Glossary
MyDebit Scheme
Definition of frequently used terms for MyDebit Scheme is as follows:
| Term | Definition |
|---|---|
| Acquirer Host | The consumer-facing component allowing consumer interaction with the 3DS Requestor for initiation of the EMV 3-D Secure protocol. |
| Acquirer | An EMV 3-D Secure Participant that facilitates and integrates the 3DS Requestor Environment, and optionally facilitates integration between the Merchant and the Acquirer. |
| Acquirer Bank | Financial Institution authorised by PayNet or BNM to recruit Merchants and to deploy MyDebit Terminals to support the MyDebit Scheme. |
| Application Cryptogram | An alphanumeric value generated from an algorithm to validate data integrity. |
| Authorisation Request Cryptogram or ARQC | An Application Cryptogram generated by the card when requesting online authorisation from the Issuer’s host. |
| BCP | Business Continuity Plan as stipulated in Guidelines on Business Continuity Management for Participants of PayNet’s Services. |
| BNM | Bank Negara Malaysia. |
| Business Days | Any calendar day from Monday to Friday except a public holiday in the Federal Territory of Kuala Lumpur. |
| Calendar Days | Any day including weekend and public holidays. |
| Cardholder | A person who holds MyDebit card issued by an Issuer which maintains the accounts (i.e. Savings / Current) that could be accessed by such card. |
| Card Prefix or Bank Identification Number or BIN | The first 6 digits of the card number assigned to identify the Issuer Bank. |
| Cash Management Bank or CMB | An intermediary appointed by PayNet to perform beneficiary and threshold validations as well as to credit the Beneficiaries’ accounts upon successful validation. |
| Cash Out | An additional feature of the MyDebit Scheme which allows Cardholders to withdraw cash from the Merchant with a purchase. The maximum limit set for Cash Out withdrawal is RM500 per transaction. |
| Cross Border POS or CBPOS | A cross-border payment which enables Cardholders to use their MyDebit Card at POS terminal located at Merchants outside Malaysia and vice versa that supports either contact or contactless transaction or both. |
| DMS Holding Account | An account owned by PayNet with the appointed CMB for the purpose of settlement of funds to Merchants and TPAs |
| Direct Merchant Settlement or DMS | Third Party Acquirer settlement processes whereby funds collected from MyDebit transactions shall be credited into a Holding Account for settlement with Merchants. |
| Disaster Recovery Plan or DRP | Disaster Recovery Plan as stipulated in Guidelines on Business Continuity Management for Participants of PayNet’s Services. |
| Dispute transaction | Any transaction discrepancy due to technical error or time-out at any point regardless of whether at the terminal, Acquirer, MyDebit System or Issuer. Resolution for dispute related to technical error or time-out will require the return of full purchase amount to the Cardholder and Switching Fee to the Participant. For example: Issuers’ accounts were erroneously debited multiple times for a single purchase or charged with an incorrect amount by Merchants. In the event the Merchant records a purchase as failed (due to a timeout or other reasons) even though the Cardholder’s bank account has been debited, the Cardholder is entitled to be returned with a full purchase amount. |
| Enterprise Case Management System or ECMS | A web workflow-based system created by PayNet to facilitate the Issuer and Acquirer to log, track and resolve dispute cases more efficiently which is accessible at (https://ecms.paynet.my). It also provides daily dispute settlement among all Participants for MyDebit. |
| Financial Institution or FI | A licensed bank, licensed investment bank, licensed Islamic bank or prescribed development financial institution under the Financial Services Act 2013 (FSA), Islamic Financial Services Act 2013 (IFSA) and Development Financial Institutions Act 2002 (DFIA). |
| Foreign Merchant | An individual, company, body corporate, business (including sole proprietor and partnership) incorporated outside Malaysia that accepts payments via MyDebit, for purchase of goods and/or services. |
| General Non-Compliance | Any non-compliance without pre-specified penalty charges in this Operational Procedures for MyDebit. |
| Government and its Agencies | Any ministries, Government department and agencies, any statutory bodies having public duty or public bodies, any companies wholly-owned or non-wholly owned, is a subsidiary of or controlled by the aforementioned bodies. |
| Holding Account | An account owned by the Settlement Bank for the purpose of settlement of funds to Merchants and TPAs. |
| Host Security Module or HSM or Hardware Security Module | A physical computing device that safeguards and manages digital keys for strong authentication and provides crypto-processing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. |
| Issuer | Financial Institution authorized by BNM to issue MyDebit card. |
| Logo | A symbol or wordmark created by PayNet to identify and promote the MyDebit brand. |
| MCCS | Malaysian Chip Card Specification is the domestic EMV (Euro, Mastercard, and Visa) debit card scheme which supports both contact and contactless applications. |
| MEPS | Malaysian Electronic Payment System Sdn Bhd. |
| Merchant | A person or business entity who has been authorized by an Acquirer to accept card payments via installed MyDebit terminals for sale of goods and services. |
| MyDebit | A domestic debit card scheme that allows MyDebit Cardholders to purchase goods / services and withdraw cash at participating merchant’s outlets by debiting directly from the Cardholders’ nominated savings / current account. |
| MyDebit Brand | The brand, icon, logo and marks for MyDebit. |
| MyDebit Development Fund or MDF | MDF is established to fund campaigns, promotions, prizes, incentives, training, awareness, development, etc. to spur the growth of MyDebit acceptance, adoption and usage |
| MyDebit Intellectual Property | All intangible intellectual assets of MyDebit. |
| MyDebit Scheme | A business model that offers transaction switching services offered by PayNet. This domestic debit card scheme will facilitate electronic payment transactions, which is linked to various FIs and Third-Party Acquirers. |
| MyDebit System | A central switch or an exchange infrastructure and application platform offered by PayNet that facilitates electronic payment transactions which is linked to various FIs and Third-Party Acquirers. |
| Net Settlement | A payment Settlement System between banks, where transactions are accumulated and offset against each other with only the net differential being transferred between banks. |
| Normal Purchase | A financial transaction consisting of payment information of goods or services purchased by the Cardholders. The transaction is captured and submitted to the Acquirer for payment authorisation. |
| Not-On-Us Transaction | A transaction made by a Cardholder at a terminal where the Issuer and Acquirer are of different FIs. |
| Offline Transaction | The recording of information from a MyDebit card for later processing. Offline transaction processing enables MyDebit to be accepted as a form of payment even at point-of-sale without real-time connections to MyDebit host. |
| On-Us Transaction | A transaction made by a Cardholder at a Terminal where the Issuer and Acquirer are of the same FI. |
| Outdoor Payment Terminal or OPT | A standalone automated Outdoor Payment Terminals located outside of petrol stations which are normally used by Cardholders for the purchase of petrol. |
| Participant | Participant as defined in the Participation Rules, acting as Issuer / Acquirer / Third-Party Acquirer. |
| Participation Rules | Refers to the Participation Rules for Retail Payment Services. The Participation Rules govern the operation of PayNet’s Retail Payment Services and sets out the rights and obligations of PayNet and Participants. |
| Payment Instruction | Payment file prepared and submitted by the TPA to the CMB’s system for settlement to merchants and to itself (payment of fees and other miscellaneous charges by the TPA to the merchants). |
| PayNet | Payments Network Malaysia Sdn Bhd, the operator of MyDebit Scheme in the context of this document. |
| Personal Identification Number (PIN) | A numeric code that acts as a password that is used to authenticate a Cardholder to their account. |
| PIN Pad | An electronic device used in any physical card-based transaction to accept and encrypt Cardholders’ PIN. |
| Prepayment Merchant | A Merchant that accepts payment for goods or services via MyDebit and where:
|
| Primary Account Number (PAN) | A number code consisting of 14 to 19 digits (laser printed) on a card and encoded in the card's magnetic stripe that identifies the card, which is electronically associated to the Issuing FI and to the Cardholder’s bank account. |
| Purchase Cancellation | A financial transaction initiated by a Merchant or service provider to cancel an approved purchase transaction. The transaction must be submitted by the Merchant or service provider within the same day. |
| Real Time Transaction | An online processing of transactions that not only maintains all master files constantly current, but also enables the distribution and retrieval of information without delays in each process the instant it is received by the system. |
| Refund Transaction | An approved transaction that requires the Merchant to refund the purchase amount to the relevant Cardholder. |
| RENTAS | A Real-time Electronic Transfer of Funds and Securities System that provides multi-currency real-time gross Settlement System for interbank fund transfers, multi-currency debt securities settlement, and depository services for scriptless debt securities. |
| Retail Settlement Gateway (RSG) | A settlement gateway/platform to perform the interbank settlement for specified PayNet services. |
| Settlement Account | A cash account maintained by the Participants for the purposes of settlement. |
| Settlement Bank | Financial Institution appointed by the TPAs to facilitate settlement services either directly to their Merchants or to the TPAs own account |
| Settlement Date | The date on which a transaction settle. That is, the actual day on which transfer of cash or assets is completed. |
| Settlement System | A system used to efficiently facilitate the settlement of transfers of funds, assets or financial instruments. It is the finalization of a payment. |
| Shared ATM Network | A network operated by PayNet. |
| Stand-in Mode | A backup system that provides authorisation services on behalf of an Issuer when the Issuer or its authorisation processor is unavailable. |
| Switch Operating Hours | The hours in which MyDebit is available for Participants. Currently, MyDebit switch operates 24 hours a day, 7 days a week. |
| Terminal | An information processing device through which MyDebit transaction messages are initiated and transmitted to the Acquirer and through which reply messages are received and transactions are completed. |
| Test Card | A physical card being used for testing purposes that contains Track II Data |
| Third-Party Acquirer or TPA | A Non-Financial Institution authorised by PayNet or BNM to recruit merchants and to deploy MyDebit terminals to support the MyDebit Scheme. |
| Track II Data | An ISO term referring to information encoded on the second track of the magnetic stripe of a MyDebit card as defined in ISO 7813, excluding start and end sentinels and Longitudinal Redundancy Check (LRC) characters as defined therein. |
| Transaction Certificate (TC) Cryptogram | An Application Cryptogram generated by the card when accepting a transaction (second validation by card upon receiving the response from Issuer’s host). |
MyDebit Secure
Definitions of frequently used terms for MyDebit Secure are as follows:
| Term | Definition |
|---|---|
| 3DS Client | Consumer-facing component allowing consumer interaction with the 3DS Requestor for initiation of the EMV 3-D Secure protocol. |
| 3DS Requestor | Initiator of the EMV 3-D Secure Authentication Request. For example, a 3DS Requestor may be a Merchant or payment gateway requesting authentication within a purchase flow. |
| 3DS Requestor Environment | 3DS Requestor-controlled components i.e. 3DS Requestor Application (App), 3DS Software Development Kit (SDK), and 3DS Server are typically facilitated by the 3DS Integrator. Implementation of the 3DS Requestor Environment will vary as defined by the 3DS Integrator. |
| 3DS Server | 3DS Integrator's server or systems that handle online transactions and facilitates communication between the 3DS Requestor and the DS. |
| 3-D Secure (3DS) | An e-commerce authentication protocol that enables the secure processing of payment, non-payment and account confirmation card transactions. |
| Access Control Server (ACS) | A component that operates in the Issuer Domain, that verifies whether authentication is available for a Card number with/without the device type and authenticates specific Cardholders. |
| Acquirer/(s) | A business entity (can be a financial or non-financial institution) that establishes a contractual service relationship with a Merchant for the purpose of accepting payment Cards. In the context of 3DS, in addition to the traditional role of receiving and sending Authorisation and settlement messages (enters transaction into interchange), the Acquirer also determines whether a Merchant is eligible to support and participate in 3DS. |
| Acquirer Domain | Contains the systems and functions of the 3DS Requestor Environment and, optionally the Acquirer. |
| Authentication | In the context of 3DS, the process of confirming that the person initiating an e-commerce transaction is entitled to use the Card. |
| Authentication Request Message (AReq) | A 3DS message sent by the 3DS Server via the DS to the ACS to initiate the authentication process. |
| Authentication Response Message (ARes) | A 3DS message returned by the ACS via the DS in response to an Authentication Request message. |
| Authorisation | A process by which an Issuer, or a processor on the Issuer's behalf, approves a transaction for payment. |
| Authorisation System | The systems and services through which a Payment System delivers online financial processing, authorisation, clearing, and settlement services to Issuers and Acquirers. |
| Bank Identification Number (BIN) | The first six digits of a payment card account number that uniquely identifies the issuing financial institution. Also referred to as Issuer Identification Number (IIN) in ISO 7812. |
| Card | In this specification, synonymous to the MyDebit payment card. |
| Card-Not-Present (CNP) | A payment Card transaction made where the Cardholder does not or cannot physically present the Card for a merchant's visual examination at the time that an order is given and payment effected. |
| Cardholder/(s) | The first six digits of a payment card account number that uniquely identifies the issuing financial institution. Also referred to as Issuer Identification Number (IIN) in ISO 7812. |
| Certificate | The first six digits of a payment card account number that uniquely identifies the issuing financial institution. Also referred to as Issuer Identification Number (IIN) in ISO 7812. |
| CASA | The first six digits of a payment card account number that uniquely identifies the issuing financial institution. Also referred to as Issuer Identification Number (IIN) in ISO 7812. |
| Challenge | The first six digits of a payment card account number that uniquely identifies the issuing financial institution. Also referred to as Issuer Identification Number (IIN) in ISO 7812. |
| Device Channel | Indicates the channel from which a transaction originated. Either:
|
| Directory Server (DS) | A server component owned and operated by PayNet in the Interoperability Domain; it performs functions that include but not limited to authenticating the 3DS Server, routing messages between the 3DS Server and the ACS and validating the 3DS Server, the 3DS SDK, and the 3DS Requestor. |
| Electronic Commerce Indicator (ECI) | Payment System-specific value provided by the ACS to indicate the results of the attempt to authenticate the Cardholder. |
| e-commerce | The sales or procurement of supplies and services using information system technology, particularly the internet. |
| E3DS | An e-commerce authentication protocol that enables the secure processing of payment, non-payment and account confirmation card transactions that is governed by EMVCo. |
| EMV | A term referring to EMVCo’s specifications for global interoperability and acceptance of secure payment transactions and/or products and services complying with such specifications. |
| EMVCo | EMVCo, LLC, a limited liability company incorporated in Delaware, USA. EMVCo exists to facilitate worldwide interoperability and acceptance of secure payment transactions. |
| Enterprise Case Management System (ECMS) | A web workflow-based system created by PayNet to facilitate the Issuer and Acquirer to log, track and resolve dispute cases more efficiently which is accessible at (https://ecms.paynet.my). It also provides daily dispute settlement among all Participants for MyDebit. |
| Financial Institution (FI) | A licensed bank, licensed investment bank, licensed Islamic bank or prescribed development financial institution under the Financial Services Act 2013 (FSA), Islamic Financial Services Act 2013 (IFSA) and Development Financial Institutions Act 2002 (DFIA). |
| FPX | An Internet payment gateway, which facilitates purchases/payments at merchant/biller e-commerce sites via the customer accessing their account through their Internet/mobile banking. |
| Interoperability Domain | Interoperability Domain contains the DS systems which facilitates the transfer of information between the Issuer Domain and Acquirer Domain systems. |
| Issuer/(s) | A financial institution licensed to issue Cards who contracts with Cardholders to provide card services, determines eligibility of Cardholders and identifies Card number/BIN ranges to participate in the 3DS Program. |
| Issuer Domain | Contains the systems and functions of the Issuer and its customers (Cardholders). |
| Merchant | A company, entity, statutory or government body that contracts with an Acquirer and/or PayNet to accept MyDebit Secure payments. It manages the online CNP purchase (e-commerce) experience with the Cardholders, obtains Card information and then transfers control to the 3DS Server, which conducts payment authentication. |
| Marketplace Merchant | E-commerce merchant with a platform where customers can find different brands of products coming from multiple vendors, shops or person showcased on the same platform. |
| Participants | Participant as defined in the Participation Rules, acting as Issuer / Acquirer / Third-Party Acquirer. |
| Payment Gateway | A system that facilitates online payment processing by authorising electronic payment transactions in e-commerce ecosystem. |
| Payment System | Payment System is referring to the PayNet MyDebit Scheme, which defines the participation rules, operating rules and the requirements for Card issuance and Merchant acceptance. |
| Prepayment Merchant | A Merchant that accepts payment for goods or services via MyDebit and where:
|
| Primary Account Number (PAN) | A number code consisting of 14 to 19 digits (laser printed) on a card and encoded in the card's magnetic stripe that identifies the card, which is electronically associated to the Issuing FI and to the Cardholder’s bank account. |