Support

Payments

Overview: Global

Glossary

This glossary includes key payments-related terminology and concepts to help you understand the world of payments.

2FA

Two-factor authentication, also known as 2FA, is a technology that provides identification of users by means of the combination of two different components, such as a username/password and a secure, authentication code.

3-D Secure (3DS)

3-D Secure is an XML-based protocol designed to be an additional security layer for online credit and debit card transactions.

There are 2 versions of 3DS available (3DS1 and 3DS2). 3DS2 (also known as 3DS 2.0, or EMV® 3-D Secure) is the latest version that captures and sends more data elements on each transaction in a less disruptive way, meaning a better user experience for the payer.

A

ABN

The Australian Business Number is a unique identifier issued to businesses by the Australian Business Register, which is operated by the Australian Taxation Office.

ACH

Automated Clearing House (ACH) is an electronic network for financial transactions in the United States. ACH processes large volumes of credit and debit transactions in batches. ACH credit transfers include direct deposit, payroll and vendor payments.

Acquiring bank

Also known as acquirer.

A bank or financial institution that processes card payments on behalf of a seller.

Address

Addresses are associated with users and companies. The user address is required for users that transact as sellers, and is optional for buyers. If the user is the principal of a company, then the company address is also required.

While an address is optional for users transacting as buyers, it is recommended that you capture and create all users with an address, as they may at some stage be a seller on your marketplace or platform.

B

Bacs

The Bacs Payment System processes Bacs Direct Credits and Direct Debits in the UK. Bacs transfers typically take three working days to clear.

Bank account

Bank Accounts can be used as a funding source for direct debit / ACH pull transactions, or as a payout destination. Bank accounts are associated with users.

When creating a Bank Account, a token is returned, similar to a Credit Card token. You need to store the token (and not the bank account details) against the user on your platform. When using a Bank Account as a funding source, the relevant token is passed to the make payment Item Action. Additionally a Direct Debit Authority needs to be created in order for a Bank Account to be used as a funding source.

A Bank Account can also be set as a Disbursement destination. If set, the funds in a User’s Digital Wallet will be disbursed to the Bank Account.

A Bank Account is required for all Users set as a seller even if they wish to use a PayPal Account as their Disbursement destination.

Batch transactions

Batch Transactions allow you to view the status of batched funds, inbound or outbound. Transactions are batched when using a Bank Account to fund an Item, or when disbursing funds to a Bank Account or PayPal Account.

BIN

The bank identification number (BIN) appears as the first four to six digits of a credit card. The bank identification number identifies the institution issuing the card. It can be used to match transactions to the issuer of the card in question.

BSB

A Bank-State-Branch (BSB) number is a numerical code that identifies an individual branch of a financial institution within Australia. This six digit number, plus your account number, is used to identify an account.

New Zealand bank codes also reference BSBs, but these are unrelated to the Australian BSBs.

Buyer

A buyer is a user who purchases any assets or services on your platform through a transaction.

C

Callback

Note: Zai's webhooks service has replaced our Callbacks service.

Callbacks are a useful way of notifying you when an object changes. For example, if an item changes state because we have processed a direct debit, we will post a JSON payload with the item object attributes to the URL provided.

Only one callback can be enabled for an object type (items, users, companies, addresses, Accounts, Disbursements, Transactions and Batch Transactions).

Only HTTPS URLs are supported and it requires a valid SSL certificate. Self-signed certificates are not supported. When creating a Callback the URL provided will be sent a test JSON payload and will only be successfully created if we receive a non-500 response.

Card account

Card Accounts can be used as a funding source. Card Accounts are associated with Users.

When creating a Card Account, a token is returned. You need to store the token (and not the credit card account details) against the user on your platform. When using a Card Account as a funding source, the token is passed to the make payment Item Action.

There are PCI requirements for protecting Credit Card Account data.

Card scheme

Card schemes are payment networks associated with payment cards, offered as services by banks and other financial institutions. Well-known card schemes are American Express, Mastercard and Visa.

CHAPS (Clearing House Automated Payment System)

CHAPS is a payment system used for high-value and time-sensitive GBP transactions. CHAPS guarantees same-day payment, so long as the instructions are received before the workday cut-off time.

Chargeback

A chargeback is the return of funds to a consumer, forcibly initiated by the consumer’s issuing bank. Specifically, it is the reversal of a prior outbound transfer of funds from a consumer’s bank account, line of credit, or credit card.

CNP

Card-not-present (CNP) refers to a purchase a consumer makes without physically presenting his or her credit or debit card at the time of purchase. CNP transactions often occur online, where cards cannot be physically handled or swiped.

Company

If the seller of an item is a company, then it is important to create an associated company. The Company allows for invoices and other emails to be tailored with Company details rather than User details. A Company will also have an associated Address.

D

Device ID

A device ID is a unique string associated with a device. It is generated from a combination of contributing factors, such as the device’s MAC address, IP address, and other identifying factors.

DFAT

The Australian Department of Foreign Affairs and Trade (DFAT) is a department of the Government of Australia charged with the responsibility of advancing the interests of Australia and its citizens internationally. It manages the government’s foreign relations and trade policies.

Direct debit authority

A Direct Debit Authority needs to be created in order for a Bank Account to be used as a funding source for Direct Debit / ACH pull transactions. The Direct Debit Authority is an authorisation from the user to debit their Bank Account for the Item amount or for the funding of a Wallet Account. Ensure that you actually obtain this authorisation because in the event of an issue, it will be required as proof of authorisation.

E

EIN

Applicable to the United States, an Employer Identification Number (EIN), also known as Federal Employer Identification Number, is the corporate equivalent to a Social Security number, although it is issued to anyone, including individuals, who have to pay withholding taxes on employees.

F

Faster Payment System (FPS)

The service facilitates the real-time collection and disbursement of payments of up to £1m* in the UK. FPS is available 24 hours a day, 365 days per year.

*Limits can vary between banks that offer FPS.

FATF

The Financial Action Task Force (FATF), also known by its French name, Groupe d’action financière (GAFI), is an intergovernmental organisation founded in 1989 on the initiative of the G7 to develop policies to combat money laundering. In 2001 the purpose expanded to act on terrorism financing.

Feature configuration

Zai's feature configurations are settings which shape how your platform behaves and handles core functions such as payments, refunds, credit card descriptors, and so on.

Feature configurations are largely handled by Zai to maintain your platform’s integrity, and are set up when you're going into production for the first time.

Fee

As a platform or marketplace you will want to charge your users Fees. Fees are applied to Items and will add or subtract from the amount based on the User, payment type or Disbursement account type.

Fees are disbursed when the funds are released from Escrow, or when the Express transaction completes. Fees are refunded when doing a full refund. Proportional fees, are disbursed for partial releases and also partial refunds.

First-party fraud

First-party fraud refers to when a consumer makes a purchase with their own credit card and then issues a chargeback through the card provider (after receiving the goods or services) to cancel the transaction and refund the money.

I

IBAN

An International Bank Account Number is used in some countries to uniquely identify a customer’s bank account. The IBAN consists of an alphabetical country code, followed by two digits, and then up to thirty five characters for the bank account number.

The IBAN has been implemented by most European countries and numerous countries in the other parts of the world, mainly in the Middle East and in the Caribbean.

iFrame

An inline frame (or iFrame) is an HTML element which allows you to embed HTML content inside another HTML page. It is useful when you want to display an independent web page within another web page.

IP address

An internet protocol address (IP address) is a numerical label assigned to each device (for example, a computer, mobile phone, or a printer) participating in a computer network that uses the internet protocol for communication. An IP address serves two principal functions: host or network interface identification and geolocation.

Issuing bank

Also known as card issuer or card-issuing bank

A bank or financial institution that offers and issues payment cards (such as a credit card) directly to consumers

Item

Items are the core component of your payments workflow. They connect Users, allowing them to pay and receive money for an item or service. Fees can also be set up, allowing you to collect money for various scenarios. These can be set up for buyers and sellers, payment types and payout types.

As a platform or marketplace you will want to charge your users Fees. Fees are applied to Items and will add or subtract from the amount based on the User, payment type or Disbursement account type.

Item action

Once you have created an item you can perform actions on it. The actions that can be performed are limited by the items payment type and the items current state.

The most common escrow workflow is to request_payment, make_payment, request_release and release_payment. There are also refund actions and dispute actions.

The most common express workflow is to request_payment and make_payment. An express item releases the funds immediately to the seller.

Some item actions require parameters to be passed with the action. For example, make_payment requires the token of the payment account.

For more information on all available item actions, see Item actions in the API Reference.

K

Know your customer

Know your customer is the process of a business verifying the identity of its clients. The term is also used to refer to the bank regulation which governs these activities.

M

Marketplace

An online marketplace (or online e-commerce marketplace) is a type of platform where product or service information is provided by multiple third parties, whereas transactions are processed by the marketplace operator.

MCC

A merchant category code is a four-digit number assigned to a business by credit card companies (for instance American Express, MasterCard, VISA) when the business first starts accepting one of these cards as a form of payment. The MCC is used to classify the business by the type of goods or services it provides.

MID

A merchant ID (MID) is a unique number assigned to a merchant account to identify it throughout the course of processing activities.

Mutual authentication

Mutual authentication is a process wherein two parties, usually a client and a server, authenticate each other before any application information is exchanged. Authentication happens when both parties verify each other’s identity as a trusted source.

O

OFAC

The Office of Foreign Assets Control of the US Department of the Treasury (OFAC) administers and enforces economic and trade sanctions based on US foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States.

P

Payment gateway

A payment gateway is an e-commerce application service provider service that authorises credit card payments for e-businesses, online retailers, bricks and clicks, or traditional brick and mortar. It is the equivalent of a physical point of sale terminal located in most retail outlets.

Payment held

A transaction enters into a payment_held state when it meets a level of criteria that has been specifically set based on historical data, through a fraud prevention engine.

When an item is in payment_held state, its corresponding payment is subject to manual review by Zai before it is released or refunded.

PayPal account

Utilising the PayPal service, PayPal Accounts can be used as a disbursement destination within your platform. PayPal Accounts are associated with Users.

Platform

A platform is any business that has both multiple buyers and multiple merchants interacting with one another

R

Risk appetite

Risk appetite refers to the acceptable level of risk that a company is willing to take on.

Routing number

A Routing number is a nine-digit code, used in the United States, which appears on the bottom of negotiable instruments such as checks to identify the financial institution on which it was drawn.

S

Seller

A seller is an end-user who sells, or offers, any assets or services via a Platform.

Sock puppeting

A user operating two separate profiles in order to make purchases from themselves in order to inflate their own ratings and feedback. This is similar to Shill Bidding without the fraud aspect; whilst not considered true fraud, it breaks our terms and conditions and casts doubts on the user’s true agenda.

Soft descriptor

Also known as billing descriptor, custom descriptor or dynamic descriptor.

These provide a description of transaction that appears on the account holder’s statement.

In Zai, there are two type of descriptors: dynamic descriptors which are set using pre-defined data such as a user name or your platform name and custom descriptors which you can use to add contextual information to a payment.

Sort code

A sort code is a six-digit number, is usually formatted as three pairs of numbers, for example 12-34-56. It identifies both the bank and the branch where the account is held. In some cases, the first digit of the sort code identifies the bank itself and in other cases the first 2 digits identify the bank. This is commonly used as the routing number in the United Kingdom.

SSL

Secure Sockets Layer (SSL) is a standard security technology which provides a private and encrypted connection between a client and server. An SSL connection requires an SSL certificate, which contains basic information regarding the identity of a website and the company behind it.

Sites incorporating SSL display a padlock in the browser address bar.

SSN

A Social Security number is a nine-digit number issued to U.S. citizens, permanent residents, and temporary (working) residents. The SSN is used by Zai when onboarding a payout user.

SWIFT code

Also known as bank identifier code (BIC)

SWIFT codes, standing for the Society for Worldwide Interbank Financial Telecommunications, are used for transferring money overseas. They make up part of the 8-11 character identification code of a bank or financial institution.

T

Tokenisation

Replacement of sensitive data with a unique identifier that cannot be reversed mathematically. This unique identifier is called a token, and is commonly used in payments to replace card data.

Transaction

Transactions relate to a payment made for an item. There are typically multiple Transactions per Item. An example: The initial funding, the release of funds, and Fees.

U

Underwriting

Underwriting is to sign and accept liability and guaranteeing payment in case loss or damage occurs. Underwriting is provided by a large financial service provider such as a bank, insurer or investment house.

User

Payments can be paid and received by buyers and sellers. Once a user is set up they can be associated with various objects, including Accounts, Items, Companies, and Addresses. There are a number of data requirements when creating Users, notably for sellers.

User Verification

User verification is the set of processes implemented by Zai in order to verify the information of customers and their users in order to meet compliance obligations.

UUID

Universally unique identifier that allows for the generation of a unique 128-bit value which can be tracked across multiple indexes.

W

Wallet account

Wallet Accounts can be used as a funding source for the payment of items. They need to be funded from a Bank Account or from the proceeds of other Item transactions.

Wallet Accounts are automatically created for each User. You need to store the token against the user on your platform. When using a Wallet Account as a funding source, the relevant token is passed to the make payment Item Action.

Funds that are released from an Item to the user allocated as the seller are placed in the User’s Wallet Account.

Webhooks

Webhooks are the next version of callbacks boasting more rich features. They are a useful way of notifying you when an object changes. For example, if an item changes state because we have processed an direct debit / ACH payment, we will post a JSON payload with the item object attributes to the URL provided.

Only one webhook can be enabled for an object type (items, users, companies, addresses, Accounts, Disbursements, Transactions and Batch Transactions).

Only HTTPS URLs are supported and it requires a valid SSL certificate. Self-signed certificates are not supported. When creating a Webhook the URL provided will be sent a test JSON payload and will only be successfully created if we receive a non-500 response.

To set up webhooks, see callbacks under Integration and setup.

Wire transfer

Wire transfer or credit transfer is a method of electronic funds transfer from one person or entity to another (generally used in domestic US transactions). A wire transfer can be made from one bank account to another bank account or through a transfer of cash at a cash office.