Digital risk changes daily, presenting businesses with a constant stream of new challenges to face and fraud actors to fight. This comprehensive, evergreen glossary of fraud and risk acronyms represents a broad collection of terms both regularly and rarely used across the space, and serves as a core resource for teams defending businesses and merchants against online fraud.

#

• 2FA (Two-factor Authentication): A security process that requires users to provide two different types of identification before gaining access to an account or system. 
• 3DS (3-D Secure): A fraud protection measure that requires the completion of additional authentication through the card issuer. 

A

• ACH (Automated Clearing House) Fraud: The theft of funds through the Automated Clearing House financial transaction network. 
• ACL (Access Control List): A set of rules that defines permissions for accessing network resources, ensuring that only authorized users can access specific data.
• AES (Advanced Encryption Standard): A widely-used symmetric encryption algorithm that secures data by transforming it into an unreadable format.
• AO (Account Opening): The process of creating a new account with a financial institution or service provider. This process is often a target for fraud, where attackers attempt to create accounts using stolen or synthetic identities.
• APT (Advanced Persistent Threat): A prolonged and targeted cyberattack where an intruder gains unauthorized access to a network and remains undetected for an extended period.
• ATO (Account Takeover): A malicious form of online fraud where fraudsters gain control over a victim’s device, email account, bank account, or other online account. 
• AV (Antivirus): Software designed to detect, prevent, and remove malware.
• AVS (Address Verification System): A tool that helps prevent fraudulent credit or debit card transactions on online forms and pages.

B

• BIA (Business Impact Analysis): An assessment that predicts the consequences of disruptions to business functions and processes.
• BIN (Bank Identification Number): The first six digits of a credit card number, used to identify the issuing bank or financial institution.
• BIOS (Basic Input/Output System): Firmware used to perform hardware initialization and provide runtime services for operating systems.
• BOTS (Robots): Automated software applications that perform tasks over the internet, which can be malicious when used in cyberattacks.
• BPA (Business Process Automation): The use of technology to automate repetitive, manual tasks, often used to improve efficiency and reduce human error.

C

• CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart): A tool used to determine whether a user is human or a bot, preventing automated abuse.
• CB (Chargeback): A reversal of a credit card transaction, typically initiated by the cardholder or issuing bank when a dispute arises.
• CIRT (Computer Incident Response Team): A group responsible for responding to security breaches and cyber threats within an organization.
• CISO (Chief Information Security Officer): An executive role tasked with overseeing an organization’s information and data security.
• CVE (Common Vulnerabilities and Exposures): A publicly available list of known cybersecurity vulnerabilities.
• CIO (Chief Information Officer): A senior executive responsible for managing and implementing information and computer technologies.
• CNP (Card Not Present): A payment card transaction where the cardholder does not physically present the card to the seller.
• CP (Card Present): A type of transaction where the physical payment card is presented at the point of sale, reducing the risk of fraud.
• CSV (Comma-Separated Values): A file format that uses commas to separate values, often used for data exchange between systems.

D

• DDoS (Distributed Denial of Service): An attack that overwhelms a system’s resources, rendering it unavailable to intended users.
• DMZ (Demilitarized Zone): A physical or logical subnetwork that separates an internal local area network (LAN) from other untrusted networks.
• DLP (Data Loss Prevention): Strategies and tools that ensure sensitive data is not lost, misused, or accessed by unauthorized users.
• DNS (Domain Name System): The system that translates domain names into IP addresses.

E

• EB (Empty Box): A type of fraud claim where a buyer falsely reports receiving an empty package instead of the purchased item.
• EDR (Endpoint Detection and Response): Security solutions that monitor end-user devices to detect and respond to cyber threats.
• EPP (Endpoint Protection Platform): Integrated security solutions designed to detect and block threats at device level.
• E2EE (End-to-End Encryption): A method of data transmission where only the communicating users can read the messages.

F

• FIPS (Federal Information Processing Standards): Standards for information processing set by the U.S. federal government to ensure computer security and interoperability.
• FTID (Fake Tracking ID): A type of fraud where the scammer provides a fake or manipulated tracking number to falsely show delivery of goods.
• FTP (File Transfer Protocol): A standard network protocol used for the transfer of computer files between a client and server.

G

• GDPR (General Data Protection Regulation): EU regulation that governs data protection and privacy for individuals within the European Union.
• GRC (Governance, Risk Management, and Compliance): An integrated approach to managing an organization’s overall governance, risk, and compliance.

H

• HIPAA (Health Insurance Portability and Accountability Act): U.S. legislation that provides data privacy and security provisions for safeguarding medical information.
• HIDS (Host-based Intrusion Detection System): Software that monitors a single host for suspicious activity.
• HTML (HyperText Markup Language): The standard markup language used for creating web pages and web applications.

I

• IAM (Identity and Access Management): Frameworks and technologies that ensure the right individuals access the right resources at the right times.
• IBAN (International Bank Account Number): A unique identifier used in international transactions to specify an individual bank account across borders.
• IDS (Intrusion Detection System): Monitors network or system activities for malicious actions or policy violations.
• IoT (Internet of Things): A network of physical devices connected to the internet, capable of collecting and exchanging data.
• IP (Internet Protocol): A digital media transport system that runs over standard networks. Can be manipulated in “IP Spoofing” attacks.
• IPsec (Internet Protocol Security): A suite of protocols that secures internet communication by authenticating and encrypting each IP packet.
• IPS (Intrusion Prevention System): A system that monitors a network for malicious activities and takes actions to prevent them.

J

• JWT (JSON Web Token): A compact, URL-safe means of representing claims to be transferred between two parties. It is often used for secure authentication in web applications.
• JIT (Just-In-Time): A method that grants users elevated privileges only when needed and for the shortest duration necessary, reducing the risk of abuse of those privileges.

K

• KPI (Key Performance Indicator): A measurable value that demonstrates how effectively an organization is achieving key objectives.
• KYB (Know Your Business): A due diligence process used by financial institutions and other businesses to verify the identity and legitimacy of a business entity, including its owners and key stakeholders, to prevent fraud and ensure compliance with regulations.
• KYC (Know Your Customer): The process used by businesses to verify the identity of their clients and assess potential risks.

L

• LDAP (Lightweight Directory Access Protocol): An open, vendor-neutral protocol for accessing and maintaining distributed directory information services.
• LEA (Law Enforcement Agency): Government agencies responsible for the enforcement of laws.

M

• MFA (Multi-Factor Authentication): A security system that requires more than one method of authentication from independent categories to verify the user’s identity.
• MITM (Man-In-The-Middle): A cyberattack where the attacker secretly intercepts and possibly alters the communication between two parties.
• MSSP (Managed Security Service Provider): A third-party company that provides outsourced monitoring and management of security systems and devices.

N

• NAD/SNAD (Not as Described/Significantly Not as Described): A fraud dispute where the buyer claims that the received product is not as described or is significantly different from what was advertised.
• NDA (Non-Disclosure Agreement): A legal contract establishing a confidential relationship between parties.
• ND/INR (Not Delivered/Item Not Received): A dispute where the buyer claims they did not receive the purchased item.
• NIDS (Network-based Intrusion Detection System): Monitors network traffic for suspicious activity.
• NIST (National Institute of Standards and Technology): U.S. agency that develops and promotes measurement standards.

O

• OSINT (Open Source Intelligence): Information collected from publicly available sources.
• OTP (One-Time Password): A password that is valid for only one login session or transaction.

P

• PAM (Privileged Access Management): Tools and processes to secure, manage, and monitor privileged access and permissions for users, accounts, and processes.
• PCI DSS (Payment Card Industry Data Security Standard): A set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment.
• PII (Personally Identifiable Information): Information that can be used to identify, contact, or locate a single person.
• PKI (Public Key Infrastructure): A framework for managing digital certificates and public-key encryption.
• POD (Proof of Delivery): Evidence that a product has been delivered, typically used to resolve disputes related to non-delivery claims.
• POS (Point of Sale): The location or system where a retail transaction is completed, often associated with the processing of card payments.
• PSD2 (Payment Services Directive 2): A set of European Union (EU) rules that govern how payment service providers operate.
• PSD3 (Payment Services Directive 3): An upcoming revision to the existing set of European Union (EU) rules that govern how payment service providers operate.
• PSP (Payment Services Provider): A third-party company that acts as an intermediary between businesses and consumers to facilitate electronic payments (also known as merchant service providers).
• PSR (Payment Services Regulations): A draft regulation from the European Commission that will govern payment services and banking responsibilities for EU member states.

Q

• QSA (Qualified Security Assessor): A designation given to individuals who are certified by the Payment Card Industry Security Standards Council (PCI SSC) to audit and assess a company’s compliance with PCI DSS (Payment Card Industry Data Security Standard).
• QoS (Quality of Service): While more commonly used in networking, QoS can be relevant in cybersecurity when discussing the performance and reliability of security services, particularly in ensuring that critical security measures are prioritized over less important network traffic.

R

• RBAC (Role-Based Access Control): An approach to restricting system access to authorized users based on their role within an organization.
• RDP (Remote Desktop Protocol): A protocol developed by Microsoft that provides a user with a graphical interface to connect to another computer over a network connection.
• ROI (Return on Investment): A performance measure used to evaluate the efficiency or profitability of an investment.
• RNG (Random Number Generator): A device or algorithm that generates a sequence of numbers that cannot be reasonably predicted better than by a random chance.

S

• SAFE (Self Assessment Fraud Examination): A process or tool used for evaluating potential fraud risks within an organization.
• SCA (Secure Customer Authentication): A regulatory requirement in the European Union (EU) under the Payment Services Directive 2 (PSD2), mandating that electronic payments require multi-factor authentication to verify the identity of the user.
• SIEM (Security Information and Event Management): Software that aggregates and analyzes activity from many different resources across your IT infrastructure.
• SOC (Security Operations Center): A centralized function within an organization employing people, processes, and technology to continuously monitor and improve an organization’s security posture.
• SOC2 (Service Organization Control 2): A compliance standard for organizations that handle customer data, ensuring that they manage and protect this data securely. SOC 2 is based on five “Trust Service Criteria”: security, availability, processing integrity, confidentiality, and privacy. 
• SQLi (SQL Injection): A code injection technique that might destroy your database.
• SSH (Secure Shell): A protocol that provides a secure channel over an unsecured network.
• SSL (Secure Sockets Layer): A standard security technology for establishing an encrypted link between a server and a client.
• SSO (Single Sign-On): An authentication process that allows a user to access multiple applications with one set of login credentials.

T

• TC40: A report generated by card networks that provides information about fraudulent transactions, used by issuers to track fraud trends.
• TLS (Transport Layer Security): Successor to SSL, providing secure communication over a computer network.
• TTP (Tactics, Techniques, and Procedures): Describes the behavior of cyber adversaries.

U

• UEBA (User and Entity Behavior Analytics): A cybersecurity process about detection of insider threats, targeted attacks, and financial fraud.
• URL (Uniform Resource Locator): The address of a resource on the internet.

V

• VMPI (Visa Merchant Purchase Inquiry): A system that allows merchants to respond quickly to disputes by sharing transaction details with issuers through Visa.
• VPN (Virtual Private Network): Extends a private network across a public network, enabling users to send and receive data as if their devices were directly connected to the private network.
• VULN (Vulnerability): A weakness in a system that can be exploited to compromise the system’s security.
• VLAN (Virtual Local Area Network): A subgroup within a network that combines devices from different physical LANs.
• VRR (Visa Resolve Online): An online tool provided by Visa for resolving disputes and chargebacks between merchants and issuers.

W

• WAF (Web Application Firewall): Protects web applications by filtering and monitoring HTTP traffic.
• WPA (Wi-Fi Protected Access): A security protocol designed to secure wireless computer networks.
• WORM (Write Once, Read Many): A data storage technology that allows information to be written to a disc a single time and prevents the disc from being erased or modified.

X

• XDR (Extended Detection and Response): Integrates multiple security products into a cohesive security operations system.
• XSS (Cross-Site Scripting): A security vulnerability that allows attackers to inject malicious scripts into content from otherwise trusted websites.

Y

• YARA (Yet Another Recursive Acronym): A tool used in cybersecurity for pattern matching to identify and classify malware, based on specific patterns in the code.
• YK (YubiKey): A hardware authentication device used for two-factor authentication, supporting one-time passwords, public-key cryptography, and authentication protocols.

Z

• ZKP (Zero-Knowledge Proof): A method by which one party proves to another that a statement is true without revealing any information beyond the validity of the statement itself.
• ZTNA (Zero Trust Network Access): A security model that requires strict identity verification for every person and device trying to access resources on a private network.

Looking for more educational resources? Explore Sift’s Trust & Safety University.