Part 1: Infrastructure
What is an account information service provider (AISP)?
An account information service provider (AISP) is a financial institution that provides third-party access to account information, typically via open banking. → payment initiation service provider (PISP)
What is an account servicing payment service provider (ASPSP)?
An account servicing payment service provider (ASPSP) is typically a financial institution that provides an account information service provider (AISP) or a payment initiation service provider (PISP) with access to account information.
What is an application programming interface (API)?
An application programming interface (API) is a way for two software applications to communicate securely, which in the case of open banking provides a secure alternative to web scraping.
What is a bank identification number (BIN)?
A bank identification number (BIN), also known as an issuer identification number (IIN), is the first six or eight digits of a primary account number (PAN) that identify an issuing bank. → BIN sponsorship
What is a bank identifier code (BIC)?
A bank identifier code (BIC) is a way to identify a bank internationally, also known as a SWIFT code and more broadly as a business identifier code (BIC). → international bank account number (IBAN)
What is a business identifier code?
A business identifier code is a broader application of the term bank identifier code (BIC).
What is banking as a platform (BaaP)?
Banking as a platform (BaaP) is a form of modular banking that puts the modules on a platform so partners can co-create new products for the host of the platform to share via banking as a service. (BaaS).
What is banking as a service (BaaS)?
Banking as a service (BaaS) is the sharing of banking capabilities with another provider, ideally via an application programming interface (API). → embedded finance, modular banking, banking as a platform (BaaP), open banking.
What is BIN sponsorship?
BIN sponsorship is a licensed issuing bank operating as a sponsor bank by letting a partner use its bank identification number (BIN) to operate as a card issuer.
What is a customer data platform (CDP)?
A customer data platform (CDP) is software to consolidate and analyze data, traditionally used by marketers to handle first-party data from customer relationship management (CRM). → data management platform (DMP)
What is a data architecture?
Data architecture is a framework for the manageability and useability of data within an organization. → data governance
What is a data management platform (DMP)?
A data management platform (DMP) is software to consolidate and analyze data, traditionally used by marketers to handle third-party cookie data. → customer data platform (CDP)
What is embedded finance?
Embedded finance is the insertion of capabilities shared via banking as a service (BaaS) into a customer journey as financial products and services. → embedded payment
What is enterprise resource planning (ERP)?
Enterprise resource planning (ERP) is the use of a software platform to automate the management of everyday activities across multiple business units.
What is a global distribution system (GDS)?
A global distribution system (GDS) is a global travel industry network serving buyers and suppliers with real-time travel inventory.
What is host card emulation (HCE)?
Host card emulation (HCE) is the replication of a hardware chip as software to allow near-field communication (NFC) for use in a contactless card or digital wallet.
What is an international bank account number (IBAN)?
An international bank account number (IBAN) is a way to identify a bank account internationally. → bank identifier code (BIC)
What is an issuer identification number (IIN)?
Issuer identification number (IIN) is an alternative term for bank identification number (BIN).
What is ISO 9362?
ISO 9362 is the international organization for standardization (ISO) code for a bank identifier code (BIC).
What is ISO 13616?
ISO 13615 is the international organization for standardization (ISO) code for an international bank account number (IBAN).
What is ISO 20022?
ISO 20022 is the international organization for standardization (ISO) code for financial messaging to accompany a transaction, such as a real-time payment (RTP) or SWIFT transfer.
What is a merchant ID (MID)?
A merchant ID (MID) is the unique number associated with a merchant account.
What is modular banking?
Modular banking is the mixing and matching of select banking capabilities shared via banking as a service (BaaS). → banking as a platform (BaaP)
What is near-field communication (NFC)?
Near-field communication (NFC) is short-range communication between two electronic devices, supported by host card emulation (HCE) when used for contactless payments.
What is open banking?
Open banking is the permissioned sharing of banking data with another provider, ideally via an application programming interface (API). → open finance, banking as a service (BaaS)
What is open data?
Open data is a catch-all term for the permissioned sharing of data within various industries, such open banking or open finance.
What is open finance?
Open finance is the permissioned sharing of financial data with another provider, ideally via an application programming interface (API). → open banking, open data
What is a primary account number (PAN)?
A primary account number (PAN) is the unique string of numbers associated with a payment card and usually found on its front. → bank identification number (BIN)
What is screen scraping?
Screen scraping is the extraction of visual display data from a website. → web scraping
What is a tech stack?
A tech stack is the technologies that come together to produce an overall product or service.
What is a SWIFT code?
SWIFT code is an alternative term for bank identifier code (BIC). → SWIFT
What is web scraping?
Web scraping is the extraction of data from a website, which in the case of open banking is ideally achieved instead by a secure application programming interface (API). → screen scraping
Part 2: Data protection
What is ciphertext?
Ciphertext is the result of encryption of readable plain text.
What is a cryptographic hash function (CHF)?
A cryptographic hash function (CHF) is a hash function with added encryption.
What is a cryptographic key?
A cryptographic key is random alphanumeric values created during data encryption to enable decryption of the data using those values.
What is data anonymization?
Data anonymization is the rendering of personally identifiable information (PII) unidentifiable. → independent data anonymization
What is data governance?
Data governance is the appropriate use, storage and disposal of data as part of a data retention policy. → data architecture
What is data masking?
Data masking is a catch-all term that covers data tokenization, data pseudonymization, deidentification and data anonymization.
What is data privacy?
Data privacy is the proper use of data to keep it confidential. → data protection
What is data protection?
Data protection is a catch-all term for data privacy and data security.
What is a data retention policy?
A data retention policy is guidelines for data governance concerning the length and type of data storage and its disposal, often in accordance with regulations.
What is data security?
Data security is the prevention of unauthorized access to data, usually via cybersecurity. → data protection
What is data tokenization?
Data tokenization is the replacement of sensitive financial data with randomly generated non-sensitive surrogate tokens. → asset tokenization, payment tokenization
What is decryption?
Decryption is the unscrambling of ciphertext data using a cryptographic key created during the encryption process.
What is a digital ID?
Digital ID is an alternative term for electronic ID (eID).
What is data deidentification?
Data deidentification is the rendering of personally identifiable information (PII) unidentifiable unless recovered via reidentification. → pseudonymization
What is an electronic ID (eID)?
An electronic ID (eID) is a digital proof of identity, often used for online authentication.
What is encryption?
Encryption is the temporary scrambling of plaintext data as ciphertext along with the creation a cryptographic key for its decryption.
What is a hash function?
A hash function is the conversion of data into another value, ideally as a cryptographic hash, to maintain data integrity so that any data modification returns the wrong hash value under the hash function, such as when validating a blockchain block.
What is hashing?
Hashing is the use of a hash function, ideally a cryptographic hash function (CHF).
What is independent data anonymization?
Independent data anonymization is data anonymization conducted by an independent third party to reduce the risk of reidentification to an insignificant level by keeping the source data separate from the modified data.
What is personally identifiable information (PII)?
Personally identifiable information (PII) is Information that may be used to personally identify an individual.
What is data pseudonymization?
Data pseudonymization is the use of pseudonyms for data deidentification.
What are quasi-identifiers?
Quasi-identifiers are partial identifiers that that may be combined to produce unique identifiers for data reidentification.
What is data reidentification?
Data reidentification is the use of quasi-identifiers to reverse the process of data deidentification.
What is a right to erasure?
Right to erasure is an alternative term for right to be forgotten.
What is a right to be forgotten?
A right to be forgotten, also known as right to erasure, is a right to have all personally identifiable information (PII) erased from any location and often refers to PII uncovered by online search engines.