AEPS : Aadhaar Enabled Payment Systems MMS : Mandate Management System DMS : Dispute Management System NFS : National Financial Switch SMS : Single Message System DMS : Dual Messaging System APB : Aadhaar Payment Bridge CIDR : Central Identity Data Repository AUA : Authentication User Agency ASA : Authentication Service Agency KSA : KYC Service Agency AEPS : DMS – Dispute Management System IQA : Image quality assurance. BPSS : Board for regulation and supervision of Payment and Settlement Systems ATM CPSS : Committee on Payment and Settlement Systems BIS : Bank for International Settlements DVP : Delivery Verus Payment PVP : Payment Versus Payment CCIL : Clearing Corporation India Ltd TSP : Telecom Service Provider CHI : Clearing House Interface COTS : Commercially Off The Shelf Sw SaaS : Software as a Service SAN : Storage Area Networks RFID : Radio Frequency Identification MAC : Media Access Control PCI-DSS : Payment Card Industry- Data Security Standard PDCA : Plan Do Check Act ISO : International Organization for Standardization PGP :Pretty Good Privacy (Encryption program) SHA Secure Hash Algorithm OECD Organization for Economic Co-operation and Development ISP Internet Service Provider NSP Network Service Provider CSO Chief Security Officer (Monitor: Weapon licensing a must) ISS Information System Security ISSP Information System Security policy CFO Chief Financial Officer CIO Chief Information Officer CEO Chief Executive Officer ISSC Information System Security Committee CISO Chief Information Security Officer ISSO Information System Security Officer ISSM Information System Security Mgr ISA Information Security Administrator ISMS Information Security Mgmt System (Certification ISO 27001) BCDRP Business Continuity & Disaster Recovery Planning SBICRM STATE BANK INSTITUTE OF CREDIT AND RISK MANAGEMENT SBIIMS SBI INFRA MANAGEMENT SOLUTIONS PVT LTD CCRS : Currency Chest Reporting System ICCOMS : Integrated Computerised Currency Operations & Management System IDSPM : Integrated Data Strategy, Processing and Management iFAMS : Integrated Fixed Assets Management System CTS : Cheque Truncation System GST : Goods & Service Tax BSC : Branch Server Consolidation POS : Point of Sales GCC : Green Channel Card GRC : Green Remit Card NPS : National Pension Scheme GBSS : Govt Business Scheme LOS : Loan Origination System CISO : GM cum CISO (Chief Information Security Officer) UPI : Unified Payment Interface BHIM : Bharat Interface for Money (UPI) IMPS : Immediate Payment Service SOC : Security Operations Centre NAC : Network Access Control MAC : Media Access Control NPCI : National Payment Corporation of India (Ru Pay) IS : Information Security CIA : Confidentiality - Authorized can see, Integrity: content never change & Availability PPP : Purchasing Power parity CVV : Card Verification Value CVD2 : Card Verfication Data Number MDR : merchant Discount Rate PCE : Personal Consumption Expenditure PMJDY : Pradhan Mantri Jan Dhan Yojana EMV : Euro pay, Master and VISA IDRBT : Institute for Development and Research in Banking & Technology SFMS : Structured Financial Messaging system VSAT : Very small aperture terminal MPLS : Multi-protocol Label switching IMT : Instant Money Transfer. BSP : Bank Security Platform CRA : Cash Replenishment Agency IAMAI : Internet And Mobile Association of India CAGR : Compounded Annual Growth Rate IMPS : Immediate Payment Services SMS : Short Messaging Service USSD : Unstructured Supplementary Service Data ABRS : Aadhaar Based Remittance Service EBT : Electronic Benefit Transfer DBT : Direct Benefit transfer QSAM : Query Service on Aadhaar Mapper P2P : Person to Person P2A : Person to Account P2M : Person to Merchant TSP : Telecom Service Providers VAS : value added service BMS : Business Mediation Server HSM : Host Security Module PFSP : Primary Financial Service Provider PSTN : Public Switched Telephone Network GPRS : General Packet Radio Service GSM : Global System for Mobile communications MLLN : Managed Leased Line Network SDLC : Software Development Life Cycle COBIT : Control OBjectives for Information and related Technology ISACA : Systems Audit and Control Association CISA : Certified Information Systems Auditor QMS : Quality Mgmt System CAPA : Corrective Action & Preventive Action GAISP : Generally Accepted Information Security Processes GAIT : Guide to the Assessment of IT risk ODBC : Open Data Base Connectivity COTS : Commercially Off The Shelf sw (MS Office, Adobe, Photoshop) EDI : Electronic Data Interface VAPT : Vulnerability Assessment & Penetration Testing SSA : Software Security Assurance API : Application Programming Interface NDA : Non Disclosure Agreements IaaS : Infrastructure as a Service PaaS : Platform as a Service SaaS : Software as a Service IRMF : Integrated Risk Management Framework RMAF : Results-Based Management and Accountability Framework CAAT : Computer Assisted Audit techniques GETS : Govt Emergency Telecommunications Service HVAC : Heating, Ventilation, Air Conditioning RBS : Risk Based Supervision RBIA :Risk based Internal Audit PCA : Prompt Corrective Action SRM :Supervisory Relationship Manager GAAP : Generally Accepted Accounting Practices GASSP : Generally Accepted System Security Principles IISF : International Information Security Foundation TCSEC : Trusted Computer System Evaluation Criteria TNI : Trusted Network Interpretation ITSEC : IT Security Evaluation Criteria AIS : Automated Information Systems ADPE : Automated Data Processing Element AAC - Application Authentication Cryptogram _ AC - Application Cryptogram, which can be an AAC, ARCQ, or TC; for readability we simply write `cryptogram' in this document _ AFL - Application File Locator; identi_es _les on the card, and indicates whether their content is included in the SSAD _ AIP - Application Interchange Pro_le; indicates which authentication options the card supports _ ARQC - Authorisation Request Cryptogram _ ATC - Application Transaction Counter _ CAM - Card Authentication Method _ CDA - Combined Data Authentication _ CDOL - Card Risk Management DOL _ CID - Cryptogram Information Data; indicates the type of the cryptogram and the actions to be performed by the terminal _ CVC - Card Veri_cation Code _ CVM - Cardholder Veri_cation Method _ dCVV - dynamic Card Veri_cation Value DDA - Dynamic Data Authentication DDOL - Dynamic Data Authentication DOL DOL - Data Object List DRDOL - Data Recovery DOL IAD - Issuer Application Data; proprietary data to be sent to the issuer MAC - Message Authentication Code PAN - Primary Account Number PCII - POS Cardholder Interaction Information PDOL - Processing Options DOL PPSE - Proximity Payment System Environment PSE - Payment System Environment SDA - Static Data Authentication SSAD - Signed Static Application Data; used in SDA SDAD - Signed Dynamic Application Data; used in DDA and CDA TC - Transaction Certi cate TDHC - Transaction Data Hash Code; used in CDA TDOL - Transaction Certi cate DOL