Shared language
Give operators, finance, marketing, product, and support the same meaning for platform terms.
GLOSSARY
Plain-language definitions of the terms operators encounter.
POS, PMS, PCI, SCA — the acronyms behind running a business.
How to use it
Definitions that map to real work.
The glossary is written for commercial and operational teams evaluating Kotao. It keeps product language tied to customer records, payments, bookings, inventory, websites, and reporting.
Buying clarity
Understand the difference between POS, PMS, CRM, inventory, channel management, payments, and reporting claims.
Implementation context
Use definitions to scope migration, integrations, permissions, data imports, and training.
-
Acquirer
Bank or payment institution that signs merchants and routes their card transactions into the card networks.
-
API (Application Programming Interface)
A set of rules and protocols that allows different software applications to communicate with each other.
-
Apple Pay
Mobile wallet by Apple that tokenizes cards for contactless and in-app payments.
-
BaaS (Banking as a Service)
A model where licensed banks expose banking capabilities to other companies via APIs, letting them embed accounts, cards, or payments.
-
Business Technology Platform (BTP)
A platform layer for APIs, integrations, and data pipelines that connect core systems.
-
Card Fraud
Unauthorized card use or theft of credentials to initiate transactions.
-
Card Network
Payment network (e.g., Visa/Mastercard) that sets rules and routes card transactions between issuers and acquirers.
-
Card Not Present
Transactions where the card is not physically presented (e.g., online or in-app).
-
Card Present
Transactions where the physical card is read at POS (chip, contactless, or magnetic strip).
-
CCPA (California Consumer Privacy Act)
California law granting consumers rights over their personal information and imposing duties on businesses.
-
Channel Manager (CM)
Tool that syncs availability, pricing, and inventory across sales channels.
-
Chargeback
A forced payment reversal initiated by the cardholder’s bank after disputing a transaction.
-
Compliance
Meeting regulatory, security, and contractual requirements for operating a product or service.
-
Content Management System (CMS)
Platform to create and publish digital content across sites, apps, and channels.
-
Credit Card
Card that lets cardholders borrow up to a limit and repay later; funds settle via the issuing bank.
-
Customer Relationship Management (CRM)
Tools and processes to store customer data, track interactions, and run engagement.
-
DATEV Export
Export format for the German DATEV accounting system, used to transfer bookings and tax data.
-
Debit Card
Card that pulls funds directly from a bank account at purchase time.
-
Digital Wallet
Application that stores payment instruments and enables checkout with tokens or credentials.
-
Disagio
A fee withheld by a payment provider from each transaction, effectively reducing the payout.
-
Disbursement
Outbound payment from a platform to a recipient, such as payouts to merchants or gig workers.
-
Electronic cash register
A digital register or POS system that records sales and must meet German GoBD and KassenSichV requirements.
-
Embedded Finance
Embedding financial products (payments, cards, lending) inside non-financial apps.
-
Enterprise Resource Planning (ERP)
System that unifies finance, procurement, inventory, and operations data.
-
Flat-rate card pricing
A single, transparent percentage charged on every card transaction — no interchange-plus, no scheme fees, no surprises.
-
Fraud Detection / Risk Assessment
Tools and models that score transactions or accounts to block or step-up risky activity.
-
GDPR (General Data Protection Regulation)
EU privacy regulation governing personal data processing, rights, and safeguards.
-
Giro Card
Domestic debit card system (e.g., Germany) that clears directly against bank accounts via local rails.
-
GoBD (German bookkeeping and retention rules)
German rules for proper digital bookkeeping, retention, traceability, and exportable accounting records.
-
Google Pay
Google’s wallet that tokenizes cards for contactless, in-app, and web payments.
-
HIPAA
U.S. law setting privacy and security rules for protected health information (PHI).
-
Hold on Funds
Temporary reservation of money before capture or payout, often for risk or authorization checks.
-
Hosted Payments
Checkout pages hosted by a payment provider to collect payment details and handle compliance.
-
Human Resource Management (HRM)
Systems for staffing, scheduling, payroll, and compliance across teams.
-
Interchange Fee
Fee paid by the acquirer to the issuer on each card transaction; funds scheme incentives and risk.
-
ISO 27001
International standard for information security management systems (ISMS).
-
Issuer
Bank or fintech that issues payment cards to cardholders and authorizes their transactions.
-
KassenSichV (German Cash Register Security Ordinance)
German cash register security rules requiring protected transaction records and usually a certified TSE.
-
KYC / KYB (Know Your Customer / Business)
Identity and business verification required to onboard customers or merchants and prevent financial crime.
-
Ledger
System of record that tracks debits and credits for balances, payouts, and fees.
-
Merchant
A business that accepts payments for goods or services via card or alternative rails.
-
Network Tokenization
Replacing card PANs with scheme-issued tokens to reduce fraud, improve authorization rates, and keep credentials current.
-
Payment Processor
A service provider that routes payment data between merchants, acquirers, and schemes.
-
PCI DSS (Payment Card Industry Data Security Standard)
Security framework that sets technical and procedural requirements for handling cardholder data.
-
Peer-to-Peer (P2P) Payments
Transfers of funds between individuals, often via wallets or bank rails without a merchant in the flow.
-
Point of Sale (POS)
The place and system where in-person sales are captured, payments are taken, and receipts are issued.
-
Property Management System (PMS)
Core system for hospitality to manage rooms, reservations, housekeeping, and billing.
-
Revenue Management System (RMS)
Tool that optimizes pricing and availability using demand, compset, and inventory data.
-
SCA
Strong Customer Authentication — the European requirement that online card payments be verified by two independent factors.
-
SOC 1
Audit report on controls relevant to financial reporting (SSAE 18).
-
SOC 2
Audit report covering security, availability, confidentiality, processing integrity, and privacy controls.
-
TSE (Technical Security Device)
A certified technical security device that signs German cash register transactions against tampering.
-
VAT (Value Added Tax)
Consumption tax applied on goods and services, collected at each value-add step.