Last changes: 12-12-2018


2FA (Two-factor Authentication)

a security process in which a customer uses two different authentication methods to verify themselves to better protect both the personal credentials and the resources the customer can access. The combination of identifiers used for an authentication consists of something the user knows (e.g. a password) and something the user has (e.g. a device for generating physical one-time passwords (OTP)) or something the user is (e.g. biometric fingerprint).


3-D Secure

a system designed to be an additional security layer to protect customers and merchants during online transactions. To activate the service, the cardholder must register for it and provide some personal data. Then he/she has to create a PIN number that will be assigned to his credit or debit card. This feature will automatically request for the 3D Secure Password each time the user buys something online.


Account Balance

the current amount of money stored on a checking or savings account, given by the net amount composed of all credits and debits. Our E-Wallet solution allows the end user to store value and to load/unload funds.

Account Number

the primary identifier of an account, whether a Technical Account, an E-Wallet Account or a Merchant Account which consists of letters or numbers. Our API facilitates to either specify an account number assigned by the KontoCloud platform or an External Account Reference and is indicated by the API parameter Account Number Type.

Account Number Type

an API parameter which indicates whether the provided account number has been assigned by the KontoCloud platform or is an External Account Reference. The allowed values and associated descriptions can be found in the Lookup tables.


typically, acquirers are financial institutions that receive the rights to a trading account which allows them to manage the merchant's bank account. In order to accept card payments, the acquirer must be licensed by the relevant card networks and be a payment processor partner, or be a payment service provider itself.

API (Application Programming Interface)

a programmatic interface with public endpoints to access resources. Web APIs use HTTP methods and access via URLs which specify where the resources lie. Typically, JSON or XML are used to transmit data. A detailed description of all API methods can be found in the API Reference.



a list of untrustworthy clients, who were involved in illegal or fraudulent activities in the past. They are denied access to a certain systems or protocols to prevent fraud and reduce the financial risk. The opposite of the blacklist is a whitelist that denies access to all items except those listed. With our Compliance Checks and Risk Checks you can easily assess the trustworthiness of a person or company, thus significantly reducing the risk of payment default or fraud.



a debit to a depositor's account for something that has been previously credited, as for a returned bad check. In particular, this is a reversal of a pre-transfer of money from a bank account, credit card or credit line to the consumer. Upon the occurrence of such an event our Notification Service will inform you via a Chargeback Callback.


the process of e-commerce that a customer must go through when checking out the items in the cart. There, the customer is asked to choose the payment method preferred by him/her and the address input (see section Payment Process). The analysis of relevant data and indicators is the key to optimizing the checkout process.


a person, company, organization or country to whom money is owed due to claims on services provided for a second party, called the debtor.


Digital Marketplace

our solution to manage multiple Technical Accounts, E-Wallets and Merchant Accounts.


External Account Reference

an identifier of an account within your own solution. It can be set in API methods as a reference to a Technical Account or E-Wallet Account (see Account Number Type).


HTML (HyperText Markup Language)

the standard markup language for creating web pages and applications. Web browsers receive HTML documents from a local repository or from a web server and convert documents into multimedia webpages. HTML is a plain text, not compiled and could be read by humans. The file extension for an HTML file is .htm or .html.


IDE (Integrated Development Environment)

a software package that contains the basic tools needed to write and test software. It is designed to maximize programmer productivity by providing components with similar user interfaces. An IDE normally consists of build automation tools, a source code editor and a debugger.



a high-level programming language that produces software for multiple platforms. It is class-based, object-oriented, concurrent and designed to have as few implementation dependencies as possible. Java applications are compiled to bytecode that can run on any Java virtual machine (JVM) regardless of computer architecture. Java filenames use the extension .java.


a high-level, scripting language used especially to create interactive applications running over the Internet. It is the most widely supported client-side language that can run within a Web browser. JavaScript engines are embedded in many runtime environments that make JavaScript available for writing mobile and desktop applications, including desktop widgets. JavaScript filenames use the extension .js.

JSON (Javascript Object Notation)

a text-based, human-readable data exchange format used to represent simple data structures and objects in a web browser-based code. It is also used in desktop and server-side programming environments. JSON is a language-independent data format and its official Internet media type is application/json. JSON filenames use the extension .json.



our completely white labelled digital wallet platform with rich customizability which can be tailored to fit your brand identity. It guaranties complete ownership of both customers and merchants.


Merchant Account

an account in the Digital Marketplace that allows businesses to accept payments via multiple payment options from a customer.



an object-oriented, general-purpose programming language that is used in iOS operating systems, the OS X and their application programming interfaces (APIs). It adds new language features in the C programming language. Objective-C source code 'implementation' program use the extension .m and the Objective-C 'header/interface' files have .h extensions.


Payment Option Code

an abbrevation set in API methods as a reference to a payment option. All payment options and the associated payment option codes can be found in the Lookup tables.

PCI DSS (Payment Card Industry Data Security Standard)

a standard that all organizations and also online retailers, must follow when storing, processing and transmitting the customer's credit card data. It is mandated by the card brands and administered by the Payment Card Industry Security Standards Council in order to increase controls around cardholder data and to reduce credit card fraud.

PEP (Politically Exposed Person)

an individual who is or has been entrusted with a prominent public function. PЕPs represent a higher risk for potential participation in bribery and corruption schemes due to their position and the influence they have. "Senior foreign political figure" is a similar term, often used interchangeably with PEP.

Program Account

an unique account in the Digital Marketplace, also known as the clearing account, as all funds must pass through it as part of the conversion from fiat to electronic money. Each Program Account can be identified by its Progam Account Number.



denying a payment process for a user when paying with a card or bank transaction for an online purchase. The payment rejection may be due to a variety of reasons such as insufficient funds or closed account. Sometimes payments are also rejected because the selected intermediary bank has changed without notice.


a software architectural style that defines a set of constraints for developing web services. Due to its simplicity and the fact that it builds upon existing systems and features of HTTP, REST gained a lot of popularity in the recent years. For an instance, RESTful APIs use the standard HTTP status codes to signal their status. Furthermore, REST is language-independent and can be implemented in any programming language which can make web-based requests using HTTP.


Sanctions List

any list of persons or entities published in connection with Sanctions Laws, by or on behalf of any Sanctions Authority. Sanctions lists play an important role in the financial institution’s anti-money laundering (AML) policy and influence how and with whom this institution does business. Sanctions may be imposed as a result of an illegal activity or to achieve a foreign policy/diplomatic aim.

SDK (Software Development Kit)

a set of software development tools used for developing applications for a specific device or operating system. Our SDKs allow an easy and customizable creation of a payment form to securely collect the customer’s payment option details and support web based as wells as mobile platforms.

SEPA Direct Debit

a European Direct Debit system that allows merchants to collect Euro-denominated payments from accounts in the 34 SEPA countries and associated territories. A big advantage for the consumers is the automating of transactions. Consumers avoid the risk of missing a payment deadline, or being charged additional fees for late payments and suffering from an interruption of service.

SEPA Mandate

аuthorization granted by the customer, allowing to collect future payments from them at any time on their Euro-denominated bank account. Strict rules apply to this process and the authorisation to collect payments is only granted if the mandate is valid. Each mandate must include mandatory information and legal wording.


TAN (Transaction Authentication Number)

a type of single use one-time passwords (OTPs) used for an online banking transaction in combination with a standard ID and password. TANs are usually on a list made by a financial institution and sent to the owner of the account. They provide additional security because they act as a form of two-factor authentication (2FA).


the process of replacing a sensitive data element with a non-sensitive one, designated as a sign that has no external operational meaning or value. The tokenization system provides data processing applications to request tokens or detokenizes sensitive data. Tokenization significantly exacerbates the access of hackers to sensitive information (e.g. card holder data) compared to old systems, where such data has been stored in databases and freely exchanged over networks.


White Label

a fully supported product or service removes their brand and logo and allows a purchaser to rebrand. The purchaser profits from the expertise and infrastructure of the provider and a product that fits their brand identity.


XML (Extensible Markup Language)

a markup language that defines a set of rules for encoding documents in a format that is both human- and machine-readable. It uses a structured representation by allowing user to create custom defined tags according to XSD (XML Schema Definition). XML filenames use the extension .xml.