PAN truncation

Last updated

PAN truncation is an anti-fraud measure available on some credit-card-processing point of sale (POS) terminals as part of a merchant account service.

Contents

"PAN" is an acronym for primary account number, i.e., the "card number" on either a debit or a credit card. PAN truncation simply replaces the card number printed on a customer receipt with a printout of only the last four digits, the remainder being replaced usually by asterisks. This hides the card number from anyone who obtains the receipt when discarded, or by other means, while still allowing a card holder with multiple cards to identify which was used, and thus accurately record the transaction.

PAN truncation is a measure to combat credit card fraud (and debit card fraud), which is increasing worldwide, [1] particularly in a global market where "card not present" (CNP) transactions are increasingly [2] popular over the Internet, by mail, and by telephone.

See also

Notes

  1. "Archived copy". Archived from the original on 2013-05-01. Retrieved 2013-05-24.CS1 maint: discouraged parameter (link) CS1 maint: archived copy as title (link)
  2. Goodchild, Joan. "Card-Not-Present Payments See Double-Digit Surge". news.cardnotpresent.com. Retrieved 2021-04-15.

Related Research Articles

A debit card is a plastic payment card that can be used instead of cash when making purchases. It is similar to a credit card, but unlike a credit card, the money is immediately transferred directly from the cardholder's bank account to pay for the transaction.

EFTPOS Type of electronic payment system

Electronic funds transfer at point of sale is an electronic payment system involving electronic funds transfers based on the use of payment cards, such as debit or credit cards, at payment terminals located at points of sale. EFTPOS technology originated in the United States in 1981 and was adopted by other countries. In Australia and New Zealand, it is also the brand name of a specific system used for such payments; these systems are mainly country-specific and do not interconnect.

Tokenization (data security) Concept in data security

Tokenization, when applied to data security, is the process of substituting a sensitive data element with a non-sensitive equivalent, referred to as a token, that has no extrinsic or exploitable meaning or value. The token is a reference that maps back to the sensitive data through a tokenization system. The mapping from original data to a token uses methods that render tokens infeasible to reverse in the absence of the tokenization system, for example using tokens created from random numbers. The tokenization system must be secured and validated using security best practices applicable to sensitive data protection, secure storage, audit, authentication and authorization. The tokenization system provides data processing applications with the authority and interfaces to request tokens, or detokenize back to sensitive data.

Mobile payment generally refer to payment services operated under financial regulation and performed from or via a mobile device. Instead of paying with cash, cheque, or credit cards, a consumer can use a mobile to pay for a wide range of services and digital or hard goods. Although the concept of using non-coin-based currency systems has a long history, it is only in the 21st century that the technology to support such systems has become widely available.

Maestro (debit card)

Maestro is a brand of debit cards and prepaid cards owned by Mastercard that was introduced in 1991. Maestro debit cards are obtained from associate banks and are linked to the cardholder's current account while prepaid cards do not require a bank account to operate. Maestro cards can be used at point of sale (POS) and ATMs. Payments are made by swiping cards through the payment terminal, insertion into a chip and PIN device or by a contactless reader. The payment is authorized by the card issuer to ensure that the cardholder has sufficient funds in their account to make the purchase. The cardholder then confirms the payment by either signing the sales receipt or entering their 4- to 6-digit PIN, except with contactless transactions below a specified amount for which no further verification is required.

Cheque Method of payment

A cheque, or check, is a document that orders a bank to pay a specific amount of money from a person's account to the person in whose name the cheque has been issued. The person writing the cheque, known as the drawer, has a transaction banking account where their money is held. The drawer writes the various details including the monetary amount, date, and a payee on the cheque, and signs it, ordering their bank, known as the drawee, to pay that person or company the amount of money stated.

A permanent account number (PAN) is a ten-character alphanumeric identifier, issued in the form of a laminated "PAN card", by the Indian Income Tax Department, to any "person" who applies for it or to whom the department allots the number without an application. It can also be obtained in the form of a PDF file.

Fair and Accurate Credit Transactions Act

The Fair and Accurate Credit Transactions Act of 2003 is a United States federal law, passed by the United States Congress on November 22, 2003, and signed by President George W. Bush on December 4, 2003, as an amendment to the Fair Credit Reporting Act. The act allows consumers to request and obtain a free credit report once every 12 months from each of the three nationwide consumer credit reporting companies. In cooperation with the Federal Trade Commission, the three major credit reporting agencies set up the web site AnnualCreditReport.com to provide free access to annual credit reports.

ISO/IEC 7813 is an international standard codified by the International Organization for Standardization and International Electrotechnical Commission that defines properties of financial transaction cards, such as ATM or credit cards.

Carte Bleue

Carte Bleue was a major debit card payment system operating in France. Unlike Visa Electron or Maestro debit cards, Carte Bleue allowed transactions without requiring authorization from the cardholder's bank. In many situations, the card worked like a credit card but without fees for the cardholder. The system has now been integrated into a wider scheme called CB or carte bancaire. All Carte Bleue cards were part of CB, but not all CB cards were Carte Bleue.

A direct debit or direct withdrawal is a financial transaction in which one person withdraws funds from another person's bank account. Formally, the person who directly draws the funds instructs his or her bank to collect an amount directly from another's bank account designated by the payer and pay those funds into a bank account designated by the payee. Before the payer's banker will allow the transaction to take place, the payer must have advised the bank that he or she has authorized the payee to directly draw the funds. It is also called pre-authorized debit (PAD) or pre-authorized payment (PAP). After the authorities are set up, the direct debit transactions are usually processed electronically.

Payment card Card issued by a financial institution that can be used to make a payment

Payment cards are part of a payment system issued by financial institutions, such as a bank, to a customer that enables its owner to access the funds in the customer's designated bank accounts, or through a credit account and make payments by electronic funds transfer and access automated teller machines (ATMs). Such cards are known by a variety of names including bank cards, ATM cards, MAC, client cards, key cards or cash cards.

An ATM card is a payment card or dedicated payment card issued by a financial institution which enables a customer to access their financial accounts via its and others’ automated teller machines (ATMs) and to make approved point of purchase retail transactions ATM cards are not credit cards or debit cards. ATM cards are payment card size and style plastic cards with a magnetic stripe and/or a plastic smart card with a chip that contains a unique card number and some security information such as an expiration date or CVVC (CVV). ATM cards are known by a variety of names such as bank card, MAC, client card, key card or cash card, among others. Other payment cards, such as debit cards and credit cards can also function as ATM cards. Charge and proprietary cards cannot be used as ATM cards. The use of a credit card to withdraw cash at an ATM is treated differently to a POS transaction, usually attracting interest charges from the date of the cash withdrawal. Interbank networks allow the use of ATM cards at ATMs of private operators and financial institutions other than those of the institution that issued the cards.

A controlled payment number, disposable credit card or virtual credit card is an alias for a credit card number, with a limited number of transactions, and an expiration date between two and twelve months from the issue date. This "alias" number is indistinguishable from an ordinary credit card number, and the user's actual credit card number is never revealed to the merchant.

A payment card number, primary account number (PAN), or simply a card number, is the card identifier found on payment cards, such as credit cards and debit cards, as well as stored-value cards, gift cards and other similar cards. In some situations the card number is referred to as a bank card number. The card number is primarily a card identifier and does not directly identify the bank account number/s to which the card is/are linked by the issuing entity. The card number prefix identifies the issuer of the card, and the digits that follow are used by the issuing entity to identify the cardholder as a customer and which is then associated by the issuing entity with the customer's designated bank accounts. In the case of stored-value type cards, the association with a particular customer is only made if the prepaid card is reloadable. Card numbers are allocated in accordance with ISO/IEC 7812. The card number is usually prominently embossed on the front of a payment card, and is encoded on the magnetic stripe and chip, but may be imprinted on the back of the card.

Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services, or to make payment to another account which is controlled by a criminal. The Payment Card Industry Data Security Standard is the data security standard created to help businesses process card payments securely and reduce card fraud.

An issuing bank is a bank that offers card association branded payment cards directly to consumers, such as credit cards, debit cards, contactless devices such as key fobs as well as prepaid cards. The name is derived from the practice of issuing cards to a consumer.

Credit card card for financial transactions from a line of credit

A credit card is a payment card issued to users (cardholders) to enable the cardholder to pay a merchant for goods and services based on the cardholder's promise to the card issuer to pay them for the amounts plus the other agreed charges. The card issuer creates a revolving account and grants a line of credit to the cardholder, from which the cardholder can borrow money for payment to a merchant or as a cash advance.

Debit Mastercard

The Debit Mastercard is a brand of debit cards provided by Mastercard. They use the same systems as standard Mastercard credit cards but they do not use a line of credit to the customer, instead relying on funds that the customer has in their bank account.

Card security code Security feature on payment cards

A card security code (CSC), card verification data (CVD), card verification number, card verification value (CVV), card verification value code, card verification code (CVC), verification code, or signature panel code (SPC) is a security feature for "card not present" payment card transactions instituted to reduce the incidence of credit card fraud.

References

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.