AQSA Terms: Find all Terms well Defined
Authentication, Authorization, Accounting (AAA) - ANS AAA:
Protocol for authenticating a user based on their verifiable identity, authorizing a user
based on their user rights, and accounting for a user's consumption of network
resources.
Access Control - ANS Mechanisms that limit availability of information or
information-processing
A
resources only to authorized persons or applications.
VI
Account Data - ANS Data that consists of cardholder data and/or sensitive
authentication
data as well as the data on the magnetic strip or chip
TU
Account Number - ANS Primary Account Number (PAN) located on the credit card
Acquirer - ANS Also referred to as "merchant bank," "acquiring bank," or "acquiring
IS
financial institution". Entity, typically a financial institution, that processes payment card
transactions for merchants and is defined by a payment brand as an acquirer. Acquirers
are subject to payment brand rules and procedures regarding merchant compliance.
OM
1 day - ANS length of time the clearing process typically takes in North America
2 days - ANS length of time the settlement process typically takes in North America
NA
Administrative Access - ANS Elevated or increased privileges granted to an account
in order for that account to manage systems, networks and/or applications.
Administrative access can be assigned to an individual's account or a builtin system
account. Accounts with administrative access are often referred to as "superuser",
"root", "administrator", "admin", "sysadmin" or "supervisorstate", depending on the
JP
particular operating system and organizational
structure.
Adware - ANS Type of malicious software that, when installed, forces a computer to
automatically display or download advertisements.
, AES - ANS Abbreviation for "Advanced Encryption Standard." Block cipher used in
symmetric key cryptography adopted by NIST in November 2001 as U.S. FIPS PUB
197 (or "FIPS 197")
ANSI - ANS Acronym for "American National Standards Institute." Private, non-profit
organization that administers and coordinates the U.S. voluntary
standardization and conformity assessment system.
Anti-Virus - ANS Program or software capable of detecting, removing, and protecting
against various forms of malicious software (also called "malware") including viruses,
A
worms, Trojans or Trojan horses, spyware, adware, and rootkits.
VI
AOC - ANS Acronym for "attestation of compliance." The AOC is a form for merchants
and service providers to attest to the results of a PCI DSS assessment, as documented
in the Self-Assessment Questionnaire or Report on Compliance.
TU
AOV (Attestation of Validation) - ANS Acronym for "attestation of validation." The AOV
is a form for PA-QSAs to attest to the results of a PA-DSS assessment, as documented
in the PADSS Report on Validation.
IS
Application - ANS Includes all purchased and custom software programs or groups of
programs, including both internal and external (for example, web)
OM
applications.
Audit Log / Audit Trail - ANS Chronological record of system activities. Provides an
independently verifiable trail sufficient to permit reconstruction,
review, and examination of sequence of environments and activities surrounding or
NA
leading to operation, procedure, or event in a transaction from inception to final results.
Authentication - ANS Process of verifying identity of an individual, device, or process.
This typically occurs through the use of one or more authentication factors such as:
Something you know, such as a password or passphrase
JP
Something you have, such as a token device or smart card
Something you are, such as a biometric
Authentication Credentials - ANS Combination of the user ID or account ID plus the
authentication factor(s) used to authenticate an individual, device, or process,
