Maithean Home






Electronic Commerce

NetPay Wallet 

NetPay Merchant 

NetPay Gateway 









Maithean NetPay SecureTranz  

NetPay SET Certified

NetPay Designed for Windows



This glossary contains definitions and terminology particular to NetPay, SET,  and basic electronic commerce terminology. 

NetPay System 

ABA Routing Number
Unique bank identifying number that directs electronic ACH deposits to the proper bank — this number precedes the account number printed at the bottom of a check. This number is usually printed with magnetic ink.

Acquirer or Acquiring Bank
A financial institution (or its agent) which receives electronic financial data from a Merchant relating to a transaction and initiates that data into an interchange system. The Acquirer is the Merchant Account issuer. The Acquirer works directly with businesses to establish Merchant Accounts. Merchant Accounts establish a way in which monies may be deposited into a business deposit account collected from a cardholder’s bank (or account).

Acquirer Payment Gateway
The payment gateway is a system operated by an Acquirer for the purpose of providing electronic commerce services to the merchants who support the Acquirer, and interfaces with the Acquirer to support the authorization and capture of transactions.

Process which seeks to validate identity (merchants and cardholders) or to prove the integrity of a transaction. Authentication in public key systems uses digital signatures.

This is a process that assesses transaction risk, confirms that a given transaction does not raise the account holder's debt above the account's credit limit, and reserves the specified amount of credit. (When a merchant obtains authorization, payment for the authorized amount is guaranteed ­ provided, that the merchant followed the rules associated with the authorization process.)

The portion of time that a system can be used for productive work, expressed as a percentage.

Capacity of a network or data connection, often measured in kilobits/second (kbps) for digital transmissions.

Software resident on a cardholder's computer that provides an interface with public data networks such as the World Wide Web.

Client (Thin-Client / Fat-Client)
Software resident on a hardware device that retrieves information from a server. Maithean's NetPay Client/Server solution both "thin" and "fat" client computing models. Under the NetPay Thin Client model, clients display the user interface of an application and provide only the minimum application logic required to maintain transaction security and integrity.

Group of independent systems working together as a single system. Clustering technology allows groups of servers to access a single disk array containing applications and data.

A transaction sent after the merchant has shipped the goods. This transaction will trigger the movement of funds from the Issuer to the Acquirer and then to the merchant's account.

A person or company that holds a valid payment card account and uses software supporting online commerce.

Cardmember Agreement
Contract with a customer which sets forth the customer's responsibilities and governs which security process will be used in the conduct of business between the institution (Bank of America) and customer.

Card Not Present (CNP) Transaction
A situation where the cardholder (and the card) is not physically present at the time of purchase. Typical CNP transactions take place in businesses focussed on Mail Order/Telephone Order, Business to Business, and Internet-based transactions.

Card Present Transaction
A situation where the cardholder (and the card) is physically present at the time of purchase. Card present transactions account for the majority of credit card transactions in the world and are accounted for by traditional retailers (e.g. Gas station or restaurant) and all other situations where the cardholder is present at the time of purchase.

A digital certificate is a special kind of digitally signed message that contains information about a public key and the owner of a public key. A real world equivalent would be a driver's license or similar identification card that requires multiple forms of identification to be presented before it is obtained.

Certificate Authority
An entity trusted by one or more users to create and assign certificates. In the example of the driver's license, a state government validates that the owner of a particular license is who they say they are and they are represented by a picture on the license.

Certificate Chain
A base certificate plus a sequence of all digital certificates up to but not including the Root Certificate.

Certificate Renewal
Process by which a new certificate is created for an existing public key.

The process of ascertaining that a set of requirements or criteria has been fulfilled and attesting to the fact to others usually with some written instrument. Software that has been inspected and evaluated as fully compliant with the SET protocol by duly authorized parties and process are said to be certified compliant. With respect to security, sometimes refers to the technical evaluation of a piece of software's security features.

Corporate Purchase Card
Identical physically to a personal credit card, a purchase card has the ability to (1) regulate card usage and (2) transfer enhanced information back to the cardholder statement for reconciliation purposes (see Level 2 data and Customer Code).

Cryptographic Key
A value which is used to control a cryptographic process, such as, encryption or authentication. Knowledge of an appropriate key allows correct decryption or validation of a message.

Mathematical process used for encryption or authentication of information. SET™ transforms data in order to hide its content, prevent its undetected modification, and prevent its unauthorized use.

Customer Code
One of two additional fields captured with Level 2 data. Assigned by the cardholder, and normally used for tracking the purchase (e.g. Purchase Order number, Job Number, Department Code, employee number). This data is captured at the point of sale by the seller, and is transmitted through to the processor in order to be displayed on the cardholder’s monthly statement.

Digital Envelope
A digital envelope is a generic cryptographic technique used to encrypt data and to send the encryption key along with the data. Generally, a symmetric algorithm is used to encrypt the data, and an asymmetric algorithm is used to encrypt the encryption key.

Digital Signature
Information encrypted with an entity's private key, which is appended to a message to assure the recipient of the authenticity and integrity of the message. The digital signature proves that the message was signed by the entity owning, or with access to, the private key.  

Discount Rate
The percentage fee charged by the acquiring bank to advance and collect credit card and purchase card transaction sales monies. Percentage varies based on your average sale amount, annual credit/purchase card sales volume and nature of business.

Electronic Commerce
The exchange of goods and services for payment between a cardholder and merchant when some or all of the transaction is performed via electronic communication.

Electronic Wallet
Software loaded onto a personal computer containing a customer's payment card information, digital certificates and cryptographic keys.

Process of converting information so as to render it unintelligible to anyone except holders of a specific cryptographic key. Use of encryption protects information between the encryption process and the decryption process (the inverse of encryption) against unauthorized disclosure.

An acronym for Enterprise Resource Planning systems that permit organizations to manage resources across the enterprise and completely integrate manufacturing systems.

Fault Tolerance
A design method that ensures continued systems operation in the event of individual failures by providing redundant system elements.

Financial Institution
An establishment responsible for facilitating customer-initiated transactions or transmission of funds for the extension of credit or the custody, loan, exchange, or issuance of money.

Goods and Services Order
The price, currency, payment method, and other terms of the transaction (also referred to as the Order Description in SET).

Hypertext Transport Protocol. This protocol provides for the delivery of URLs from clients to servers and the delivery of text files (like HTML and HDML) from servers to clients. HTTP is part of the TCP/IP protocol suite.

The exchange of information, transaction data and money
among banks. Interchange systems are managed by Visa and MasterCard
associations and are very standardized so banks and merchants worldwide
can use them.

Interchange Fee
A fee paid by the acquiring bank/merchant bank to the
issuing bank. The fee compensates the issuer for the time after settlement
with the acquiring bank/merchant bank and before it recoups the
settlement value from the cardholder.

The largest collection of networks in the world that are interconnected in such a way as to allow them to function as a single virtual network.

The ability to exchange keys, both manually and in an automated environment, with any other party implementing this standard, providing that both implementations use compatible options of this standard and compatible communications facilities.

A financial institution or its agent that issues the payment card to the cardholder identified by the primary account number (PAN).

Level 2 (Data)
Additional information captured during a Purchase Card transaction, consisting of a Customer Code and a separate Sales Tax field. This data cannot be transferred using a standard (Level 1) Credit Card. Corporate Purchase Cards make it possible for businesses to track purchases and sales tax expenses using level 2 data.

Mail Order/ Telephone Order
A type of payment card transaction where the order and payment information is transmitted to the merchant either by mail or by telephone in contrast to a "card present" or face-to-face transaction when a
customer is making a purchase at the merchant's store. This type of transaction is also referred to as a "MOTO transaction".

A seller of goods, services, and/or other information who accepts payment for these items electronically. The merchant may also provide electronic selling services and/or electronic delivery of items for sale. The Merchant must have a relationship with a Acquirer to accept a bank issued credit cards. 

Message Code Authentication
Code appended to a message by the sender, which is the result of processing the message through a cryptographic process. If the receiver can generate the same code, confidence is gained that the message was not modified and that it originated with the holder of the appropriate cryptographic key.

Message Digest
Message digests help verify that a message has not been altered because altering the message would change the digest.

Collection of communication and information processing systems which may be shared among several users.

Order Inquiry
The request made by the cardholder to the merchant to determine the status of a purchase request.

Payment Card
A term used in SET to collectively refer to the credit cards, debit cards and charge cards issued by a financial institution and reflects a relationship between cardholder and financial institution.

A major factor in determining the overall productivity of a system, performance is primarily tied to availability, throughput and response time.

POS (Point of Sale) Terminal
The tool used to capture credit or purchase card information for payment of goods/services, in either Card Not Present and/or Card Present transactions. SoftTerminal (a POS Terminal) is capable of Level 2 data capture, is mobile (use via web browser), and supports any number of users on a single account (all can be entering sales simultaneously).

Processor (transaction processing networks)
Provides credit card processing, billing, reporting, settlement and operational services to acquiring and issuing banks.

Purchase Card – see Corporate Purchase Card

Post Transaction
This is a transaction that allows a merchant to submit a previously authorized transaction to the Acquirer for payment.

Primary Account Number (PAN)
The assigned number that identifies the card issuer and card holder. This account number is composed of an issuer identification number, an individual account Number Identification, and an accompanying check digit, as ISO 7812-1985: Identification Cards - Numbering system and registration procedure for issuer identifiers.

Privacy is the protection of sensitive and personal information from unintentional and intentional attacks and disclosure.

Private Key
A cryptographic key used with a public key cryptographic algorithm, uniquely associated with an entity, and not made public. This key is used to create digital signatures, or to decrypt messages or files. It is the key that you alone know, allowing you to decrypt messages sent to you using your public key.

Public Key
A cryptographic key used with a public key cryptographic algorithm, uniquely associated with an entity, and which is available publicly. It is used to verify signatures that were created with the matched private key. Public keys are also used to encrypt messages or files that can only be decrypted using the matched private key. You can freely distribute your public key to other people, allowing them to communicate with you securely.

Public Key Certificate
Public key and identification data signed by a trusted third party to provide authentication and integrity of the key.

Public Key Cryptography
A field of cryptography invented in 1976 by Whitfield Diffie and Martin Hellman that depends on a matched pair of inverse keys. Information encrypted with one key can only be decrypted with the other. This public key provides a user with the facility to both encrypt and decrypt data or text.

Registration Authority
An independent, third-party organization that processes payment card applications for multiple payment card brand associations and forwards applications to the appropriate financial institutions.

Recurring Payments
A type of payment transaction initiated by the cardholder that permits the merchant to process multiple authorizations. There are two kinds of recurring payments: multiple payments for a fixed amount (for example, four easy payments of $9.95) or repeated billings (for example, a monthly bill from an Internet service provider).

Remote Access
The hookup of a remote computing device via communications lines such as ordinary phone lines or wide area networks to access network applications and information.

Root Certificate
Certificate at the top of the certificate hierarchy.

Secure Socket Layer
SSL was developed by Netscape Communications to provide security and privacy over the Internet. The protocol supports server and client authentication and maintains the security and integrity of the transmission channel by using encryption, authentication and message authentication codes.

Sales Transaction
A payment authorization transaction that allows a merchant to authorize a transaction and request payment in a single message to the Acquirer.

The ability to expand a computing solution to support large numbers of users without impacting performance.

Computer which acts as a provider of some service to other computers, such as processing communications, interface with file storage, or printing facility.

Server Farm
A group of servers that are linked together as a ‘single system image’ to provide centralized administration and horizontal scalability.

SET (Secure Electronic Transaction)
SET is a advanced cryptographic based protocol designed to safeguard payments and protect user privacy for purchases made over open public networks.  Encryption protects the transactions from being intercepted or altered.  In addition, digital certificates electronically identify each party involved in a transaction, helping assure that the person at each end of the Internet connection is who he or she claims to be and has the authority to pay or receive payments.  The SET specification was originally developed by Visa International and MasterCard International in February 1996 with participation from leading technology companies around the world. 

As the sales transaction value moves from the merchant to
the acquiring bank, to the issuer, each party buys and sells the sales ticket.
Settlement is what occurs when the acquiring bank and the issuer
exchange data or funds during that function.

Server-based Computing
An innovative, server-based approach to delivering business-critical applications to end-user devices, whereby an application’s logic executes on the server and only the user interface is transmitted across a network to the client. Its benefits include single-point management, universal application access, bandwidth-independent performance, and improved security for business applications.

A sequence of one or more messages between two or more parties.  One example of a transaction is the process that takes place when a cardholder makes a purchase with a credit card.

Transaction Processing 

Real-Time Traction Processing
Live connection to the transaction processing networks, allowing immediate funds authorization. Authorization is returned just seconds (normally 2 to 5 seconds, depending on your web connection) after the transaction is submitted. Immediate authorizations enable businesses to identify bogus cards or cards without accessible funds immediately, reducing fraudulent transactions for the seller and the acquirer.

Off-line / Batch Transaction Processing
Card and sale data is stored for later submission and authorization attempt. Especially for immediate shipment or delivery of goods/services, off-line payment processing is risky. Card number and expiration date errors, stolen cards, or any other "unapproved" situation is much more likely. 

Maithean, NetPay, Personal Commerce Assistant, PCA, SecureTranz, Fusion/C++, and Fusion/J++ are trademarks of Maithean.  All other company, product, and brand names are trademarks of their respective owners. 

Copyright © Maithean.  All Rights Reserved.