Documentation Index
Fetch the complete documentation index at: https://docs.ecrypt.com/llms.txt
Use this file to discover all available pages before exploring further.
A glossary of key terms used throughout the ECRYPT documentation and the payments industry.
ACH (Automated Clearing House)
An electronic funds transfer network used in the United States for processing bank-to-bank payments. ACH transactions are typically lower cost than card transactions but take longer to settle.
ACH Credit
A transaction that pushes funds from the merchant’s account into a customer’s bank account. Commonly used for disbursements or refunds.
ACH Debit
A transaction that pulls funds from a customer’s bank account into the merchant’s account.
Acquirer (Acquiring Bank)
A bank or financial institution that processes credit or debit card payments on behalf of a merchant. The acquirer routes transactions through the card networks to the issuing bank and is responsible for depositing settled funds into the merchant’s account.
API (Application Programming Interface)
A set of protocols and tools that allow two software systems to communicate with each other. ECRYPT provides a RESTful API for processing payments, managing customers, and retrieving transaction data.
API Key
A credential used to authenticate requests to the ECRYPT API. See Public API Key and Private API Key.
Authentication
The process of verifying the identity of a user, device, or system before granting access. In payments, authentication may also refer to verifying a cardholder’s identity during a transaction (see 3D Secure).
Authorization
A request sent to the card-issuing bank to verify that the cardholder has sufficient funds and that the card is valid. An authorization places a temporary hold on the funds but does not transfer money.
Authorization Code
A numeric or alphanumeric code returned by the issuing bank when a transaction is approved. This code confirms the authorization and is included in the transaction record for reference.
AVS (Address Verification System)
A fraud prevention tool that compares the billing address provided by the cardholder during a transaction with the address on file at the issuing bank. The result is returned as an AVS response code indicating a full match, partial match, or no match.
Batch
A group of transactions that are submitted together for settlement at the end of a processing period, usually once per day.
BIN (Bank Identification Number)
The first six to eight digits of a card number that identify the issuing bank, card brand, and card type (credit, debit, prepaid). Also referred to as an IIN (Issuer Identification Number).
Capture
The process of finalizing an authorized transaction so that funds are transferred from the cardholder’s account to the merchant’s account. A transaction must be captured before it can be settled.
Card Network
An organization that facilitates the routing of payment transactions between acquirers and issuers. The major card networks include Visa, Mastercard, American Express, and Discover. Card networks set interchange rates, establish processing rules, and manage dispute resolution procedures.
Card Not Present (CNP)
A transaction where the cardholder does not physically present their card to the merchant, such as online or phone orders. CNP transactions generally carry higher fraud risk and may have higher interchange rates.
Card Present (CP)
A transaction where the cardholder physically presents their card at a terminal, either by tapping (contactless), inserting the chip, or swiping the magnetic stripe.
Cardholder
The individual or entity to whom a credit or debit card has been issued. The cardholder is responsible for charges made on the card and is the party who may initiate a dispute.
Chargeback
A forced reversal of a transaction initiated by the cardholder’s issuing bank, typically as the result of a dispute. The merchant loses the transaction amount, and a chargeback fee is usually assessed. Merchants can contest chargebacks by submitting evidence that the transaction was valid.
Checkout Page
A fully hosted, ECRYPT-branded payment page that customers are redirected to in order to complete a transaction. Requires no frontend development on the merchant’s side.
Clearing
The process of exchanging financial transaction data between the acquirer and issuer after a transaction has been authorized. Clearing prepares transactions for final settlement.
Customer
A stored record in ECRYPT representing an individual or business that makes payments. Customer records can hold contact information, payment methods, and billing history.
Customer ID
A unique identifier assigned by ECRYPT to each stored customer record. Use this ID to reference, charge, or manage a customer through the API.
Customer Wallet
A secure, tokenized collection of one or more saved payment methods (cards, bank accounts) associated with a customer record. Wallets allow returning customers to pay without re-entering their payment details.
CVV / CVC (Card Verification Value / Code)
A three- or four-digit security code printed on a payment card (not stored in the magnetic stripe or chip). Used in card-not-present transactions to help verify that the person making the payment has physical possession of the card.
Decline
A response from the issuing bank or card network indicating that a transaction cannot be approved. Declines can be hard (the card is permanently invalid, expired, or reported lost) or soft (temporary issues like insufficient funds or network timeouts).
Device Management
The process of registering, configuring, monitoring, and deactivating physical payment terminals through the ECRYPT dashboard or API.
Disbursement
The transfer of funds from a merchant or platform to a recipient, typically via ACH credit or other payout method.
Dispute
A formal objection to a transaction raised by the cardholder through their issuing bank. If the dispute is upheld, it becomes a chargeback. Merchants can respond to disputes by submitting evidence supporting the validity of the original transaction.
EMV (Europay, Mastercard, Visa)
A global standard for chip-based payment cards and the terminals that accept them. EMV chip cards generate a unique transaction code for each payment, making them significantly more secure against fraud than magnetic stripe cards.
Encryption
The process of converting sensitive data into an unreadable format using a cryptographic algorithm. ECRYPT encrypts cardholder data in transit and at rest to protect against unauthorized access.
Environment
A configuration setting that determines whether API requests are processed against the ECRYPT sandbox (for testing) or live (for real transactions). Each environment has its own set of API keys.
Fraud
Unauthorized or deceptive activity intended to result in financial gain at the expense of the cardholder, merchant, or payment processor. Common types include stolen card use, account takeover, and friendly fraud (where the legitimate cardholder disputes a valid charge).
Gateway
A service that securely transmits payment data from a merchant’s website or terminal to the payment processor for authorization. ECRYPT functions as both a gateway and processor.
Hosted Iframe
A pre-built, PCI-compliant payment form that is embedded directly into your website using an HTML iframe. The iframe is hosted by ECRYPT, which keeps sensitive card data off your servers and reduces your PCI compliance burden.
Idempotency
A property of an API request that ensures making the same request multiple times produces the same result as making it once. ECRYPT supports idempotency keys to prevent duplicate charges caused by network retries or timeouts.
Installment Plan
A structured payment schedule that breaks a total amount into a fixed number of smaller charges over time.
Interchange
The transfer of transaction data and funds between acquirers and issuers through the card networks. Also refers to the fee structure associated with these transfers.
Interchange Fee
A fee set by the card networks and paid by the acquirer to the issuing bank on each transaction. Interchange fees vary based on card type, merchant category, and how the transaction is processed. These fees are a primary component of overall processing costs.
Issuer (Issuing Bank)
The bank or financial institution that issues a credit or debit card to a cardholder on behalf of a card network. The issuer is responsible for approving or declining transactions, extending credit, and handling cardholder disputes.
KPI (Key Performance Indicator)
A measurable value that tracks how effectively a business or system is achieving a specific objective. Common payment KPIs include authorization rate, chargeback rate, average transaction value, and settlement time.
Latency
The time elapsed between sending an API request and receiving a response. Low latency is critical in payment processing to ensure fast checkout experiences.
Level 2 and Level 3 Data
Enhanced transaction data submitted with B2B and government card payments. Level 2 includes fields like tax amount and customer reference number. Level 3 adds line-item detail such as item descriptions, quantities, and unit costs. Providing this data can result in lower interchange rates.
LLM (Large Language Model)
A type of artificial intelligence model trained on large volumes of text data, capable of understanding and generating natural language. In a payments context, LLMs may be used to power support chatbots, analyze transaction data, or assist with documentation search.
Merchant
A business or individual that accepts payment in exchange for goods or services. In the context of ECRYPT, the merchant is the entity integrating with the API to process payments.
Merchant Category Code (MCC)
A four-digit code assigned by card networks to classify a business by the type of goods or services it provides. MCCs influence interchange rates and may affect whether certain transaction types (such as surcharging) are permitted.
Merchant ID (MID)
A unique identifier assigned to a merchant by their acquirer or payment processor. The MID is used to route and identify transactions associated with that merchant’s account.
NACHA
The National Automated Clearing House Association, which governs the rules and standards for the ACH network in the United States.
Pagination
A method of dividing large API response sets into smaller, sequential pages. ECRYPT uses cursor-based or offset-based pagination to return transaction lists, customer records, and other collections efficiently.
Payment Method
Any instrument a customer uses to pay for a transaction. Common payment methods include credit cards, debit cards, ACH transfers, and digital wallets.
Payment Processor
A company that handles the technical routing of transaction data between merchants, acquirers, card networks, and issuers. ECRYPT acts as a payment processor for its merchants.
PCI-DSS (Payment Card Industry Data Security Standard)
A set of security standards established by the PCI Security Standards Council (founded by Visa, Mastercard, American Express, Discover, and JCB) to protect cardholder data. All merchants and service providers that store, process, or transmit card data must comply with PCI-DSS.
Private API Key
A server-side credential used to authenticate API requests that perform sensitive operations such as charging a card, issuing refunds, or accessing customer data. Private API keys must be kept confidential and should only be stored on your server. Never expose a private API key in client-side code, version control, or logs.
Product Code
A classification code assigned to a transaction that identifies the type of card or payment method used, such as Visa credit, Mastercard debit, or prepaid.
Public API
The externally accessible interface that developers use to integrate ECRYPT into their applications. All endpoints documented in ECRYPT’s developer docs are part of the public API.
Public API Key
A client-side credential used to identify your account when making API requests from environments visible to end users, such as a browser or mobile app. Public API keys can only be used for limited, non-sensitive operations like tokenizing card data. They should never be treated as secret, but they should not be shared outside your organization.
Rate Limiting
A mechanism that restricts the number of API requests a client can make within a given time window. Rate limits protect the platform from abuse and ensure consistent performance for all users.
Receipt
A record of a completed transaction provided to the cardholder or merchant. Receipts typically include the transaction amount, date, payment method, authorization code, and merchant information.
Reconciliation
The process of matching transaction records in ECRYPT with corresponding entries in your bank statements or accounting system to verify accuracy.
Recurring Billing
A billing model where a customer is automatically charged on a regular schedule (daily, weekly, monthly, annually) for ongoing goods or services. See Subscription and Installment Plan.
Refund
A reversal of a previously captured transaction that returns funds to the cardholder. Refunds can be full or partial.
Response Code
A standardized numeric or alphanumeric code returned by the payment processor or issuing bank that indicates the result of a transaction attempt. Examples include approval codes, decline codes, and error codes. See the Response Codes reference for a full list.
Retry Logic
The automated process of re-attempting a failed recurring payment according to configurable rules, such as retry intervals and maximum attempts, before marking the payment as permanently failed.
Sandbox
A testing environment that simulates live payment processing without moving real money. Used during development and QA to validate integrations before going live.
SDK (Software Development Kit)
A collection of libraries, code samples, and documentation that simplifies integration with the ECRYPT API in a specific programming language or platform.
Settlement
The process by which captured transactions are finalized and funds are deposited into the merchant’s bank account. Settlement typically occurs in daily batches.
Statement Descriptor
The text that appears on a cardholder’s bank or credit card statement to identify a transaction. Clear and recognizable statement descriptors help reduce chargebacks caused by cardholders who do not recognize a charge.
Subscription
An automated, recurring charge at a fixed interval (such as weekly, monthly, or annually) for an ongoing service or product.
Surcharge
An additional fee added to a transaction to offset the cost of credit card processing. Surcharging rules vary by card network and jurisdiction.
Terminal
A physical device used to accept in-person card payments, including tap (contactless), dip (chip), and swipe transactions.
3D Secure (3DS)
An authentication protocol that adds an extra verification step during online card transactions. The cardholder is prompted to verify their identity (for example, via a one-time passcode or biometric confirmation) before the transaction is approved. 3D Secure shifts fraud liability from the merchant to the issuer for authenticated transactions.
Tipping
A feature that allows customers to add a gratuity during the payment flow on a terminal or checkout page.
Token / Tokenization
The process of replacing sensitive payment data (such as a card number) with a non-sensitive placeholder value called a token. Tokens can be stored and used for future transactions without exposing the original data, reducing PCI scope.
Transaction
A single payment event processed through ECRYPT. Transactions can be card-based, ACH-based, or associated with a recurring billing cycle.
Transaction ID
A unique alphanumeric identifier assigned by ECRYPT to every transaction. Use this ID to reference, query, or look up a specific transaction through the API or dashboard.
Uptime
The percentage of time the ECRYPT platform is operational and available. Typically expressed as a percentage in a service level agreement (SLA), such as 99.99% uptime.
Void
The cancellation of an authorized transaction before it has been captured or settled. Voided transactions release the hold on the cardholder’s funds.
Webhook
A mechanism that sends real-time HTTP POST notifications to your server when specific events occur in ECRYPT, such as a completed transaction or a failed payment. Webhooks eliminate the need to poll the API for updates.
Additional Terms
Changelog
A chronological record of updates, bug fixes, and new features released for the ECRYPT API and platform. Developers should review the changelog regularly to stay informed about breaking changes and deprecations.
Tax Rate
A percentage applied to a transaction to calculate the tax amount due. ECRYPT supports configurable tax rates that can be associated with specific products or transactions.
