Dictionary
Comprehensive Glossary of Security Terms

A
Absconder Fraud
Absconder fraud refers to a specific type of fraudulent activity where an individual deliberately evades legal obligations, typically by disappearin...
Accidental Friendly Fraud
Accidental Friendly Fraud refers to a type of chargeback or payment dispute that occurs unintentionally, often as a result of consumer confusion rat...
Account Farming
Account Farming is a practice where individuals or automated bots create and maintain numerous online accounts with the intent of exploiting them fo...
Account Takeover
Account takeover (ATO) is a form of identity theft wherein a malicious actor gains unauthorized access to a victim's online account. This type of fr...
Acquirer (Acquiring Bank)
The term "Acquirer" or "Acquiring Bank" refers to a financial institution that processes credit and debit card transactions on behalf of a merchant....
Active Authentication
Active Authentication is a security approach that integrates continuous user verification with traditional authentication methods, creating a more d...
Address Verification Service (AVS)
The Address Verification Service (AVS) is a fraud prevention tool used by credit card processors to verify the billing address provided by a custome...
Age Verification
Age Verification is a process used by businesses and online platforms to ensure that users meet the minimum legal age requirements for accessing cer...
Anti-Money Laundering International Database (AMLID)
The Anti-Money Laundering International Database (AMLID) is a crucial resource in the fight against money laundering and related financial crimes. A...
Application Fraud
Application fraud is a type of financial crime where individuals or entities provide false, misleading, or stolen information on applications to gai...
Arbitrage (Arbs/Arber)
Arbitrage, often referred to in the financial and commerce sectors as "Arbs" or "Arber," is the practice of exploiting price differences of the same...
Auction Fraud
Auction Fraud is a form of online fraud that occurs when perpetrators exploit auction platforms to deceive buyers or sellers, resulting in financial...
Authorized Push Payment (APP) Fraud
Authorized Push Payment (APP) Fraud is a type of scam in which individuals are tricked into authorizing payments to fraudsters. Unlike traditional u...
B
BIN Attack
A BIN Attack is a type of fraud where cybercriminals exploit Bank Identification Numbers (BINs) to carry out unauthorized transactions using stolen ...
Bank Drop
A Bank Drop is a term commonly associated with fraudulent schemes involving the creation and use of a bank account to launder money or receive illic...
Behavioral Analysis
Behavioral Analysis in the context of cybersecurity refers to the technique of monitoring and understanding user behavior patterns to detect anomali...
Biometric Authentication
Biometric Authentication is a security process that verifies an individual's identity using unique biological characteristics. These characteristics...
Biometric Verification
Biometric Verification is a process that confirms an individual's identity by comparing their unique biological traits to previously recorded data. ...
Blackbox Machine Learning
Blackbox Machine Learning refers to machine learning models whose internal workings are not easily interpretable or transparent to users. Often char...
Blended Threat
A Blended Threat is a sophisticated type of cyber threat that combines multiple attack vectors and methods to exploit vulnerabilities in a network o...
Botnet
A botnet, short for "robot network," is a collection of internet-connected devices infected by malware, allowing cybercriminals to control them remo...
Browser Hash
A Browser Hash is a unique identifier generated from the properties and configurations of a web browser, often used in the context of online trackin...
Burner Phone
A burner phone is a mobile phone designed for temporary use, often purchased with prepaid minutes and requiring no long-term contracts or personal i...
Business Email Compromise (BEC)
Business Email Compromise (BEC) is a form of cybercrime that involves the use of deceptive tactics to gain access to a business email account with t...
Business Verification Services
Business Verification Services are essential tools used by companies to authenticate the identity and legitimacy of other businesses with whom they ...
C
CNAM (Caller ID Name)
CNAM, or Caller ID Name, is a telecommunication feature that displays the calling party's name alongside their phone number when a call is received....
Canvas Fingerprinting
Canvas Fingerprinting is a technique used for tracking users online by exploiting the HTML5 canvas element in web browsers. Unlike traditional track...
Card Cloning
Card Cloning, often referred to as "skimming," is a type of financial fraud that involves duplicating the information on a credit or debit card's ma...
Card Cracking
Card Cracking is a fraudulent activity in which cybercriminals use a combination of deceptive techniques and automated tools to guess or generate va...
Card Not Present Fraud
Card Not Present (CNP) fraud is a type of payment fraud that occurs when a transaction is made without the physical presence of a credit or debit ca...
Card Purchase Authorization
Card Purchase Authorization is a crucial process in the payment transaction lifecycle that verifies the availability of funds and approves the trans...
Card Testing
Card Testing, also known as "credit card testing," is a fraudulent activity in which cybercriminals use a set of credit or debit card numbers to det...
Carding
Carding is an illegal activity that involves obtaining and using stolen credit or debit card information to make unauthorized purchases or transacti...
Certificate Fraud
Certificate Fraud involves the creation or manipulation of certificates to deceive individuals or systems. These certificates can range from digital...
Chargeback Rate
The Chargeback Rate is a metric used by financial institutions and merchants to measure the frequency of chargebacks in relation to the total number...
Chargeback Recovery
Chargeback Recovery refers to the process merchants engage in to dispute and reverse chargebacks that are issued by banks or credit card companies o...
Chargebacks
Chargebacks are a consumer protection mechanism that allows cardholders to dispute transactions on their credit or debit cards and request a reversa...
Chip Dumping
Chip Dumping is a fraudulent tactic often associated with poker games, especially in online environments. This scheme involves collusion between pla...
Clean Fraud
Clean Fraud is a sophisticated type of credit card fraud where the perpetrator uses legitimate card details and circumvents traditional fraud detect...
Compliance as a Service (CaaS)
Compliance as a Service (CaaS) is a cloud-based model designed to help businesses adhere to industry regulations, legal standards, and internal poli...
Cookie Hash
A Cookie Hash is a cryptographic representation of data contained within a web cookie, often used to enhance security and verify the integrity of th...
Cookie Stuffing
Cookie Stuffing is a type of online fraud where a user is unwittingly loaded with third-party cookies, often without their consent or knowledge, in ...
Credit Card Decline Codes
Credit Card Decline Codes are numerical or alphanumeric codes that indicate the reason a credit card transaction has failed to process. When a trans...
Cross Site Scripting
Cross-Site Scripting (XSS) is a type of security vulnerability found in web applications, where an attacker injects malicious scripts into web pages...
Cross-Browser Fingerprinting
Cross-Browser Fingerprinting is an advanced tracking technique designed to identify and monitor users across different web browsers on the same devi...
Cross-Channel Fraud
Cross-channel fraud is a sophisticated type of financial crime where fraudsters exploit multiple channels—such as online banking, mobile apps, and i...
Cryptojacking
Cryptojacking is a form of cybercrime that involves the unauthorized use of an individual's or organization's computing resources to mine cryptocurr...
Customer Identification Program (CIP)
A Customer Identification Program (CIP) is a critical component of the broader set of Anti-Money Laundering (AML) regulations implemented by financi...
Customer Identity and Access Management
Customer Identity and Access Management (CIAM) is a specialized discipline within identity and access management that focuses on managing and securi...
Cyberfraud
Cyberfraud represents a range of fraudulent activities carried out via digital technologies, most notably through the internet. It involves deceptio...
D
Dark Web
The dark web is a small part of the deep web that has been intentionally hidden and is inaccessible through standard web browsers. Accessible only u...
Data Sovereignty
Data Sovereignty is a principle stating that digital information is subject to the laws and governance structures within the nation in which it is c...
Datacenter Proxy
A Datacenter Proxy is a type of proxy server that routes internet requests through a data center rather than an individual’s internet connection. Un...
Deepfake
Deepfake technology refers to the use of artificial intelligence and machine learning to create realistic digital forgeries, often involving human f...
Defaulting Customers
Defaulting Customers are individuals or businesses that fail to meet their debt obligations or payment terms as agreed upon with a lender or service...
Device Hash
A Device Hash is a unique identifier created by analyzing a combination of a device's attributes and configurations. Unlike cookies, which can be ea...
Disposable Email
A Disposable Email is a temporary email address that serves as an alternative to a user's permanent email account. These addresses are designed to e...
Double Dipping
Double Dipping is a term used in various contexts, often as a form of fraud involving the exploitation of a single resource or entitlement in multip...
Doxxing
Doxxing is a malicious practice involving the public release of an individual’s private or sensitive information without their consent, often with t...
Drop Address
A Drop Address is a location used by individuals engaged in fraudulent activities or illicit trades to receive goods purchased with stolen or counte...
P
P2P Fraud
Peer-to-peer (P2P) fraud is a type of fraud that occurs in transactions facilitated by P2P platforms, where users interact directly to exchange good...
Passive Authentication
Passive authentication is a security process that verifies a user's identity seamlessly and discreetly, without requiring direct input or action fro...
Payment Authentication
Payment authentication is a critical component of financial transactions, designed to ensure that the person attempting to make a transaction is ind...
Payment Conversion Rate
Payment conversion rate is a crucial metric in the e-commerce and digital services sector. It measures the effectiveness of an online platform in co...
Payment Reversal
Payment reversal is a process within financial transactions where funds originally sent to a recipient through a payment method are returned to the ...
Pharming
Pharming is a malicious cyber attack technique where a victim is redirected from a legitimate website to a fraudulent one without their knowledge. T...
Phishing
Phishing is a malicious practice aimed at deceiving individuals into divulging sensitive information, such as passwords, credit card numbers, or soc...
Phishing Scams
Phishing scams are a type of cybercrime where attackers pose as reputable entities to deceive individuals into providing sensitive information such ...
Politically Exposed Person (PEP)
A Politically Exposed Person (PEP) is an individual who holds or has held a prominent public position, which can make them more susceptible to invol...
Promo Abuse
Promo abuse, also known as promotional abuse, refers to the exploitation of promotional campaigns, discounts, or incentives offered by companies. Th...
Proof of Address
Proof of address is a document or documentation used to confirm an individual’s residential address. This verification process is a fundamental requ...
S
SCA
Strong Customer Authentication (SCA) is a regulatory requirement aimed at enhancing the security of electronic payments and reducing fraud. Part of ...
SIM Swap Scam
A SIM swap scam, also known as SIM hijacking or SIM swapping, is a type of identity theft where fraudsters take control of a victim’s mobile phone n...
SOCMINT (Social Media Intelligence)
SOCMINT, or Social Media Intelligence, refers to the process of collecting, analyzing, and exploiting information from social media platforms to gai...
SSL Inspection
SSL Inspection, also known as SSL/TLS interception or HTTPS interception, is a process that allows organizations to monitor and analyze encrypted SS...
Sanctioned Entity
A sanctioned entity refers to an individual, organization, or country that is subject to economic or legal penalties imposed by governing bodies or ...
Scareware
Scareware is a form of malicious software designed to trick users into believing their computer is infected with viruses or other security threats. ...
Second Party Fraud
Second party fraud is a deceptive activity where a trusted individual, often someone within an organization or a known associate, intentionally mani...
Self-Sovereign Identity
Self-sovereign identity (SSI) is a revolutionary concept in digital identity management that allows individuals to control and manage their own pers...
Shipping Fraud
Shipping fraud is a type of deception involving the manipulation or misrepresentation of shipping-related processes to cheat businesses or consumers...
Skimming
Skimming is a type of financial fraud where criminals capture personal and card information from unsuspecting victims during legitimate credit or de...
Smurfing
Smurfing is a term used in multiple contexts, notably in financial circles and online gaming, with different implications in each field. In finance,...
Sneaker Bot
Sneaker bots are automated software programs designed to perform tasks associated with purchasing limited-edition sneakers, often at speeds far exce...
Social Engineering
Social engineering is a manipulation technique used by cybercriminals to trick individuals into divulging confidential information or performing act...
Social Media Profiling
Social media profiling involves collecting and analyzing data from social media platforms to construct a detailed representation of a user's interes...
Source of Funds
Source of Funds (SoF) refers to the origin from which a person or entity's funds are derived. In financial and regulatory contexts, establishing the...
Spear-Phishing
Spear-phishing is a targeted and sophisticated form of phishing attack that focuses on a specific individual or organization, with the goal of steal...
Sports Betting Arbitrage
Sports betting arbitrage, often referred to as "arbing," is a strategy where bettors exploit differences in odds offered by various bookmakers to gu...
Supervised Machine Learning
Supervised machine learning is a type of artificial intelligence that involves training an algorithm on a labeled dataset, where the input data is p...
Suspicious Activity Report (SAR)
A Suspicious Activity Report (SAR) is a document that financial institutions and other regulated entities file with regulatory authorities to report...
Synthetic Fraud
Synthetic fraud is a sophisticated type of financial fraud where criminals create fictitious identities by combining real and fake information. Unli...