Appendix B
Glossary of Terms and Abbreviations
AES (Advanced Encryption Standard) — = Symmetric encryption algorithm created by NIST based on the Rijndael encryption algorithm.
Attack Vector — = Method of an attack on a computer system with a detailed description of how security controls have been broken.
AOC (Attestation of Compliance) — = An application form submitted by a merchant or service provider to PCI SSC for PCI DSS assessment registration.
AOV (Attestation of Validation) — = An application form submitted by a payment application vendor to PCI SSC for PA-DSS revalidation registration.
API (Application Programming Interface) — = A set of functions exposed by an application in order to communicate with other applications. For example, payment application API exposed to POS application, or payment gateway API exposed to payment applications.
ATM Card (Automated Teller Machine Card) — = The bank card intended for cash withdrawal that usually cannot be accepted for payment by merchants, unlike a debit card (see debit card).
Authorization — = The first stage of a payment transaction when the payment processor checks that the account associated with the card has enough credit (for credit cards) or funds (for debit and gift cards) for the transaction.
Batch — = A group of payment transactions that were processed by a payment application during a specific period of time (usually one business day) and are awaiting settlement.
BDK (Base Derivation Key) — = In a DUKPT key management ...
Get Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
