This is the Bank Identification Number (BIN) that is used to clear and settle the transaction within Visa and the country in which it is licensed for use.
A Member that signs a Merchant or disburses currency to a Cardholder in a cash disbursement, and directly or indirectly enters the resulting transaction receipt into Interchange.
With respect to any entity, any other entity controlling or controlled by or under common control with such entity.
A company that provides services on behalf of a group of customers.
An Application Program Interfaces (API) is a software intermediary that makes it possible for application programs to interact with each other and share data.
To view all Visa Developer APIs, refer to Visa Developer APIs.
Authorization determines if a specific transaction request receives an approval or a decline from the issuing bank, or from VisaNet standing in on the issuing bank’s behalf. Once a cardholder initiates a purchase, VisaNet informs the issuer of the transaction, and receives back their approval or decline response. VisaNet then informs the requestor of the response, who passes the information along to the Merchant.
BIN (Bank Identification Number) is a unique six-digit number to identify processors, acquirers, issuers and other financial institutions involved in the interchange process; it is the first six digits of the cardholder’s account number. Also known as Issuer Identification Number (IIN).
A business case captures the reasoning for initiating a project or task. It should be presented in a well-structured written document, but may also sometimes come in the form of a short verbal argument or presentation.
An individual who is issued a Visa card.
An electronic document that contains the public key of the certificate holder and which is attested to by a Certificate Authority and rendered unforgeable by cryptographic technology (signing with the private key of the certificate authority).
The process which Visa uses to review and confirm that specific application proposals may proceed to production access.
Clearing occurs after Authorization and is the process by which validation, financial assessment and actual movement of the Transaction is performed. In finance, the term “Clearing” denotes all activities from the time a commitment is made for a Transaction until it is Settled. However, at Visa, it is the process of collecting individual Transactions from the Merchant via the client or client/Processor and sending those transactions to another client.
This is the process of introducing a new product or production method into commerce—making it available on the market
A Correlation ID, also known as a Transit ID, is a unique identifier value that is attached to requests and messages that allow reference to a particular Transaction or event chain.
In the payment industry, vendors that sell products or services, like shops, supermarkets, and online stores, are referred to as “Merchants.” By way of example, if a Merchant who sells beach balls wants to accept payment in the form of cards or mobile devices, such Merchant can request a POS device from a bank that is in the business of providing payment services to Merchants
OpenSSL is a software library to be used in applications that need to secure communications over computer networks against eavesdropping or need to ascertain the identity of the party at the other end. It has found wide use in internet web servers, serving a majority of all web sites.
A member that initiates an original credit transaction.
Peer-to-peer transactions (also referred to as person-to-person transactions, P2P transactions, or P2P payments) are electronic money transfers made from one person to another through an intermediary, typically referred to as a P2P payment application.
Any of a set of physical properties whose values determine the characteristics or behavior of something.
In computing and telecommunications, the payload is the part of transmitted data that is the actual intended message. The payload excludes any headers or metadata sent solely to facilitate payload delivery.
Provisioning involves the transfer of money from one account to another, and involves a third party. Credit card, debit card, cheque, money transfers, and recurring cash or ACH (Automated Clearing House) disbursements are all electronic payments methods
PCI-DSS (Payment Card Industry Data Security Standard) are common standards for Merchants and third parties resulting from the alignment of Visa and other card associations with the similar goal of protecting payment card account data wherever it is received or stored.
Created by the PCI Security Standards Council, it constitutes an industry led program safeguarding personal information with the following controls, among other things: Merchants’ compliance with card network security requirements; general PCI=DSS compliance by Merchants and their service providers with access to Cardholder or transaction data.
POS (Point of Sale) The Merchant location where a Transaction originates between a Cardholder and a Merchant with the card and Cardholder present; typically, the card magnetic stripe is read and the Dardholder’s signature is obtained.
A cryptographic key that can be obtained and used by anyone to encrypt messages intended for a particular recipient, such that the encrypted messages can be deciphered only by using a second key that is known only to the recipient (the private key ).
This is a company that is directly connected to VisaNet and provides Authorization, Clearing, Settlement, or payment-related processing services for Merchants or members.
Visa Developer offers a set of Application Programming Interfaces (APIs) that provide the ability to incorporate Visa functionality into your projects. A Visa Developer Project is a framework for selected API's and related credentials used to provide access to Visa environments (sandbox, certification, production).
This certificate validates the Project and provides permission to access the Visa Developer resources. It has a validity period.
A prototype is an early sample or model of a product built to test a concept or process or to act as a model to be replicated or learned from. A prototype is generally used to evaluate a new design to enhance precision by system analysts and users. Prototyping serves to provide specifications for a real, working system rather than a theoretical one. In some design workflow models, creating a prototype (a process sometimes called materialization) is the step between the formalization and the evaluation of an idea.
A PSP (Payment Service Provider) is an entity that provides Merchants the ability to accept electronic payments. PSPs can connect to financial institutions, card and payment networks and manage relationships with them as a service to Merchants.
The non-secret portion of the cryptographic method used for verification during a Transaction.
An X.509 Public Key Infrastructure (PKI) is implemented by Visa for issuing and managing digital certificates to be used in conjunction with Visa products and services. This PKI consists of a hierarchy of entities called CAs that issue certificates to “Subscribers” (that is, end-entities or other CAs) within the hierarchy. The term Visa PKI is used to refer to all of the Subscribers from the root CA all the way down to the lowest level end-entity.
Settlement is the final stage of dual message transaction processing. In order to finalize a Transaction’s processing flow, VisaNet needs to know the final amount due from or due each part involved in the Transaction. Settlement’s purpose is to calculate and report the net financial positions of the parties to the Transaction, and facilitate the movement of the funds between them.
SoapUI is an open-source web service testing application for service-oriented architectures (SOA) and representational state transfers (REST). Its functionality covers web service inspection, invoking, development, simulation and mocking, functional testing, load and compliance testing.
SSL/TLS Client Certificate
Certificate used to verify the authentication of an end-entity to a server when a connection is being established through a Secure Socket Layer/Transport Layer Security (SSL/TLS) session (secure channel).
SSL/TLS Server Certificate
Certificate used to verify the authentication of a web or application server to the end-entity (client) when a connection is being established through a Secure Socket Layer/Transport Layer Security (SSL/TLS) session (secure channel).
Tokenization is the practice of replacing an account number with a substitute value. If this substitute value is stolen, the ability to use it for fraudulent transactions is limited.
Tokenization may be undertaken to enhance Transaction efficiency, improve Transaction security, increase service transparency, or to provide a method for third-party enablement.
The act between a Cardholder and a Merchant or an Acquirer that results in a transaction receipt, if applicable.
Two-way authentication creates a truststore and a keystore on both the client and the server. In this example, there is a CA certificate "A" in the truststore and a CA certificate "B" in the keystore on both client and server.
In Two-Way SSL authentication, the client and server need to authenticate and validate each others identities. The authentication message exchange between client and server is called an SSL handshake.
For details refer to Two-Way SSL (Mutual Authentication) section in Getting Started guide.
Certificate type that is required for Outbound services/APIs on Visa Developer. The service identifies this certificate as a requirement towards Two-Way SSL.
The website at developer.visa.com through which developers can access functional code, documentation, SDKs and sandboxes.
Discussion forums where developers can socialize, find help, and get news from one another and dedicated community moderators.
Server certificate and required for authentication handshake (verification and validation) with Visa Developer gateway that must add this to your trust-store.
The set of interoperable APIs (products and capabilities) and tools (Visa Developer Center, SDKs, sandboxes, gateways) open to developers from clients and industry partners to build new applications.
The set of activities (registration, exploration, certification, etc.) and support (e.g., workshops, expert consulting) to make it easier to build and commercialize applications.
API Key-Shared Secret Authentication, which Visa refers to as x-pay-token. To invoke an API using x-pay-token, you will need an API Key and a Shared Secret. For details, refer to X-Pay token section in Getting Started.