Secure payments

Which businesses are considered high risk?

Acquiring banks and other financial institutions consider some lines of business as more risky than others. It's based on their experience with such companies and business models. Most common high risk businesses those of are pharmaceutical, gambling, or erotic nature, but quite often also others, like e.g. software (due to the fact that it's difficult to prove anything in case of any disputes).

Of course this always depends on a specific case and institution, so we recommend simply asking us directly whether or not we can provide your business with payment services.

back to top

What is 3-D Secure?

It's an additional security mechanism used with cards that are enrolled with the 3-D Secure program. It's mostly optional but there are cases (specific card types in specific countries) where it's required.

The mechanism is simple - it's an additional step during the online card payment process. A customer is redirected to a bank website where they have to enter a specific security code.

Read more:

back to top

What is CVV/CVC?

CVV stands for Card Verification Value and CVC is short from Card Verification Code (you can also encounter other acronyms that usually define the same thing: CVV2/CVC2, CID, CVD, CVVC). It's a security number printed on a payment card and not stored in the chip or magnetic stripe. If a customer provides the code during a purchase, it means that they actually possess the physical card (they wouldn't be able to get the code without the card).

This security mechanism is designed to avoid fraudulent transaction (e.g. using stolen card numbers) with card not present transactions. Usually the CVV/CVC is a three digit number printed on the back of the card; only American Express cards have a four digit number printed on the front of the card.

What is 3-D Secure?

It's an additional security mechanism used with cards that are enrolled with the 3-D Secure program. It's mostly optional but there are cases (specific card types in specific countries) where it's required.

The mechanism is simple - it's an additional step during the online card payment process. A customer is redirected to a bank website where they have to enter a specific security code.

Read more:

back to top

What is AVS?

AVS stands for Address Verification System and is a security mechanism used with online card payments. The main idea is to compare the provided address information with the customer billing information associated with the card. AVS is designed to minimize fraudulent non face-to-face cards transactions.

The system is also flexible enough to allow simple mistakes (for example making a typo in a street name doesn't have to be considered a typo) and define the sensitivity using a variety of result codes. AVS is available only in specific countries.

back to top

What is GeoIP?

GeoIP is a security mechanism that determines the card holder's location. Such data is very useful (especially when compared to a transaction history) and allows to detect fraudulent payments or mark them as suspicious.

back to top

What is PCI DSS?

PCI DSS stands for Payment Card Industry Data Security Standards - it's a standard developed in order to ensure the security of card data. Companies that have a PCI DSS certificate must obey specific rules and fulfill requirements (technical, procedural, etc.) defined by the PCI Security Standards Council.

The certificates differ depending on the company type, for example payment processors get fully and thoroughly audited, whereas retailers only have to confirm that they have fulfilled specific requirements.

back to top

What is SSL and when do I need to have it on my website?

SSL stands for Secure Socket Layer and is a cryptographic protocol that ensures security of transferred data. A proper certificate for a domain may be purchased if there's a need for special security.

You will need such a certificate if you want to accept payments on your website using PayLane's API. Since your customers will enter sensitive data (e.g. card or address information) on your website instead of our Secure Form, you need to provide extra security for the data that will be sent from your website to our payment systems.

back to top
Couldn't find the answer you were looking for?
Contact us