales Organization (ISO)
An independent sales organization (ISO) is a business that works with acquirers to resell payment processing solutions and services. ISOs can be affiliated with banks or work independently; however, they are typically not affiliated with card networks.
Large ISOs often develop their own technology and value-added services to enhance their merchants’ payment experiences.
Independent Software Vendors (ISVs)
Independent software vendors (ISVs) develop and sell software in various markets. Some ISVs sell software to merchants and need the ability to accept payments on their platform.
For instance, a software developer may create a solution for barbers that allows them to schedule appointments, assign tasks to employees and manage their bookkeeping. If the developer adds the option to accept customer payments within their software, the barber won’t have to pay for a secondary service - they can manage and accept payments from a single app.
Payment acceptance makes merchant software solutions more valuable and profitable. Because of this, many ISVs work with payments companies to establish secure, seamless payment acceptance options on their platform.
A payment facilitator (PayFac) is a business that creates a master account and onboards clients through its merchant identification (MID). This model gives the PayFac more control over approvals and merchant experiences, resulting in more revenues from payments than if the company simply resold payment services from a partner. However, this model also requires in-house underwriting, compliance, account management and reporting, which adds additional complexity.
Other terms in the payments glossary that are crucial for merchants and their payment providers to understand are terms related to billing. They include:
Interchange fees are the fees merchants must pay to process digital payments. Interchange fees go to the issuing bank, payment processors or gateways, card brands, and the acquiring bank to cover the services they provide during the transaction.
These fees are based on several factors, including card type (debit card, rewards credit card or business credit card,) transaction type (card-present or card-not-present) and the merchant category code.
Merchant Category Code
The payments industry uses merchant category codes (MCCs) to describe a merchant’s industry. MCCs play a role in reporting to the IRS and help determine the payment processing fees a merchant will pay based on risks associated with their business type.
Average Ticket Size
Average ticket size is the average dollar amount of a merchant’s sales. This metric is a key business performance indicator and plays a role in determining payment processing fees. Payment processors use average ticket size to predict risk; the higher the risk, the more fees a merchant will pay.
Monthly Processing Volume
Monthly processing volume is the value of payment card transactions a merchant processes in a month. Card networks and processors use it to set fees; typically, the more volume, the lower the rate per transaction.
A chargeback is initiated when a customer disputes a payment card charge. If the customer’s request for a refund is granted, the money is taken from the merchant’s account and credited to the customer. Merchants have the opportunity to dispute chargebacks, which requires providing documentation to support their case. Merchants must also be careful to avoid a high chargeback rate, which can lead to a high-risk classification and higher payment processing fees.
Payment Security and Regulations
Below we’ve outlined another set of payment terms to help you understand how the payments industry protects cardholder data and payment transactions. These terms describe the standards your business must comply with to accept digital payments.
EMV is an acronym for Europay, Mastercard and Visa. These three companies created the standard to reduce card-present fraud. Cards with an EMV chip communicate with EMV-enabled payment terminals to authenticate payments.
The chips generate a one-time transaction code during payment to protect the cardholder’s account information. EMV cards are also challenging to counterfeit. According to Visa, counterfeit fraud decreased by 76 percent from 2015 to 2018, when the U.S. transitioned to using EMV cards as a standard.
Point-to-point encryption (P2PE) encrypts data from the moment the cardholder inserts or enters their card number until the transaction is processed and completed.
Encryption replaces readable data with ciphertext generated by an algorithm. Only someone with the cryptographic key can decipher the code. Because of this, P2PE transactions are much safer than traditional payment types.
P2PE is typically associated with solutions validated by the Payment Card Industry (PCI). Solutions that aren’t validated by PCI follow end-to-end encryption (E2EE).
Similar to P2PE, tokenization also replaces data readable by humans with something more secure. However, with tokenization, “tokens” are randomly generated alphanumeric characters. Tokens allow merchants to “remember” a customer’s payment information without storing the actual data in its POS system.
Tokenization is one of the most secure forms of data storage because if a hacker gained access, they’d only find randomized characters instead of detailed payment card data.
The Payment Card Industry Security Standards Council (PCI SSC) regulates the payment card industry. It develops, maintains and updates standards to secure payments, payment data and payment processes. Any merchant accepting digital payments must comply with PCI standards to process payments or store payment data.
The Payment Card Industry Data Security Standard (PCI DSS) is the industry's security standard to protect credit card processing and payment data. This standard includes a set of operational and technical requirements that merchants must meet to accept credit card payments.
How to Become Fluent in Payments
Understanding these terms is a good start, but there’s much more to know if you want to fully understand the payments space, how it works and what’s available to your business.
A knowledgeable payments partner who offers full commerce enablement and advanced industry solutions can provide you with the information and guidance you need. To learn more, contact a member of our team or schedule a consultation.