Essential Industry Terms Explained

First-party fraud occurs when an individual intentionally misrepresents their identity, financial situation, or intentions to gain financial benefits or avoid obligations. Unlike third-party fraud, where external actors exploit stolen information, first-party fraud is...

3D Secure is an authentication method designed to reduce fraud and increase security for online card transactions. Originally sponsored by Visa under the 'Verified by Visa' brand, Mastercard and...

What is 3rd Party Fraud? Refers to any fraud committed against a financial institution or merchant by an unrelated or unknown third-party. While there are many different kinds of fraud, there are 3...

419 Fraud is a type of advance-fee fraud in which individuals or companies receive unsolicited emails or letters promising a percentage of a large sum of money in return for allowing funds to pass...

A/B testing is a research method in which two groups, a control group (representing the current strategy) and an alternate group (representing a hypothesis for an improved strategy), are tested...

AI or Artificial Intelligence is broadly used to describe the simulation of the processes of human intelligence by computer systems. The processes simulate human learning in that the systems start...

Combating Financial Crime: Understanding Anti-Money Laundering (AML) AML or Anti-Money Laundering refers to a set of procedures, laws, or regulations designed to stop the practice of generating...

AVS or Address Verification System is a payment processing system comparison of the numerical portions of billing and shipping addresses with the addresses on file at the credit card-issuing bank. A...

Account Takeover (ATO) is a form of fraud where a malicious actor gains unauthorized access to a user’s online account. This is typically achieved through stolen login credentials obtained via phishing, data breaches...

The Acquiring Bank, also known as the merchant acquirer or the merchant bank, is the bank that is responsible for settling credit and debit card transactions on behalf of the merchant. Its...

Active Authentication is a security and authentication method in which the user is challenged with questions about what he/she knows (knowledge-based), has (possession-based) or is (biometric-based).

Advance-Fee Fraud is a common fraud scheme generally involving a criminal tricking a victim into paying an up-front fee with the promise of a larger reward paid out later.

Application fraud occurs when a person provides false, stolen, or manipulated information in a formal application process to obtain products, services, or credit. Commonly seen in industries such as financial services, telecommunications...

In the world of online betting and gambling, an arber is a person who takes advantage of discrepancies in gambling sites odds, so as to ensure that no matter what party wins a contest (i.e. a race),...

B2B or Business-to-Business refers to a business that sells products or provides services to other businesses.

B2C or Business-to-Consumer refers to a business that sells products or provides services to the end-user consumers. Another variation of this concept is D2C (direct to consumer) in which a...

A route through which legitimate users or criminals can bypass security systems in order to access the data they’re after. Contrasts with a front door attack, where a virus or attack is done with...

Baiting describes the situation where a fraudster leaves something out like a USB drive, enticing somebody to pick it up and see what content is on it. The fraudster loads the USB drive up with...

A BIN Number or Bank Identification Number is assigned to a bank for its own credit card issuance. The first six digits on a credit card constitute the Bank Identification Number, otherwise known as...

The most famous and popular cryptocurrency. While it is often thought of as an anonymous payment method, bitcoin (BTC) is actually pseudonymous, which means it is possible to track someone’s payments...

The term originates from the drug dealing world, and is used to describe inexpensive mobile phones designed for temporary use. It allows fraudsters and criminals to link an account to a disposable...

The fraudster term for stolen credit card data. A full CC contains the original cardholder’s name and address, expiration date, and CCV. It becomes a Fullz when other personal data points are added...

What is a CVV? The card verification value (CVV), is a three- or four-digit code on the back of a debit or credit card. It is sometimes referred to as a CID, or card identification number. This...

What is carding? Carding is the general fraudster term for using stolen credit card data, whether it’s used for direct purchases, or charging prepaid or gift store cards, which fraudsters then...

A form of social engineering where fraudsters and criminals create fake online identities to lure people into emotional or romantic relationships for personal or financial gain. Online seduction and...

The Certified Fraud Examiner (CFE) is a qualification issued by the Association of Certified Fraud Examiners (ACFE). The ACFE organization is a provider of anti-fraud education and training. CFE...

Chargeback fraud, sometimes referred to as "friendly fraud," occurs when a consumer disputes a legitimate transaction with their bank or payment provider and requests a chargeback—reversing the payment—claiming the transaction was...

What is Click Fraud?  Click fraud is a form of marketing fraud that occurs when pay-per-click (PPC) online ads are illegally clicked to increase site revenue or exhaust a company's budget. It is...

What is Clickjacking? In summary, clickjacking is when a fraudster targets someone to click a link, either to get them to install malware or to try to 'phish' them, a related term that involves...

Computer Fraud is defined as the action of utilizing a computer to attain or modify the electronic information or to get the illegal usage of a mechanical system or computer. Computer fraud in the...

Computer System Penetration, known as a penetration test (or pen test), is an official virtual cyber-attack towards a computer system, executed to assess the security of the system. The test...

Confirmation fraud is a type of fraud that comes in two layers. First, a fraudster falsifies transactional information, like pretending to deposit a certain amount of money in an account (on someone...

Conflict of Interest or COI is a situation where a member of multiple interests, in fulfilling their obligations to one interest, can fail the obligations they have to another. The inability to...

Consumer Authentication is the term used for the devices that are designed to verify that a person making a transaction or any business deal is really the person who is certified to do that action....

A person commits contract fraud when they make a knowingly false statement that serves to trick or deceive another person into signing a contract. A person also commits contract fraud when, through...

A "cookie" is defined as a small amount of information that a Web browser saves on the user’s system. Cookies are a method designed for Web applications to retain the application domain. Cookies are...

Corporate fraud is the purposeful falsification of the financial data of a company or the actions that have been made by the company to deliver fake information to the public, in order to increase...

Corporate Identity Theft, also known as CIT, is the deceitful and careful falsification of an identity of a company. It is also sometimes called a “white-collar crime” since it is commonly performed...

The term corruption describes when the integrity of an entity is compromised or put at risk by inner actors who aim to illegally or unethically benefit themselves or that entity. The goal of...

Counterfeit cards are fake credit cards with an actual account's info that can be gained through various methods. A lot of times the victims of these crimes will still have their actual cards and...

Counterfeiting is defined as the planned attempt to duplicate a real and authentic article such as a symbol, trademark or even money with the purpose to distort and convince the purchaser or the...

A web crawler, also known as a web spider or web robot, is a program, software package, or automated script which browses the Global Web in a systematic and automated method. Web crawlers are mostly...

Credential stuffing is a type of cyberattack in which attackers exploit stolen login credentials—often obtained from data breaches—to gain unauthorized access to user accounts. Cybercriminals use automated tools to test these stolen...

Credentials refer to achievements or titles bestowed upon someone, generally by an authoritative body, that are brought up in order to validate the capabilities and suitability of that person for a...

A credit bureau is an organization that gathers and also investigates the entirity of credit information from a person and then sells the information to the creditors to get a fee so that they will...

A credit card is a thin four-sided block of plastic allotted by a financial firm that allows cardholders to borrow some funds to pay for products and services purchases. Credit cards are subject to...

Credit Card Fraud refers generally to any fraudulent transaction using a credit card as a source of funds. The fraudulent transaction may be committed to obtain goods or services or to illegally...

What is Credit Card Fraud Detection?   Credit card fraud detection refers to the set of policies, tools, methodologies, and practices that credit card companies and financial institutions use to...

A credit card number is the exclusive number printed on a credit card. The first six numbers written on a credit card are the issuer's identification numbers, and the last remaining numbers are...

What are Credit Card Refund Schemes? Credit card refund schemes are fraudulent activities in which scammers exploit the refund process of credit card transactions to illegitimately obtain money or...

Credit fraud is described as a situation where a customer's personal information has been stolen by a fraudster in order to make a new credit claim using the stolen information. In this case, the...

A cryptocurrency is a virtual or digital currency that applies cryptography for safety purposes. A crypto currency is quite challenging to counterfeit because of the security feature. Many of the...

A cryptogram is a form of puzzle that contains a small part of encrypted text. Usually the code used to encrypt the text is quite simple so that the cryptogram can be resolved manually. Often the...

Cryptography is the study (as well as the practice) of methods for secure communication in the presence of malicious third parties. Generally, cryptography is centered around creating and...

Cryptocurrencies require large amounts of computer power to be created, or “mined”. Some legitimate companies specialize in mass cryptomining through dedicated mining farms. Cyber criminals and...

Current address fraud occurs when a fraudster changes the known address of somebody to a new one, thus re-routing their mail to somewhere the fraudster can likely access it.

Customer Due Diligence, also known as CDD, is defined as the method by which appropriate data or information regarding the customer is gathered as well as assessed for any possible threat for the...

Customer Identity and Access Management, also known as CIAM, could be defined as a subsection of the broader Identity Access Management or IAM, and it specifically focuses on dealing with or handling...

Cyber fraud is described as a situation in which a fraudster uses the Internet to earn money, products, or some other interest on things which they obtained illegally from people, generally through...

The Dark Web, What is it? The entirety of the web that is not accessible by search engines. Regular browsers, like Google and Bing, search the so-called “surface web", defined by public links, and...

A data breach, also known as a data leak or data spill, is an event that includes the illegal inspection, access or retrievial of data by a person, an application or otherwise a service. It is a form...

Data capture, or electronic data capture, is the process of extracting information from a document and converting it into data readable by a computer.

Data enrichment is defined as the merging of third-party data from an external authoritative source with an existing database of first-party customer data. Brands do this to enhance the data they...

Data mining is the process of investigating concealed configurations of data rendering at different viewpoints for classifying valuable data, which is gathered and collected in standard zones, such...

A data point is defined as a distinct component of data. In a broad common sense, every single detail is considered as a data point. In an arithmetical or systematic framework, a data point is...

The Data Protection Act (DPA) is a United Kingdom law passed in 1988. It was established to manage how individual or consumer data could be used by any organizations or government organizations. It...

The term data provider is used to describe the process of retrieving data from relational data sources in non-real time applications. The data provider manages the data at each stage by mapping the...

What is Data Science?  Data Science is a multidisciplinary field that combines techniques from various domains, including statistics, computer science, machine learning, and domain-specific...

The Payment Card Industry Data Security Standard (PCI DSS) is a widely recognized set of rules and policies proposed to improve the security of cash, debit and credit card transactions and also to...

Data set is an assortment of data. Usually a data set match up to the subjects of a distinct database table, or otherwise a particular arithmetical data matrix, where each single column of the table...

What is Day of the Jackal Fraud? Day of the Jackal Fraud is an identity fraud technique in which the birth certificate of a dead child is used to obtain a passport or some other certified identity...

A debit card, also known as a bank card, plastic card, or check card is a payment card that can be used as an alternative to cash when making any purchase transactions. Physically, it looks quite...

Debit card fraud is any kind of fraud where debit card accounts are accessed by fraudsters without the account owner's authorization in order to manipulate or usually drain their funds. Debit card...

A dedicated hosting service, also known as a dedicated server or a managed hosting service, is basically an Internet hosting structure where the customer leases an entire server not shared with...

A dedicated IP address is defined as an exclusive Internet address which is exclusively and completely assigned to a distinct hosting account. Only corporate hosting accounts are qualified for...

A technology that overlays a video with different audio or video, in order to make a real-looking video of somebody saying or doing something. A famous example could be a deepfake of Nancy Pelosi (in...

Deep learning is an artificial intelligence function that imitates the workings of the human brain in processing data and creating patterns for use in decision making. Deep learning is a subset of...

The Deep Web, What is it? The entirety of the web that is not accessible by search engines. Regular browsers, like Google and Bing, search the so-called “surface web", defined by public links, and...

A denial-of-service or DoS is any category of attack in which hackers or attackers endeavor to prevent authentic users from retrieving the service. Within a DoS attack, the hacker or attacker...

Derived Identification is the term for a unique verification device that is stored within your phone, and is used to identify that a person logging into something or making a purchase has access that...

Device cloning is the practice of producing an accurate copy of any application driver. The term can be used to indicate a body, software design or an application that has roles and behavior related...

A device emulator is defined as a software or hardware that allows a computer system (named host) to perform as a different computer system (named guest). A device emulator generally allows the host...

A device ID or device identification is a unique number related to a cell phone or to the handheld device itself. Device IDs are separate from the hardware serial numbers. It could be a mixture of a...

An intelligent device is basically any type of equipment, instrument, or machine that has its own computing capability. The existing grade of intelligent devices is quite wide-ranging, and in...

A digital identity is a network or an online identity that has been approved or applied for in cyberspace by a person, business or also electronic device. These mentioned users may also progress...

A digital signature, also known as an electronic signature, proves the legitimacy of an electric file or text in digital communication and uses encryption methods to keep the content of the file...

A digital wallet is basically a software-based structure designed for building e-commerce transactions. With the use of a digital portfolio, online acquisitions can be made simply by using computers...

In finance, disintermediation is described as the withdrawal of cash from intermediate financial associations, like banks, investments and loan relatives, to endow them openly. In general,...

A credit card dispute refers to the process of denying charges to a credit card for whatever reason. Billing errors may consist of custodies for products which you have ordered but never received,...

Diverting funds is defined as the use of funds by the debtor in defiance of the authorized terms of the moneylender, in a number of circumstances such as the extension of the credit facility,...

A domain name is a tag that recognizes a network domain: a discrete cluster of computers under a fundamental management or authority. Within the Internet, domain names are designed by the guidelines...

Magazine sales fraud usually starts with a simple knock on the door with a person trying to sell a magazines to “increase the money” intended for a donations, charity, or other superficial earnest...

Doorway domains are created so that they positionate well in search engines results aimed at specific keywords, and then are used as an entry point over which visitors must pass to reach to the main...

Doorway pages are web pages created in order to measure the influence of search engine indexes (spamdexing). A doorway page influences the index of a search engine by introducing results for specific...