Skip to main content

Glossary

MyDebit Scheme

Definition of frequently used terms for MyDebit Scheme is as follows:

TermDefinition
Acquirer HostThe consumer-facing component allowing consumer interaction with the 3DS Requestor for initiation of the EMV 3-D Secure protocol.
AcquirerAn EMV 3-D Secure Participant that facilitates and integrates the 3DS Requestor Environment, and optionally facilitates integration between the Merchant and the Acquirer.
Acquirer BankFinancial Institution authorised by PayNet or BNM to recruit Merchants and to deploy MyDebit Terminals to support the MyDebit Scheme.
Application CryptogramAn alphanumeric value generated from an algorithm to validate data integrity.
Authorisation Request Cryptogram or ARQCAn Application Cryptogram generated by the card when requesting online authorisation from the Issuer’s host.
BCPBusiness Continuity Plan as stipulated in Guidelines on Business Continuity Management for Participants of PayNet’s Services.
BNMBank Negara Malaysia.
Business DaysAny calendar day from Monday to Friday except a public holiday in the Federal Territory of Kuala Lumpur.
Calendar DaysAny day including weekend and public holidays.
CardholderA person who holds MyDebit card issued by an Issuer which maintains the accounts (i.e. Savings / Current) that could be accessed by such card.
Card Prefix or Bank Identification Number or BINThe first 6 digits of the card number assigned to identify the Issuer Bank.
Cash Management Bank or CMBAn intermediary appointed by PayNet to perform beneficiary and threshold validations as well as to credit the Beneficiaries’ accounts upon successful validation.
Cash OutAn additional feature of the MyDebit Scheme which allows Cardholders to withdraw cash from the Merchant with a purchase. The maximum limit set for Cash Out withdrawal is RM500 per transaction.
Cross Border POS or CBPOSA cross-border payment which enables Cardholders to use their MyDebit Card at POS terminal located at Merchants outside Malaysia and vice versa that supports either contact or contactless transaction or both.
DMS Holding AccountAn account owned by PayNet with the appointed CMB for the purpose of settlement of funds to Merchants and TPAs
Direct Merchant Settlement or DMS Third Party Acquirer settlement processes whereby funds collected from MyDebit transactions shall be credited into a Holding Account for settlement with Merchants.
Disaster Recovery Plan or DRPDisaster Recovery Plan as stipulated in Guidelines on Business Continuity Management for Participants of PayNet’s Services.
Dispute transactionAny transaction discrepancy due to technical error or time-out at any point regardless of whether at the terminal, Acquirer, MyDebit System or Issuer. Resolution for dispute related to technical error or time-out will require the return of full purchase amount to the Cardholder and Switching Fee to the Participant. For example: Issuers’ accounts were erroneously debited multiple times for a single purchase or charged with an incorrect amount by Merchants. In the event the Merchant records a purchase as failed (due to a timeout or other reasons) even though the Cardholder’s bank account has been debited, the Cardholder is entitled to be returned with a full purchase amount.
Enterprise Case Management System or ECMSA web workflow-based system created by PayNet to facilitate the Issuer and Acquirer to log, track and resolve dispute cases more efficiently which is accessible at (https://ecms.paynet.my). It also provides daily dispute settlement among all Participants for MyDebit.
Financial Institution or FIA licensed bank, licensed investment bank, licensed Islamic bank or prescribed development financial institution under the Financial Services Act 2013 (FSA), Islamic Financial Services Act 2013 (IFSA) and Development Financial Institutions Act 2002 (DFIA).
Foreign MerchantAn individual, company, body corporate, business (including sole proprietor and partnership) incorporated outside Malaysia that accepts payments via MyDebit, for purchase of goods and/or services.
General Non-ComplianceAny non-compliance without pre-specified penalty charges in this Operational Procedures for MyDebit.
Government and its AgenciesAny ministries, Government department and agencies, any statutory bodies having public duty or public bodies, any companies wholly-owned or non-wholly owned, is a subsidiary of or controlled by the aforementioned bodies.
Holding AccountAn account owned by the Settlement Bank for the purpose of settlement of funds to Merchants and TPAs.
Host Security Module or HSM or Hardware Security ModuleA physical computing device that safeguards and manages digital keys for strong authentication and provides crypto-processing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.
IssuerFinancial Institution authorized by BNM to issue MyDebit card.
LogoA symbol or wordmark created by PayNet to identify and promote the MyDebit brand.
MCCSMalaysian Chip Card Specification is the domestic EMV (Euro, Mastercard, and Visa) debit card scheme which supports both contact and contactless applications.
MEPSMalaysian Electronic Payment System Sdn Bhd.
MerchantA person or business entity who has been authorized by an Acquirer to accept card payments via installed MyDebit terminals for sale of goods and services.
MyDebitA domestic debit card scheme that allows MyDebit Cardholders to purchase goods / services and withdraw cash at participating merchant’s outlets by debiting directly from the Cardholders’ nominated savings / current account.
MyDebit BrandThe brand, icon, logo and marks for MyDebit.
MyDebit Development Fund or MDFMDF is established to fund campaigns, promotions, prizes, incentives, training, awareness, development, etc. to spur the growth of MyDebit acceptance, adoption and usage
MyDebit Intellectual PropertyAll intangible intellectual assets of MyDebit.
MyDebit SchemeA business model that offers transaction switching services offered by PayNet. This domestic debit card scheme will facilitate electronic payment transactions, which is linked to various FIs and Third-Party Acquirers.
MyDebit SystemA central switch or an exchange infrastructure and application platform offered by PayNet that facilitates electronic payment transactions which is linked to various FIs and Third-Party Acquirers.
Net SettlementA payment Settlement System between banks, where transactions are accumulated and offset against each other with only the net differential being transferred between banks.
Normal PurchaseA financial transaction consisting of payment information of goods or services purchased by the Cardholders. The transaction is captured and submitted to the Acquirer for payment authorisation.
Not-On-Us TransactionA transaction made by a Cardholder at a terminal where the Issuer and Acquirer are of different FIs.
Offline TransactionThe recording of information from a MyDebit card for later processing. Offline transaction processing enables MyDebit to be accepted as a form of payment even at point-of-sale without real-time connections to MyDebit host.
On-Us TransactionA transaction made by a Cardholder at a Terminal where the Issuer and Acquirer are of the same FI.
Outdoor Payment Terminal or OPTA standalone automated Outdoor Payment Terminals located outside of petrol stations which are normally used by Cardholders for the purchase of petrol.
ParticipantParticipant as defined in the Participation Rules, acting as Issuer / Acquirer / Third-Party Acquirer.
Participation RulesRefers to the Participation Rules for Retail Payment Services. The Participation Rules govern the operation of PayNet’s Retail Payment Services and sets out the rights and obligations of PayNet and Participants.
Payment InstructionPayment file prepared and submitted by the TPA to the CMB’s system for settlement to merchants and to itself (payment of fees and other miscellaneous charges by the TPA to the merchants).
PayNetPayments Network Malaysia Sdn Bhd, the operator of MyDebit Scheme in the context of this document.
Personal Identification Number (PIN)A numeric code that acts as a password that is used to authenticate a Cardholder to their account.
PIN PadAn electronic device used in any physical card-based transaction to accept and encrypt Cardholders’ PIN.
Prepayment MerchantA Merchant that accepts payment for goods or services via MyDebit and where:
  1. any such goods are not fully shipped within five (5) Calendar Days or are not fully delivered within ten (10) Calendar Days; or
  2. any such services are not fully rendered within five (5) Calendar Days; measured from the date the customer made payment
Primary Account Number (PAN)A number code consisting of 14 to 19 digits (laser printed) on a card and encoded in the card's magnetic stripe that identifies the card, which is electronically associated to the Issuing FI and to the Cardholder’s bank account.
Purchase CancellationA financial transaction initiated by a Merchant or service provider to cancel an approved purchase transaction. The transaction must be submitted by the Merchant or service provider within the same day.
Real Time TransactionAn online processing of transactions that not only maintains all master files constantly current, but also enables the distribution and retrieval of information without delays in each process the instant it is received by the system.
Refund TransactionAn approved transaction that requires the Merchant to refund the purchase amount to the relevant Cardholder.
RENTASA Real-time Electronic Transfer of Funds and Securities System that provides multi-currency real-time gross Settlement System for interbank fund transfers, multi-currency debt securities settlement, and depository services for scriptless debt securities.
Retail Settlement Gateway (RSG)A settlement gateway/platform to perform the interbank settlement for specified PayNet services.
Settlement AccountA cash account maintained by the Participants for the purposes of settlement.
Settlement BankFinancial Institution appointed by the TPAs to facilitate settlement services either directly to their Merchants or to the TPAs own account
Settlement DateThe date on which a transaction settle. That is, the actual day on which transfer of cash or assets is completed.
Settlement SystemA system used to efficiently facilitate the settlement of transfers of funds, assets or financial instruments. It is the finalization of a payment.
Shared ATM NetworkA network operated by PayNet.
Stand-in ModeA backup system that provides authorisation services on behalf of an Issuer when the Issuer or its authorisation processor is unavailable.
Switch Operating HoursThe hours in which MyDebit is available for Participants. Currently, MyDebit switch operates 24 hours a day, 7 days a week.
TerminalAn information processing device through which MyDebit transaction messages are initiated and transmitted to the Acquirer and through which reply messages are received and transactions are completed.
Test CardA physical card being used for testing purposes that contains Track II Data
Third-Party Acquirer or TPAA Non-Financial Institution authorised by PayNet or BNM to recruit merchants and to deploy MyDebit terminals to support the MyDebit Scheme.
Track II DataAn ISO term referring to information encoded on the second track of the magnetic stripe of a MyDebit card as defined in ISO 7813, excluding start and end sentinels and Longitudinal Redundancy Check (LRC) characters as defined therein.
Transaction Certificate (TC) CryptogramAn Application Cryptogram generated by the card when accepting a transaction (second validation by card upon receiving the response from Issuer’s host).

MyDebit Secure

Definitions of frequently used terms for MyDebit Secure are as follows:

TermDefinition
3DS ClientConsumer-facing component allowing consumer interaction with the 3DS Requestor for initiation of the EMV 3-D Secure protocol.
3DS RequestorInitiator of the EMV 3-D Secure Authentication Request. For example, a 3DS Requestor may be a Merchant or payment gateway requesting authentication within a purchase flow.
3DS Requestor Environment3DS Requestor-controlled components i.e. 3DS Requestor Application (App), 3DS Software Development Kit (SDK), and 3DS Server are typically facilitated by the 3DS Integrator. Implementation of the 3DS Requestor Environment will vary as defined by the 3DS Integrator.
3DS Server3DS Integrator's server or systems that handle online transactions and facilitates communication between the 3DS Requestor and the DS.
3-D Secure (3DS)An e-commerce authentication protocol that enables the secure processing of payment, non-payment and account confirmation card transactions.
Access Control Server (ACS)A component that operates in the Issuer Domain, that verifies whether authentication is available for a Card number with/without the device type and authenticates specific Cardholders.
Acquirer/(s)A business entity (can be a financial or non-financial institution) that establishes a contractual service relationship with a Merchant for the purpose of accepting payment Cards. In the context of 3DS, in addition to the traditional role of receiving and sending Authorisation and settlement messages (enters transaction into interchange), the Acquirer also determines whether a Merchant is eligible to support and participate in 3DS.
Acquirer DomainContains the systems and functions of the 3DS Requestor Environment and, optionally the Acquirer.
AuthenticationIn the context of 3DS, the process of confirming that the person initiating an e-commerce transaction is entitled to use the Card.
Authentication Request Message (AReq)A 3DS message sent by the 3DS Server via the DS to the ACS to initiate the authentication process.
Authentication Response Message (ARes)A 3DS message returned by the ACS via the DS in response to an Authentication Request message.
AuthorisationA process by which an Issuer, or a processor on the Issuer's behalf, approves a transaction for payment.
Authorisation SystemThe systems and services through which a Payment System delivers online financial processing, authorisation, clearing, and settlement services to Issuers and Acquirers.
Bank Identification Number (BIN)The first six digits of a payment card account number that uniquely identifies the issuing financial institution. Also referred to as Issuer Identification Number (IIN) in ISO 7812.
CardIn this specification, synonymous to the MyDebit payment card.
Card-Not-Present (CNP)A payment Card transaction made where the Cardholder does not or cannot physically present the Card for a merchant's visual examination at the time that an order is given and payment effected.
Cardholder/(s)The first six digits of a payment card account number that uniquely identifies the issuing financial institution. Also referred to as Issuer Identification Number (IIN) in ISO 7812.
CertificateThe first six digits of a payment card account number that uniquely identifies the issuing financial institution. Also referred to as Issuer Identification Number (IIN) in ISO 7812.
CASAThe first six digits of a payment card account number that uniquely identifies the issuing financial institution. Also referred to as Issuer Identification Number (IIN) in ISO 7812.
ChallengeThe first six digits of a payment card account number that uniquely identifies the issuing financial institution. Also referred to as Issuer Identification Number (IIN) in ISO 7812.
Device Channel

Indicates the channel from which a transaction originated. Either:

  • App-based (01-APP)
  • Browser-based (02-BRW)
  • 3DS Requestor Initiated (03-3RI)
Directory Server (DS)A server component owned and operated by PayNet in the Interoperability Domain; it performs functions that include but not limited to authenticating the 3DS Server, routing messages between the 3DS Server and the ACS and validating the 3DS Server, the 3DS SDK, and the 3DS Requestor.
Electronic Commerce Indicator (ECI)Payment System-specific value provided by the ACS to indicate the results of the attempt to authenticate the Cardholder.
e-commerceThe sales or procurement of supplies and services using information system technology, particularly the internet.
E3DSAn e-commerce authentication protocol that enables the secure processing of payment, non-payment and account confirmation card transactions that is governed by EMVCo.
EMVA term referring to EMVCo’s specifications for global interoperability and acceptance of secure payment transactions and/or products and services complying with such specifications.
EMVCoEMVCo, LLC, a limited liability company incorporated in Delaware, USA. EMVCo exists to facilitate worldwide interoperability and acceptance of secure payment transactions.
Enterprise Case Management System (ECMS)A web workflow-based system created by PayNet to facilitate the Issuer and Acquirer to log, track and resolve dispute cases more efficiently which is accessible at (https://ecms.paynet.my). It also provides daily dispute settlement among all Participants for MyDebit.
Financial Institution (FI)A licensed bank, licensed investment bank, licensed Islamic bank or prescribed development financial institution under the Financial Services Act 2013 (FSA), Islamic Financial Services Act 2013 (IFSA) and Development Financial Institutions Act 2002 (DFIA).
FPXAn Internet payment gateway, which facilitates purchases/payments at merchant/biller e-commerce sites via the customer accessing their account through their Internet/mobile banking.
Interoperability DomainInteroperability Domain contains the DS systems which facilitates the transfer of information between the Issuer Domain and Acquirer Domain systems.
Issuer/(s)A financial institution licensed to issue Cards who contracts with Cardholders to provide card services, determines eligibility of Cardholders and identifies Card number/BIN ranges to participate in the 3DS Program.
Issuer DomainContains the systems and functions of the Issuer and its customers (Cardholders).
MerchantA company, entity, statutory or government body that contracts with an Acquirer and/or PayNet to accept MyDebit Secure payments. It manages the online CNP purchase (e-commerce) experience with the Cardholders, obtains Card information and then transfers control to the 3DS Server, which conducts payment authentication.
Marketplace MerchantE-commerce merchant with a platform where customers can find different brands of products coming from multiple vendors, shops or person showcased on the same platform.
ParticipantsParticipant as defined in the Participation Rules, acting as Issuer / Acquirer / Third-Party Acquirer.
Payment GatewayA system that facilitates online payment processing by authorising electronic payment transactions in e-commerce ecosystem.
Payment SystemPayment System is referring to the PayNet MyDebit Scheme, which defines the participation rules, operating rules and the requirements for Card issuance and Merchant acceptance.
Prepayment Merchant

A Merchant that accepts payment for goods or services via MyDebit and where:

  1. any such goods are not fully shipped within five (5) Calendar Days or are not fully delivered within ten (10) Calendar Days; or
  2. any such services are not fully rendered within five (5) Calendar Days; measured from the date the customer made payment.
Primary Account Number (PAN)A number code consisting of 14 to 19 digits (laser printed) on a card and encoded in the card's magnetic stripe that identifies the card, which is electronically associated to the Issuing FI and to the Cardholder’s bank account.