Skip to content
English
Go to Zai
  • There are no suggestions because the search field is empty.

Glossary

This glossary includes key payments-related terminology and concepts to help you understand the world of payments.

#

2FA

Two-factor authentication (2FA), or multi-factor authentication (MFA), strengthens account security by verifying a user’s identity using two different factors, typically a password (something they know) and a secure, one-time code from a registered device like a smartphone app (something they have).

3D Secure (3DS)

3D Secure is an extra security step used for online card payments. It helps confirm that the person making the payment is the rightful cardholder, reducing fraud and unauthorised use.

You may recognise 3D Secure as the step where your bank asks you to approve a payment, for example by entering a one-time code, using a banking app, or confirming the transaction on your phone.

There are two versions of 3D Secure:

    • 3DS1 is the older version and often requires the cardholder to complete an extra step, such as entering a password or code in a separate screen.

    • 3DS2 is the newer version and is designed to be smoother and less disruptive. It allows banks to assess risk in the background, meaning many payments can be approved without any extra action from the cardholder.

When extra verification is needed, 3DS2 usually uses familiar and quick methods like biometric approval or a one-time code, making the payment experience faster and more seamless.

A

ABN

The Australian Business Number is a unique identifier issued to businesses by the Australian Business Register, which is operated by the Australian Taxation Office.

Acquiring bank

Also known as acquirer. A bank or financial institution that processes card payments on behalf of a seller.

Address

Addresses are associated with users and companies. The user address is required for users that transact as sellers, and is optional for buyers. If the user is the principal of a company, then the company address is also required.

While an address is optional for users transacting as buyers, it is recommended that you capture and create all users with an address, as they may at some stage be a seller on your marketplace or platform.

API (Application Programming Interface)

An API is a set of rules and tools that allows different software systems to communicate. In Zai, the API lets your platform create users, process payments, retrieve transaction data, and integrate wallet and account functionality programmatically.

B

Bank account

A Bank Account can be used to fund payments via direct debit or to receive payouts, and is associated with a specific user.

When created, Zai returns a token instead of bank details. This token is stored by your platform and used for transactions. A Direct Debit Authority is required to use a bank account as a funding source.

Bank accounts can also be set as a disbursement destination, allowing funds from a user’s digital wallet to be paid out to the account.

Batch transactions

Batch Transactions allow you to view the status of batched funds, inbound or outbound. Transactions are batched when using a Bank Account to fund an Item, or when disbursing funds to a Bank Account.

BECS (Bulk Electronic Clearing System)

BECS is the Australian system used for processing direct debit and direct credit payments between bank accounts. It enables businesses to collect or send funds electronically in batches.

BIN

The bank identification number (BIN) is the first four to six digits of a payment card number. It identifies the bank or institution that issued the card and helps link transactions to the card issuer.

BPAY

BPAY is an Australian electronic bill payment system that allows payments to be made from a bank account to a biller using a Biller Code and Reference Number. It is widely used for paying bills securely through online or mobile banking.

BSB

A Bank-State-Branch (BSB) number is a numerical code that identifies an individual branch of a financial institution within Australia. This six digit number, plus your account number, is used to identify an account.

Buyer

A buyer is a user who purchases any assets or services on your platform through a transaction.

C

Card account

A Card Account can be used as a funding source and is linked to a specific user.

When a Card Account is created, Zai returns a token. Your platform should store this token (not the card details) and use it when making payments.

Card data must be handled according to PCI-DSS requirements.

Card scheme

Card schemes are payment networks associated with payment cards, offered as services by banks and other financial institutions. Well-known card schemes are American Express, Mastercard and Visa.

Chargeback

A chargeback is when a consumer’s bank reverses a payment, returning funds to the consumer after a disputed transaction.

CNP

Card-not-present (CNP) refers to a purchase a consumer makes without physically presenting a credit or debit card at the time of purchase. CNP transactions often occur online, where cards cannot be physically handled or swiped.

Company

If the seller of an item is a company, then it is important to create an associated company. The Company allows for invoices and other emails to be tailored with Company details rather than User details. A Company will also have an associated Address.

CRN (Customer reference number)

A CRN is a unique identifier provided by a biller such as BPAY that links a payment to a specific customer account. When making a BPAY payment, the CRN ensures the funds are correctly applied to the intended Wallet Account in the Zai system.

D

Device ID

A device ID is a unique identifier assigned to a specific device, such as a smartphone, tablet, or computer. It is generated from a combination of information, including the device’s MAC address, IP address, and other identifying characteristics, allowing systems to recognise and track the device securely.

Digital wallet

See Wallet Account.

Direct credit

Direct Credit is a payment method where a business or payer sends funds directly into a user’s bank account.

Direct debit

Direct Debit is a payment method where a user authorises a business to automatically withdraw funds from their bank account to pay for goods or services.

Direct debit authority (DDA)

A Direct Debit Authority is a user’s authorisation to debit their bank account for payments or to fund a wallet. It must be obtained before using a bank account as a funding source and serves as proof of authorisation if needed.

Direct entry

Direct Entry is an Australian electronic payment system used for processing direct debit and direct credit transactions between bank accounts. It enables businesses to collect or pay funds efficiently in batches.

E

F

Fee

As a platform or marketplace you may want to charge your users fees. Fees are applied to Items and will add or subtract from the amount based on the User, payment type, or disbursement account type.

First-party fraud

First-party fraud refers to when a consumer makes a purchase with their own credit card and then issues a chargeback through the card provider (after receiving the goods or services) to cancel the transaction and refund the money.

I

iFrame

An inline frame (or iFrame) is an HTML element which allows you to embed HTML content inside another HTML page. It is useful when you want to display an independent web page within another web page.

IP address

An internet protocol address (IP address) is a numerical label assigned to each device (for example, a computer, mobile phone, or a printer) participating in a computer network that uses the internet protocol for communication. An IP address serves two principal functions: host or network interface identification and geolocation.

Issuing bank / Issuer

Also known as card issuer or card-issuing bank. A bank or financial institution that offers and issues payment cards (such as a credit card) directly to consumers

Item

Items are the core component of your payments workflow. They connect Users, allowing them to pay and receive money for an item or service.

Item action

Once you have created an item you can perform actions on it. The actions that can be performed are limited by the items payment type and the items current state.

The most common escrow workflow is to request_payment, make_payment, request_release and release_payment. There are also refund actions and dispute actions.

The most common express workflow is to request_payment and make_payment. An express item releases the funds immediately to the seller.

Some item actions require parameters to be passed with the action. For example, make_payment requires the token of the payment account.

For more information on all available item actions, see Item actions in the API Reference.

J

JSON

JSON (JavaScript Object Notation) is a lightweight format for structuring data, used throughout Zai’s API to send and receive information. API requests and responses, including objects like Users, Items, and Transactions, are formatted as JSON for easy processing and integration.

K

Know your customer (KYC)

Know your customer is the process of a business verifying the identity of its clients. The term is also used to refer to the bank regulation which governs these activities.

L

Low-Value Test (LVT)

A Low Value Test (LVT) is a small payment used to verify that a payment platform, bank account, or card is valid and able to receive or send funds. LVTs are typically low-risk amounts, often reversed or refunded after verification.

M

Marketplace

An online marketplace (or online e-commerce marketplace) is a type of platform where product or service information is provided by multiple third parties. Transactions are processed by the marketplace operator.

Merchant Category Code (MCC)

A merchant category code is a four-digit number used by payment card companies to classify the type of goods or services a business or merchant provides.

Merchant ID (MID)

A merchant ID (MID) is a unique number assigned to a merchant account to identify it throughout the course of transaction processing activities.

Mutual authentication

Mutual authentication is a process wherein two parties, usually a client and a server, authenticate each other before any application information is exchanged. Authentication happens when both parties verify each other’s identity as a trusted source.

N

New Payments Platform (NPP)

The New Payments Platform (NPP) is an Australian real-time payment system that allows instant transfers between bank accounts. It supports fast, data-rich payments, including PayIDs, and enables payments 24/7.

O

P

PayID

A PayID is a simple, user-friendly identifier such as a phone number, email address, or ABN that links to a bank account used by the Australian NPP system. It allows people and businesses to receive payments without sharing their BSB and account number.

Payment gateway

A payment gateway is an e-commerce application service provider that authorises credit card payments for e-businesses, online retailers, bricks and clicks, or traditional brick and mortar. It is the equivalent of a physical point of sale terminal located in most retail outlets.

PayTo

PayTo is an Australian electronic payment service that allows businesses to automatically debit funds from a customer’s bank account with their authorisation. It provides a modern, secure alternative to traditional direct debit.

Platform

A platform is any business that has both multiple buyers and multiple merchants interacting with one another.

PCI DSS (Payment Card Industry Data Security Standard)

PCI DSS is a set of security standards designed to protect payment card data. It defines requirements for storing, processing, and transmitting card information to reduce fraud and data breaches.

Q

R

Risk appetite

Risk appetite is the level of risk a company is willing to accept in pursuit of its goals. It guides decision-making, helping the company balance potential rewards against possible losses.

S

Seller

A seller is an end-user who sells, or offers, any assets or services via a Platform.

Sock puppeting

A user operating two separate profiles in order to make purchases from themselves in order to inflate their own ratings and feedback. This is similar to Shill Bidding without the fraud aspect; whilst not considered true fraud, it breaks our terms and conditions and casts doubts on the user’s true agenda.

Soft descriptor

Also known as billing descriptor, custom descriptor or dynamic descriptor. These provide a description of transaction that appears on the account holder’s statement.

In Zai, there are two type of descriptors: dynamic descriptors which are set using pre-defined data such as a user name or your platform name and custom descriptors which you can use to add contextual information to a payment.

SSL

SSL is a security technology that creates a private, encrypted connection between a user’s browser and a website. Websites using SSL display a padlock in the browser address bar and require an SSL certificate, which verifies the site’s identity.

T

Tokenisation

Tokenisation is the process of replacing sensitive data with a unique identifier, called a token, which cannot be reversed to reveal the original data. In payments, tokens are commonly used to replace card information for security.

Transaction

A transaction represents a movement of funds related to an Item. Multiple transactions can occur for a single Item, such as the initial funding, the release of funds, fees, or a refund.

U

User

A user is a buyer or seller who can send or receive payments. Once created, a user can be associated with objects such as accounts, items, companies, and addresses. Certain data is required when creating users, especially for sellers.

User Verification

User verification is the set of processes implemented by Zai in order to verify the information of customers and their users in order to meet compliance obligations.

UUID

A UUID (universally unique identifier) is a long, unique code that can be used to identify and track something across different systems without duplicates.

V

Virtual Account

A Zai virtual account is a unique BSB and account number linked to a user’s digital wallet that lets you automatically match, track, and reconcile incoming payments, especially NPP and direct credit payins. It gives your platform clear visibility of where funds come from and reduces manual reconciliation work by tying each payment directly to the correct user and wallet.

W

Wallet account

A Wallet Account is used to fund payments for Items or to receive proceeds from transactions. Each user automatically has a Wallet Account.

Wallet Accounts must be funded from a bank account or the proceeds of other Items. When making a payment from a Wallet Account, your platform uses the account’s token rather than the underlying account details.

Funds released from an Item to a user as the seller are credited to the user’s Wallet Account.

Webhook

A webhook is a way for Zai to notify your system automatically when an object changes, such as an Item updating after a direct debit payment. When triggered, Zai sends a JSON payload with the object’s details to the URL you provide.

Each object type (Items, Users, Companies, Addresses, Accounts, Disbursements, Transactions, and Batch Transactions) can have only one webhook enabled.

Webhooks must use HTTPS with a valid SSL certificate (self-signed certificates are not supported). When creating a webhook, Zai sends a test payload to your URL, and it is only created if the URL responds successfully.

For setup instructions, see Callbacks under Integration and Setup.

X

Y

Z