Terms and definitions
- Payment gateway
-
A legal entity representing the web service that routes authorization requests and processes online payments with debit and credit cards.
The gateway acts as an intermediary between the site that receives payment and the acquiring bank that sends data to the bank that issued the customer's card.
- Payment aggregator
-
A web service that gives merchants comprehensive access to different payment methods in one payment form.
- Merchant
-
A legal entity or an individual entrepreneur that sells goods, works, or services and receives payment via a website that uses its own or an external payment processing system.
- Direct connection
-
API integration Yandex Pay for gateways and merchants that use their own payment processing system.
- Payment processing system
-
A web service that processes users' bank card data. The company that processes payments must have a PCI DSS compliance certificate and an Attestation of Compliance (AOC) report from an independent QSA auditor.
- If a payment gateway or a merchant have their own payment processing system, it means they process bank card data by themselves and have a PCI DSS compliance certificate.
- If they have an external payment processing system, it means the merchant uses the services of a payment aggregator or an internet acquiring bank.
- PCI DSS standard
- PCI DSS (Payment Card Industry Data Security Standard) is a security standard developed by the Payment Card Industry Security Standards Council. All organizations that process payments must comply with this standard.