GR - part 1 - iDEAL R&R Definitions
Contents
Definitions
In the iDEAL Rules & Regulations (iDEAL R&R) of Currence iDEAL B.V. (hereinafter: Currence), including the Licence, Certificate and Accreditation Agreements (hereinafter: Agreements) and the iDEAL API Specifications, the following terms are used with a capital letter and shall have the meaning as set out below.
If a term defined in these Definitions is also defined in a document of the iDEAL R&R or the annexes thereto, including the Agreements and the iDEAL API Specifications, the meaning given therein shall apply only within that specific document.
Definitions | |
Number | |
2 Factor Authentication (2FA) | Authentication by means of two or more Authentication Factors. |
A | |
Abuse | Improper use of iDEAL, such as Money Laundering, Terrorist Financing, Fraud and Non-Performance. |
Acceptance Confirmation | A confirmation from a User |
Acceptance Regulations | All requirements and obligations as set out in the R&R document ‘Acceptance Regulations’ to start the Certification Procedure. The Acceptance Regulations set out how to Certification Procedure works and also includes non-disclosure/confidentiality obligations. |
Accreditation Agreement | The accreditation agreement between the Accredited Party and Currence for the purpose of the Role of CPSP within the iDEAL Scheme. |
Accredited CPSP | A CPSP that has entered into an Accreditation Agreement with Currence for its Role as a CPSP. |
Accredited Party | The Institution with which Currence has signed an Accreditation Agreement. |
Acquirer | An Institution who has entered into a Licence Agreement with Currence for the Role of Acquirer, as further described in the Role Provisions for the Acquirer. |
Acquiring Domain | The Acquiring Domain comprises all activities relating to:
as well as other activities that are performed by the Acquirer on behalf of Acquiring Participants within the iDEAL Scheme. |
Acquiring Participant | A Merchant, CPSP or C2C Provider. |
Advisory Board | A representative body of Licencees and Certificate Holders, appointed in accordance with the Advisory Board Regulations. |
Advisory Board Member | A member of the Advisory Board representing one or more Licencees. |
Advisory Board Regulations | The sub-regulation entitled ‘Advisory Board Regulations’ which forms an integral part of the General Regulations of the iDEAL R&R. |
Agreement | The agreement between Currence and the Institution, comprising a Licence Agreement, Certificate Agreement or Accreditation Agreement. |
Alleged Violation | An alleged failure to comply with a Provision by an Institution. |
AML Directive | Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, as amended pursuant to Directive (EU) 2018/843. |
Applicable Data Protection Laws | Any applicable laws and regulations relating to the protection of Personal Data, including but not limited to the GDPR, any legislation implementing the requirements of the GDPR in each member state of the European Union, any legally binding requirements of supervisory authorities and any other applicable European Union or European Union member state law relating to the protection of Personal Data. |
Applicant | The party who has signed the Application Form in accordance with the provisions of Article 3 of the Acceptance Regulations. |
Application | The request by the Applicant to Currence to be accepted to perform the Requested Role or Roles. |
Application Form | The form for the request to be accepted to perform the Requested Role or Roles included in the annexes of the Acceptance Regulations. |
Authentication | A procedure which allows the Issuer to verify the identity of a User. |
Authentication Factor | A factor which has been confirmed to be linked to a User and which falls into one of the following categories:
and which is designed in such a way as to protect the integrity and confidentiality of the Authentication data. |
Authentication Means | A means made available by the Issuer, which can be used by a User for the purpose of Authentication in order to gain access to the Issuer’s Banking Environment. |
Authorisation | The User's approval of an iDEAL Transaction and the approval of the execution of the corresponding iDEAL Payment. |
B | |
B2B Domain | The B2B Domain comprises all activities in relation to an Acquirer or CPSP providing a Business with the possibility to receive funds from another Business by making an iDEAL Payment or initiating iDEAL Transactions on behalf of Acquiring Participants. |
Banking Environment | The mobile or online environment of the Issuer which is used for (amongst other things) Authentication or Authorisation of iDEAL Payments by a User. |
Beneficiary | The Acquiring Participant which directly receives the funds of the iDEAL Payment on its own IBAN. This is the creditor of the iDEAL Payment. |
Branding Manual | The document entitled ‘Branding Manual’ which contains detailed provisions for the requirements and instructions of the iDEAL logo's and the Distinctive Features. |
Breach | A failure by an Institution to observe a Provision. |
Business | A natural person or business entity, who is acting in the conduct of a profession or enterprise when purchasing or selling goods or services. |
Business Beneficiary | A Merchant receiving an iDEAL Payment as beneficiary pursuant to an iDEAL Transaction on a Business IBAN. |
Business Continuity Plan | Facilities and procedures, including back-up and recovery procedures, for iDEAL and data that are processed in relation to iDEAL Transactions and failover procedures, adequate to ensure the continued business processes of iDEAL. |
Business IBAN | A payment acocunt (IBAN) with a Business as account holder which is used for business purposes. |
C | |
C2B Domain | The C2B Domain comprises all activities in relation to an Acquirer or CPSP providing a Merchant with the possibility to receive funds from a User (Consumer) by making an iDEAL Payment, as well as an Acquirer or CPSP initiating iDEAL Transactions on behalf of Acquiring Participants. |
C2C Domain | The C2C Domain comprises all activities in relation to a a C2C Provider providing a Private Beneficiary with the possibility to receive funds from Consumers by initiating an iDEAL Transaction and ensuring that funds are transferred from the paying Consumer to the Private Beneficiary by making an iDEAL Payment, as well as a C2C Provider initiating iDEAL Transactions on behalf of Private Beneficiaries. |
C2C Provider | An Institution who has entered into a Certificate Agreement with Currence for the Role of C2C Provider, as further described in the Role Provisions for the C2C Provider. |
C2C Services | The iDEAL services provided by a C2C Provider to Private Beneficiaries in its Role of C2C Provider. |
Central Reporting Point (CRP) | The relevant Currence contact person mentioned in the contact list escalation teams who will be informed about a (suspected) Crisis Situation, as further described in iDEAL R&R ‘Escalation Procedure’. |
(digital) Certificate | A digital Certificate is an electronic file that is tied to a cryptographic key pair and authenticates the identity of a website, individual, organisation, user, device or server. It is also known as a public key Certificate or identity Certificate. |
Certificate Agreement | The certificate agreement of a Certificate Holder with Currence for the purpose of the Role of CPSP or C2C Provider within the iDEAL Scheme. |
Certificate Applicant | The Institution requesting a Certificate from the Currence CA |
Certificate Applicant Representative | A person with mandate and knowledge to request Certificates on behalf of their Institution. |
Certificate Authority | A certificate authority (CA) is an entity that issues Certificates to Subscribers. |
Certificate Holder | The Institution that has successfully completed the Certification Procedure and has entered into a Certificate Agreement with Currence. |
Certificate Policy | The policy of Currence stating the PKI's requirements concerning its procedures. |
Certificate Practice Statement | A document from a Certificate Authority which describes their practice for issuing and managing Public Key Certificates. |
Certificate Problem Report | A report Partners in the iDEAL Scheme can file to report any (security) issues regarding Certificates issued by the Currence CA. |
Certificate Revocation | Certificate Revocation is the act of invalidating a TLS Certificate before its scheduled expiration date. |
Certificate Signing Request | A message sent from a Certificate Applicant to a Certificate Authority of the PKI in order to apply for a Certificate. |
Certification Procedure | The procedure to be carried out by an Applicant wishing to enter into an Agreement with Currence for the Role or Roles of Issuer, Acquirer, CPSP and/or C2C Provider, which uses the CSA form to demonstrate that the Institution satisfies the requirements that apply to its Role or Roles as an Issuer, Acquirer, CPSP and/or C2C Provider, as further specified in the iDEAL R&R ‘Certification Procedure’ which forms an integral part of the General Regulations of the iDEAL R&R. |
Certified CPSP | A CPSP that has entered into a Certificate Agreement with Currence for its Role as a CPSP. |
Change Procedure Regulations | The sub-regulation entitled ‘Change Procedure Regulations’ which forms an integral part of the General Regulations of the iDEAL R&R. |
Clearing | The processing of an iDEAL Payment between an Issuer and an Acquirer (or a Sponsor PSP on behalf of an Acquirer). |
Collecting Payment | An Institution which has entered into a Certificate Agreement or Accreditation Agreement with Currence for the Role of CPSP, as further described in the Role Provisions for the CPSP. |
Communication Regulations | The sub-regulation entitled ‘Communication Regulations’ which forms an integral part of the General Regulations of the iDEAL R&R. |
Competent Data Protection Authority | The data protection supervisory authority which has jurisdiction in the meaning of article 51 GDPR over the processing of Personal Data. |
Confidential Information | Confidential Information means, in relation to an Institution or Currence as a receiving party:
|
Consumer | A natural person, not acting in the conduct of a profession or enterprise. |
Consumer Identification Token (CIT) | A consumer identification token which is issued by the Issuer and used to identify the iDEAL User Profile in both the administration of the Issuer and Currence. |
Controlled Operations | Controlled and sound business operations (beheerste en integere bedrijfsvoering), as described in Article 3:17 of the Wft (or similar provisions in applicable law). |
Control Self-Assessment (CSA) | An initial or periodic (re)assessment with respect to the compliance of an Applicant or Institution with the iDEAL R&R, as further described in the iDEAL R&R ‘Certification Procedure’ which forms an integral part of the iDEAL R&R. |
Core Payment Handling | Term used for Institutions that directly handle iDEAL Payments as a result of an iDEAL Transaction. |
Core Payment Handling Party | An Institution. |
Crisis Situation | Any of the following situations:
|
Crisis Team | The crisis team that will be convened if a Crisis Situation exists, as further described in iDEAL R&R Annex ‘Escalation Procedure’. |
Critical Services | The iDEAL API’s that are time-critical for the processing of iDEAL Transactions and are described in the iDEAL API Specifications. |
Cross-border iDEAL Payment | An iDEAL Payment that is made from an IBAN which is issued in another country than the IBAN on which the iDEAL Payment is received. |
Crypto Service Provider | A Merchant who is providing exchange services between virtual currencies and fiat currencies or a custodian wallet provider, which is registered by DNB pursuant to Article 23b Wwft, which registration has not been revoked. |
Currence | Currence iDEAL B.V., which offers the services and activities in relation to iDEAL as described in the General Notes and iDEAL GR - part 8 - iDEAL Hub. |
Currence Certificate Authority (CA) | The Certificate Authority (CA) that issues Certificates to Subscribers in the iDEAL Scheme. |
Currence Privacy Statement | The publicly available privacy statement of Currence with information on the processing of Personal Data by Currence, as amended or restated from time to time. |
Customer Due Diligence (CDD) | Customer due diligence, meaning the policies and procedures that an Institution has in order to (among others) identify its customer(s) and its UBO(s), to assess the purpose and intended nature of the business relationship and conducting ongoing monitoring of the business relationship, as further specified in the AML Directive. |
D | |
Data Processing Agreement (DPA) | The data processing agreement in https://currencenl.atlassian.net/wiki/spaces/RNIRRR/pages/2917793793, which sets out the terms and conditions under which Currence processes the iDEAL Transaction Data on behalf of the Institutions and in accordance with the Institution’s instructions as required based on article 28 GDPR and in compliance with Applicable Data Protection Laws. |
Data Subject Request | The request of a User to exercise (one of) its Personal Data Rights. |
Definitions Regulations | This sub-regulation entitled ‘Definitions’ which forms an integral part of the General Regulations of the iDEAL R&R. |
Direct Connection | This is the connection of an Acquiring Participant directly to the iDEAL Hub, using the iDEAL API Specifications of Currence. |
Distinctive Features | The Distinctive Features of the iDEAL Scheme and iDEAL logo’s referred to in the Agreement, as further specified in the Branding Manual. |
DNB | The Dutch Central Bank (De Nederlandsche Bank). |
E | |
EEA | The European Economic Area. |
E-Money Directive | Directive 2009/110/EC of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC. |
EU Blocking Regulation | Regulation (EU) 2271/96 of 22 November 1996 protecting against the effect of the extra-territorial application of legislation adopted by a third party, and actions based thereon or resulting therefrom, as amended, supplemented or replaced from time to time. |
Exempt Payment Service Provider (Exempt PSP) | An institution with its registered office in an EU/EEA member state and which has been registered as such in the register of financial institutions of DNB:
The exemption must relate to the following activities:
|
F | |
Fraud | An iDEAL Fraud or an Other Fraud. |
Functional Incident | An Incident that is related to a non-compliance of the iDEAL R&R, the iDEAL Implementation Guide, Abuse of iDEAL, an ICT Breach or a Personal Data Breach. |
G | |
General Regulations | The General Regulations which are part of the iDEAL R&R and which are divided into sub-regulations, as amended, restated, supplemented and/or replaced from time to time. |
GDPR | Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as amended, restated, supplemented and/or replaced from time to time, including the AVG Implementation Act. |
I | |
ICT Breach | The loss or unauthorised destruction, alteration, disclosure of, access to, or control of information technology systems, operational technology systems, networks, internet-enabled applications or devices and the data contained within such systems and which affect the confidentiality, availability and/or integrity of iDEAL. |
iDEAL | The service pursuant to the iDEAL Scheme whereby iDEAL Transactions are processed, followed by an iDEAL Payment. |
iDEAL Access Token | A short-lived token to be provided by the Acquirer to an Acquiring Participants that connects to the iDEAL Hub directly and which includes contractual data needed for the iDEAL Transaction (e.g. IBAN, Merchant name etc.). The Acquiring Participant needs to include this token in each iDEAL API message towards to the iDEAL Hub in order for Currence to authenticate the contractual validity of the direct access of the Acquiring Participant to the iDEAL Hub. |
iDEAL Application Programming Interface (iDEAL API) | The application programming interface that is used for the purpose of exchanging data and information by and between the iDEAL Hub, Institutions and Merchants for the purpose of initiating, sending and receiving iDEAL Transactions. |
iDEAL API Specifications | A set of application programming interface (API) specifications which prescribe the iDEAL API. |
iDEAL Checkout Page | The webpage operated by Currence where a User can create an iDEAL User Profile and where the unrecognised User is directed to before being directed to the Banking Environment of its Issuer for Authentication and Authorisation. |
iDEAL Checkout (iDEAL Snel Bestellen) | The service pursuant to the iDEAL Profile Agreement, whereby the User is recognised on the basis of a cookie and some of the iDEAL Profile Data registered in his iDEAL User Profile (such as contact and delivery details) are provided to the Merchant upon completion of an iDEAL Transaction for the purpose of delivery of the order by the Merchant to the User. |
iDEAL Contract | A contract and/or general terms and conditions from an Institution which provides for the use of iDEAL by the relevant iDEAL Participant. |
iDEAL Data | iDEAL Profile Data or iDEAL Transaction Data. |
iDEAL Fast Payment (iDEAL Snel Betalen) | The service pursuant to the iDEAL Profile Agreement, whereby the User is recognised on the basis of a cookie or iDEAL User Token and is automatically directed to his Issuer, by means of the preferred IBAN(s) for iDEAL Payments registered in his iDEAL User Profile, to authorise the iDEAL Transaction. |
iDEAL Fraud | A breach of the iDEAL API and/or the infrastructure of iDEAL or the iDEAL Scheme as a result whereof persons may have unauthorised access to the iDEAL Hub and/or iDEAL Systems of an Institution. |
iDEAL Hub | A hub for enabling Issuers and Acquirers as well as CPSPs, C2C Providers and Merchants directly connected to the iDEAL Hub to offer iDEAL as a payment method to their clients and to send and retrieve information in relation to iDEAL Transactions via the iDEAL API, which is operated by Currence in accordance with the iDEAL API Specifications and meets the the obligations and service levels of Currence as provided for in the R&R General Regulations - part 8 - iDEAL Hub, as well as the technical infrastructure relating to the operations of the iDEAL Hub. |
iDEAL Participant | An Institution, Merchant, User or Private Beneficiary. |
iDEAL Payment | A SEPA Credit Transfer (SCT) payment initiated and authorised by a User through the Banking Environment of its Issuer to a Merchant, Acquirer, CPSP or C2C Provider pursuant to the iDEAL Scheme, to be executed upon successful completion of an iDEAL Transaction. |
iDEAL Partner | An Institution. |
iDEAL Payment Guarantee | The payment obligation (with respect to the Issuer) provided by the Issuer to the Acquirer pursuant to the relevant Provision of the Issuer Role or (with respect to the Acquirer) provided by the Acquirer to its Acquiring Participants pursuant to the relevant Provision of the Acquirer Role. |
iDEAL Payment Link | An URL that leads a User to the payment or checkout page of an Acquiring Participant, where the User can start an iDEAL Transaction (or choose another payment method). The iDEAL Payment Link can be sent via instant message apps (e.g. WhatsApp, SMS, Messenger, chats), social media, email, or other communication channels. |
iDEAL Product Verification (iPV) | A verification of the iDEAL Transaction and the successful debiting and crediting of the iDEAL Payment. |
iDEAL Profile Agreement | The agreement between Currence and a User on the the creation and use of an iDEAL User Profile, as further elaborated in the applicable general terms and conditions of Currence. |
iDEAL Profile Data | Any subset of (personal) data from an iDEAL User Profile which is provided at the request of the Merchant with the consent of the User as an iDEAL VAS to an iDEAL Transaction. |
iDEAL Profile Management | The management (viewing, amending or deleting) of an iDEAL User Profile by a User in the online environment of the iDEAL Hub. |
iDEAL Profile Page | The profile page operated by Currence that the User is directed to when making an iDEAL User Profile and where the User can manage (view, amend or delete) its iDEAL User Profile. |
iDEAL Profile Services | iDEAL Fast Payment and iDEAL Checkout. |
iDEAL Profile Terms and Conditions | The terms and conditions of Currence which the User has to accept for the purpose of creating an iDEAL User Profile and using the iDEAL Profile Services. |
iDEAL Rules & Regulations (iDEAL R&R) | The iDEAL Rules & Regulations which stipulate the rights and obligations of Institutions towards each other and Currence in relation to the iDEAL Scheme, as amended, restated, supplemented or replaced in accordance with the Change Procedure Regulations from time to time. |
iDEAL Scheme | A system of agreements and procedures for the offering and use of iDEAL by Institutions, consisting of governance agreements, Role descriptions, functional requirements and iDEAL API Specifications, as further described in the iDEAL R&R and its Annexes for the Provisions per Role, including product functionalities, value added services and the house style and branding of the logo and brands of iDEAL. |
iDEAL System | The hardware, software, data, databases, data communication lines, network and telecommunications equipment, internet-related information technology infrastructure, wide area network and other information technology equipment, owned, leased or licensed by an Institution and used for the purpose of offering any services in relation to iDEAL. |
iDEAL Transaction | A set of iDEAL messages, which are described in the iDEAL API Specifications and which are exchanged between Issuers, Acquirers and Acquiring Participants, and routed via the iDEAL Hub, for the purpose of an iDEAL Payment and/or iDEAL Profile Data. |
iDEAL Transaction Data | Any subset of (personal) data that are processed in order to facilitate an iDEAL Transaction. |
iDEAL User Profile | A personal profile which a User can fill with Personal Data and which can be used to provide iDEAL Profile Data with an iDEAL Transaction to a Merchant as an iDEAL Value Added Service (iDEAL VAS). |
iDEAL User Token | The token as provided by Currence to a Merchant to identify an iDEAL User Profile, which is linked to an iDEAL User Profile on the iDEAL Hub and which is used to exchange the User preferences for the iDEAL Transactions with the Merchant. In the iDEAL API Specifications, the iDEAL User Token is referred to as |
iDEAL Value Added Service (iDEAL VAS) | Additional services which may be offered pursuant to the iDEAL Scheme in order to add iDEAL Profile Data to an iDEAL Transaction, including iDEAL Fast Payment and iDEAL Checkout. |
Implementation Guide | A document to be provided by Currence in order to assist the Licencee in the implementation of iDEAL pursuant to the Licence Agreement. |
Incident | An unplanned disruption to the iDEAL Scheme, e.g. to the IT service or reduction in the quality of an IT service of the iDEAL Hub and/or the Institutions, which may lead to reputational or financial damage. |
Infringement | A failure to comply with a Provision by an Institution. |
Institution (iDEAL Partners) | The party with whom Currence has signed an Agreement. |
Issuer | An Institution which has entered into a Licence Agreement with Currence for the Role of Issuer, as further described in the Role Provisions for the Issuer. |
Issuing Domain | All activities related to the initiation, receipt, processing or Authorisation of iDEAL Transactions initiated by Users using the Banking Environment of the Issuer, as well as any other activities that are performed by the Issuer on behalf of its Users within the iDEAL Scheme. |
J | |
Joint Controller Agreement | The joint controller agreement in iDEAL GR - part 8 - appendix ‘Joint Controller Agreement’, which sets out the respective responsibilities of Currence and the Issuers as joint controllers under article 26 GDPR for compliance with their obligations under the GDPR in relation to iDEAL Profile Data relating to iDEAL Fast Payment (iDEAL Snel Betalen) and the exercise of Personal Data Rights by Users. |
L | |
Licence Agreement | The licence agreement between the Licencee and Currence for the purpose of the Role or Roles of Issuer or Acquirer within the iDEAL Scheme. |
Licensed Payment Service Provider (Licensed PSP) | An institution with its registered office in an EU/EEA member state and which has been registered as such in the in the register of financial institutions of DNB:
The payment license must relate to the following activities:
|
Licencee | The Institution with which Currence has signed a Licence Agreement. |
Licencee Fee Regulations | The sub-regulation entitled ‘Licencee Fee Regulations’ which forms an integral part of the General Regulations of the iDEAL R&R. |
M | |
Major Incident | A significant unplanned disruption to the iDEAL Scheme, e.g. to the IT service or reduction in the quality of an IT service of the iDEAL Hub and/or the Institutions, which is likely to lead to reputational or financial damage. |
Merchant | A Business or non-profit entity that has concluded an iDEAL Contract with an Acquirer or CPSP in order to offer iDEAL as a payment method to its customers (Users), and to receive iDEAL Payments (via its Acquirer or CPSP) from its customers (Users) for the payment of goods or services delivered by it or for the support of non-profit activities on a Business IBAN. |
Merchant Implementation Guide (MIG) | A document to be provided by the Acquirer in order to assist the Acquiring Participants in the implementation of iDEAL pursuant to the iDEAL Contract offered by the Acquirer. |
Mobile Transaction | An iDEAL Transaction which is authorised in the mobile banking app of the Issuer. |
Money Laundering | Execution of transactions in order to disguise the illegal origin of sums of money and with the purpose to spend or invest illegally acquired assets without anyone being able to prove their illegal origin. |
N | |
Non-Critical Services | All iDEAL API’s that are not Critical Services. |
Non-Performance | An attributable failure to comply with (toerekenbare tekortkoming in de nakoming van) an agreement. |
Notification Form Sponsor PSP | A form in which the Acquirer notifies Currence that it wishes to use a Sponsor PSP for its iDEAL Transactions. |
O | |
Other Fraud | A deliberate misrepresentation to gain an unfair advantage, causing damage to an iDEAL Participant, to (the image of) iDEAL or the iDEAL Scheme, or to the reputation of Currence. |
Other Sanction Authority | Any agency or person which is duly empowered or authorised to enact, administer, implement and/or enforce Sanctions, other than a Relevant Sanction Authority. |
P | |
Payer (User) | The natural person or Business using the iDEAL Scheme to make an iDEAL Payment through the Banking Environment of its Issuer. |
Payment Service Provider (PSP) | A Licensed Payment Service Provider or an Exempted Payment Service Provider. |
Penalty Regulations | The sub-regulation entitled ‘Penalty Regulations’ which forms an integral part of the General Regulations of the iDEAL R&R. |
Personal Data | Any information relating to an identified or identifiable natural person, as defined in Article 4(1) of the GDPR. |
Personal Data Breach | A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed, as defined in Article 4(1) of the GDPR. |
Personal Data Rights | Any rights from a User in relation to the processing of his/her iDEAL Transaction Data or iDEAL Profile Data pursuant to Articles 12-22 GDPR, such the rights of access, rectification, erasure, restriction, data portability or right to object in relation to iDEAL Transaction Data or iDEAL Profile Data. |
Personal Data Transfer | The transfer of Personal Data outside the EEA in the meaning of Chapter V of the GDPR. |
PKI | A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital Certificates and manage public-key encryption. |
Platform | An online marketplace for the purchase of (second hand) goods or services, such as such as Amazon, Bol.com, eBay, Marktplaats, Vinted etc. |
Pre-Crisis Team | The pre-crisis team that will be convened if a (suspected) Crisis Situation exists, as further described in iDEAL R&R Annex ‘Escalation Procedure’. |
Private Beneficiary | A Consumer who has concluded an iDEAL Contract with a C2C Provider in order to receive iDEAL Payments as beneficiary pursuant to an iDEAL Transaction within the C2C Domain. |
Private Key | The private part of an asymmetric key pair that is typically used to verify signatures or encrypt data. |
Problem (Issue) | A problem, which could the outcome of an Incident, that needs to be solved structurally by Currence (for the iDEAL Hub) and/or the Institution (for its iDEAL Systems). |
Products | The products offered by Currence Holding B.V. and its subsidiaries, consisting of iDEAL, eMandates, Acceptgiro and iDIN. |
Proposed Change | Any change proposed by Currence to an Agreement or the iDEAL R&R. |
Provision | An obligation of the Institution provided for in an Agreement or in the iDEAL R&R. |
PSD 2 | Directive (EU) 2015/2366 on payment services in the internal market, as amended, restated, supplemented and/or replaced from time to time. |
Public Key | The public part of an asymmetric key pair that is typically used to verify signatures or encrypt data. |
R | |
Registration Authority | A Registration Authority (RA) is a function for Certificate enrollment. It is responsible for receiving Certificate signing requests, for the initial enrollment or renewals. The Registration Authority verifies and forwards these requests to a Certificate Authority (CA). |
Related Parties | Legal representatives, shareholders, directors, authorised agents, UBOs and other parties involved in the iDEAL Transaction. |
Relevant Sanctions Authority | The Security Council of the United Nations, the United States of America, the European Union and the Netherlands, the governments and official institutions or agencies of any of afore mentioned sanctions authorities, including the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC), the Council of the European Union and the United States Department of State. |
Relying Parties | An entity that acts in reliance on a Certificate or digital signature associated with a Certificate. |
Requested Role | The Role that an Application relates to, as shown by the Application Form signed by the Applicant for an Agreement. |
Role | The role of Issuer, Acquirer, CPSP or C2C Provider in the iDEAL Scheme, as further set out in the iDEAL R&R, as well as any roles in the iDEAL Scheme to be added by Currence in the future. |
S | |
Sanction Lists | Any lists of specifically designated persons or entities (or equivalent) or countries maintained by, or public announcement of Sanctions designation made by any Relevant Sanctions Authority from time to time. |
Sanctions | The economic or financial sanction laws, regulations, trade embargoes or other restrictive measures enacted, administered, implemented and/or enforced from time to time by any Sanctions Authority, except to the extent that enforcement of such economic of financial sanction laws, regulations, trade embargoes or other restrictive measures would result in a violation of the EU Blocking Regulation. |
Sanctions Authority | A Relevant Sanction Authority or an Other Sanction Authority. |
Sanction Screening | The screening by an Institution of its clients and its clients’ Related Parties in accordance with applicable Sanctions for Cross-border iDEAL Payments. Sanction Screening includes name screening and transaction filtering:
|
Service Level Agreement (SLA) | An agreement in which the agreed level of service between a supplier or service provider and the supplied party is set out. |
ServiceNow | The technical platform used by Currence for the purpose of incident, change and problem management and for customer support. |
Settlement | The financial settlement of iDEAL Payments between the Issuer and the Acquirer to be carried out via a central bank or other institution equipped for settlement using the data as provided during the process of Clearing. |
Service Provider | Represents parties in the iDEAL Scheme that connect to the iDEAL Hub, but are not directly involved in handling iDEAL Payments. |
Service Request | A request from Currence to an Institution or from an Institution to Currence in relation to an iDEAL Transaction or an iDEAL User Profile, e.g. a request for service, information or advice, which includes Data Subject Requests. |
Sponsor PSP | A Payment Service Provider (PSP) to which an Acquirer has outsourced Clearing and Settlement of iDEAL Transactions where an iDEAL Payment is made:
|
Subprocessor | Any processor for the processing of iDEAL Transaction Data or iDEAL Profile Data as governed by the Data Processing Agreement or the Joint Controller Agreement, respectively. |
Subscriber (End Entity) | A subscriber or End Entity is an entity that's participating in a PKI and can be the subject of a Certificate. |
T | |
Terrorist Financing | The provision or collection of funds, by any means, directly or indirectly, with the intention that they be used or in the knowledge that they are to be used, in full or in part, in order to carry out any terrorist offences. |
TLS | TLS is a cryptographic protocol that provides end-to-end security of data sent between applications over the Internet. |
Trade Name | The name of the Business that the Merchant is using for offering the goods or services to which the iDEAL Payment relates and which is registered with the Chamber of Commerce (or similar organisation in other jurisdictions). |
Transaction_ID | The number used for identification of an iDEAL Transaction executed by the User. |
U | |
Ultimate Beneficiary | The Business Beneficiary (Merchant) or a Private Beneficiary (Consumer) that acts as the ultimate creditor of the iDEAL Payment, which ultimately receives the funds of an iDEAL Payment via either a CPSP or a C2C provider (the intermediary PSP that acts as the creditor of the iDEAL Payment). |
Ultimate Beneficial Owner (UBO) | The ‘beneficial owner’ as defined in Article 3(6) of the AML Directive. |
US Sanction Authority | The United States of America and the governments and official institutions or agencies thereof, including the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) and the United States Department of State. |
US Sanction Lists | Any lists of specifically designated persons or entities (or equivalent) or countries maintained by, or public announcement of Sanctions designation made by, any US Sanction Authority from time to time. |
User (Payer) | The Consumer or Business using the iDEAL Scheme to make an iDEAL Payment through the Banking Environment of its Issuer. |
UX flows | The Issuer user screens that a User must go through when initiating and/or authorising iDEAL Transactions, demasking iDEAL Profile Data or for iDEAL Profile Management. |
V | |
Verified Payment Account | A payment account for which the account holder has been identified and the identity of the account holder has been verified by the relevant payment service provider. |
Violation | Breach to the iDEAL R&R by an Institution. |
W | |
Wft | The Dutch Financial Markets Supervision Act (Wet op het financieel toezicht). |
Wwft | The Dutch Anti-Money Laundering and Anti-Terrorist Financing Act (Wet ter voorkoming van witwassen en financieren van terrorisme). |