| **Name**
| **Description**
|
| Customer/Merchant
| Institution which uses Verestro products. This institution decides which solution should be used depending on the business requirements and how transaction should be processed.
|
| User
| End-User which uses Customer application and pays for Customer's goods using Google Pay™ solution. This is the root of the entity tree. User is an owner of the card stored in Google Pay™ system.
|
| Card Payment Token
| Card Payment Token is an entity created by Google Pay™ and returned to the Customer. This token is created when the Customera application user selects the card he wants to pay with Google Pay. Card Token Payment is encrypted and does not contain valid card details. This token is decrypted on the Verestro side and then Verestro orders the payment to the Customer's Acquirer.
|
| Authorization Method
| The way of the authentication of the card transaction. Verestro supports followed authorization methods: `PAN_ONLY` and `CRYPTOGRAM_3DS` if Customer's country belongs to the European Union. Authorization method is always provided in the Google Pay™ encrypted payload as `authMethod` parameter.
|
| Gateway Id
| Phrase/value that identifies a given Payment Service Provider in the Google Pay™ system. The Merchant provides gateway Id to Google Pay™ to obtain a card payment token. By provided gateway Id, Google Pay™ encrypts the card payment token with the appropriate public key. Verestro is defined by a gateway Id with the value `verestro`
|
| Gateway Merchant Id
| Unique Customer identifier assigned by Verestro during the onboarding process. This identifier is in the form of a `UUID`. Verestro understands and uses this to verify that the message was for the Customer that made the request. Customer passes it to Google Pay™. More information about the Gateway Merchant Id can be found in [Google Pay™ documentation.](https://developers.google.com/pay/api/processors/guides/implementation/understand-our-payload)
|
| Payment Service Provider
| Payment Service Provider is an entity that helps Merchants transfer sensitive data to Acquirer during the transaction. Payment Service Provider should be PCI DSS compilent. In the Token Payment Service solution, Verestro has the role of PSP.
|
| Acquirer
| External Institution resposible for processing transaction and 3ds requests ordered by the by Verestro Token Payment Service solution in Customer context. Acquirer connects with banks / card issuers and returns an information whether the ordered action on a given card payment token is possible.
|
| MID
| Merchant identifier. This entity is represending Customer / Merchant in Acquirer's system. Customer has to provide the mid information to enable mid configuration in the Verestro system. Required to process transactions and 3DS via Verestro system.
|
| Card Network
| This is the type of card that allows you to make payments using a card payment token. Verestro allows to use `MASTERCARD`, `VISA` and `MAESTRO` cards.
|
| PAN
| It is 7-16 digits of the credit / debit card number. These digits contain the Permanent Account Number assigned by the bank to uniquely identify the account holder. It is necessary to provide it when User wants to pay with a card for purchases on the internet.
|
| CVC
| It is a type of security code protecting against fraud in remote payments. Card Verification Code is necessary to provide it when User wants to pay with a card for purchases on the internet.
|
| Expiration Date
| It is a date of the card validity ending and contains two values – month/year. Card will be valid to the last day of the month of the year showed on it. It is necessary to provide it when User wants to pay with a card for purchases on the internet.
|
| 3DS
| 3-D Secure is a method of authorization of transaction made without the physical use of a card, used by payment organization. The 3DS process in the Merchant Paytool solution is performed internally in the Verestro system.
|
| PCI DSS
| It is a security standard used in environments where the data of payment cardholders is processed. The standard covers meticulous data processing control and protection of users against violations.
|