Reference
Glossary
Merchant-friendly definitions and terminology for Cyrexa H2H integration
Glossary
Essential terms and definitions for Cyrexa Host-to-Host payment integration.A
API (Application Programming Interface)
A set of protocols and tools for building software applications. Cyrexa’s API allows your system to communicate with our payment processing platform.API Key
A unique identifier used to authenticate requests to the Cyrexa API. Keep this secret and secure.Authorization
The process of verifying that a payment method has sufficient funds and is valid for the transaction amount.Alternative Payment Methods
Payment options beyond traditional credit/debit cards, such as bank transfers, digital wallets, and buy-now-pay-later services.B
Base64 Encoding
A method of encoding binary data into text format, commonly used for API authentication and data transmission.Browser Info
Information about the customer’s browser and device, required for 3D Secure authentication and fraud prevention.C
Capture
The process of actually charging a payment method after authorization. Some payments are authorized first, then captured later.Card Verification Value (CVV)
The 3 or 4-digit security code on credit/debit cards used to verify the cardholder has physical possession of the card.Chargeback
A reversal of a payment initiated by the cardholder’s bank, typically due to fraud or dispute.Currency Code
Three-letter ISO 4217 code representing a currency (e.g., USD, EUR, GBP, INR).D
Decline
When a payment is rejected by the issuing bank or payment processor due to various reasons (insufficient funds, invalid card, etc.).3D Secure (3DS)
An authentication protocol that adds an extra layer of security for online credit card transactions.E
Endpoint
A specific URL where API requests are sent to perform different operations (e.g., create payment, check status).Environment
Different deployment stages:- Sandbox: Testing environment with simulated responses
- Production: Live environment processing real payments
F
Fraud Detection
Automated systems that analyze transactions for suspicious patterns and potential fraudulent activity.G
Gateway
A service that processes payment transactions between merchants and payment networks.Google Pay
Google’s digital wallet platform that allows customers to make payments using stored payment methods.H
H2H (Host-to-Host)
Server-to-server payment processing where your backend communicates directly with Cyrexa’s API without customer interaction.HMAC (Hash-based Message Authentication Code)
A cryptographic method used to verify webhook authenticity and integrity.HTTP Status Code
Numeric codes that indicate the result of an HTTP request (200 = success, 400 = bad request, 401 = unauthorized, etc.).I
Idempotency
The property that allows the same operation to be performed multiple times without changing the result beyond the initial application.Issuer
The bank or financial institution that issued the customer’s payment method (credit card, debit card, etc.).J
JSON (JavaScript Object Notation)
A lightweight data format used for API requests and responses.JWT (JSON Web Token)
A secure way to transmit information between parties, sometimes used in payment tokenization.L
Luhn Algorithm
A checksum formula used to validate credit card numbers and detect simple errors in typing.M
Merchant
A business that accepts payments through Cyrexa’s platform.Merchant ID
A unique identifier assigned to your business account with Cyrexa.O
OpenAPI
A specification format for describing REST APIs, used to generate interactive documentation.P
Payment Method
The way a customer pays for goods or services (credit card, UPI, Google Pay, bank transfer, etc.).Payment Request
An API call to initiate a payment transaction with customer and transaction details.Payment Request ID
A unique identifier assigned to each payment request for tracking and reference.PCI DSS (Payment Card Industry Data Security Standard)
Security standards for organizations that handle credit card information.Processor
A company that handles the technical aspects of processing payment transactions.Q
QR Code
A two-dimensional barcode that can contain payment information for mobile payment apps.R
Rate Limiting
Restrictions on the number of API requests you can make within a specific time period.Redirect URL
URLs where customers are sent after completing or canceling a payment:- Success URL: Where customers go after successful payment
- Failure URL: Where customers go after failed payment
Refund
Returning money to a customer’s original payment method.Request ID
A unique identifier for each API request, useful for debugging and support.S
Sandbox
A testing environment that simulates the production API without processing real payments.Settlement
The process of transferring funds from payment transactions to your merchant account.Signature Verification
The process of validating webhook authenticity using cryptographic signatures.Strong Customer Authentication (SCA)
European regulation requiring additional authentication for online payments.T
Tokenization
Replacing sensitive payment data with non-sensitive tokens for secure storage and processing.Transaction ID
A unique identifier assigned to each completed payment transaction.3D Secure
See “3D Secure (3DS)” above.U
UPI (Unified Payments Interface)
India’s instant payment system that allows money transfer between bank accounts through mobile apps.UPI ID
A unique identifier used in UPI transactions, typically in the format username@bankcode.V
Validation
The process of checking that data meets required formats and constraints before processing.Void
Canceling a payment transaction before it’s settled, typically within the same business day.W
Webhook
An HTTP callback that Cyrexa sends to your server to notify you of payment status changes in real-time.Webhook Secret
A secret key used to generate HMAC signatures for webhook verification.Webhook URL
The endpoint on your server where Cyrexa sends webhook notifications.Common Abbreviations
| Abbreviation | Full Term |
|---|---|
| API | Application Programming Interface |
| CVV | Card Verification Value |
| H2H | Host-to-Host |
| HMAC | Hash-based Message Authentication Code |
| HTTP | Hypertext Transfer Protocol |
| JSON | JavaScript Object Notation |
| PCI DSS | Payment Card Industry Data Security Standard |
| REST | Representational State Transfer |
| SCA | Strong Customer Authentication |
| SDK | Software Development Kit |
| TLS | Transport Layer Security |
| UPI | Unified Payments Interface |
| URL | Uniform Resource Locator |
Payment Status Values
| Status | Description |
|---|---|
pending | Payment initiated but not yet completed |
processing | Payment is being processed |
completed | Payment successfully completed |
failed | Payment failed or was declined |
cancelled | Payment was cancelled by customer or merchant |
refunded | Payment was refunded to customer |
Currency Codes (Common)
| Code | Currency |
|---|---|
| USD | US Dollar |
| EUR | Euro |
| GBP | British Pound |
| INR | Indian Rupee |
| CAD | Canadian Dollar |
| AUD | Australian Dollar |
| JPY | Japanese Yen |
| SGD | Singapore Dollar |
HTTP Status Codes (Common)
| Code | Meaning | Description |
|---|---|---|
| 200 | OK | Request successful |
| 400 | Bad Request | Invalid request parameters |
| 401 | Unauthorized | Invalid API key |
| 403 | Forbidden | Insufficient permissions |
| 404 | Not Found | Resource not found |
| 429 | Too Many Requests | Rate limit exceeded |
| 500 | Internal Server Error | Server error |