Zyphe's Glossary
Our glossary page keeps you informed and helps you better understand key terminology and concepts related to digital identity and online security.
A
AMLID AMLID stands for the Anti-Money Laundering International Database, a secure information platform developed by the United Nations.
Account Takeover (ATO) fraud Account Takeover (ATO) is fraud where attackers gain unauthorized access to legitimate users' online accounts, compromising personal data.
Anti-money laundering (AML) Learn what anti-money laundering (AML) is and how it prevents criminals from disguising illegal funds as legitimate income.
B
Bank Account Validation Service A Bank Account Validation Service confirms bank account accuracy, ownership, and status to reduce payment errors and fraud.
Bank Secrecy Act (BSA) The Bank Secrecy Act (BSA) requires financial institutions to report and track transactions to detect and prevent money laundering and terrorist financing.
Bot protection Understand Bot Protection, its meaning, benefits, and how it helps safeguard your website and apps from harmful automated bot traffic and attacks.
Business lien Understand what a business lien is—a legal claim by creditors on company assets like property, receivables, or equipment used to secure debts owed.
C
California Consumer Privacy Act (CCPA) Explore the California Consumer Privacy Act (CCPA), a law granting California residents enhanced rights over personal data collection, privacy, and use.
Children’s Online Privacy Protection Act (COPPA) Understand the Children's Online Privacy Protection Act (COPPA), a U.S. law protecting data privacy for children under 13 on websites, apps, and services.
Clarity Act The Clarity Act (2025) defines U.S. crypto rules, splitting oversight between the SEC and CFTC to reduce uncertainty and protect investors. Read More.
Combating the Financing of Terrorism (CFT) Learn about Combating the Financing of Terrorism (CFT), laws and policies aimed at detecting and stopping funds flowing to terrorist organizations.
Compliance as a Service (CaaS) Compliance as a Service (CaaS), a cloud-based solution helping businesses meet regulatory requirements efficiently, reduce costs, and manage risks.
Customer Due Diligence (CDD) Understand Customer Due Diligence (CDD): how FinCEN’s rule helps financial institutions verify identities, assess risk & prevent financial crime.
Customer Identification Program (CIP) Learn about Customer Identification Program (CIP): FinCEN’s rule for verifying customer identities, assessing risk & preventing money laundering.
D
Data breach Discover what a data breach is, how unauthorized access to sensitive data occurs, its potential impact, and best practices for prevention and response.
Deepfake Learn about deepfakes: AI-generated synthetic media that convincingly mimics real people, explores risks, ethics & detection methods.
Document check Explore Document Check in KYC: verifying customer identity documents for authenticity and compliance to prevent fraud and financial crime.
E
F
False negative Learn what a false negative is: when a detection system fails to flag real threats, risks in compliance, and strategies to reduce missed cases.
False positive Learn what a false positive is: when a detection system wrongly flags legitimate activity as a threat, its impacts, and methods to reduce such errors.
FedNow Service FedNow Service: Real-time payment platform for U.S. banks. Glossary definition for instant payments and financial infrastructure.
Federal Trade Commission (FTC) The Federal Trade Commission (FTC) protects consumers and promotes competition by enforcing antitrust, privacy, and consumer protection laws.
Federated identity management (FIM) Federated identity management (FIM): Secure, unified access across organizations. Key term for enterprise security and compliance glossary pages.
Financial Crimes Enforcement Network (FinCEN) Financial Crimes Enforcement Network (FinCEN): U.S. bureau for AML and financial crime prevention. Glossary entry for compliance terms.
Financial Industry Regulatory Authority (FINRA) Financial Industry Regulatory Authority (FINRA): U.S. self-regulatory body for broker-dealers. Glossary term for financial compliance.
First-party fraud First-party fraud: Fraud using one’s own identity for gain. Key glossary term for financial risk and fraud prevention.
Form W-9 Form W-9: IRS form for collecting taxpayer identification. Glossary entry for U.S. business tax and compliance terms.
Fraud investigations Fraud investigations: Process of uncovering and analyzing fraud. Essential glossary term for enterprise risk management.
Fullz Fullz: Complete stolen personal data set for ID fraud. Glossary entry for cybersecurity and financial risk terms.
G
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR): EU law on personal data protection. Key glossary entry for privacy and compliance.
Generative AI fraud Generative AI fraud: Use of AI to create deceptive content for fraud. Glossary entry for cybersecurity and risk management terms.
Genius Act The Genius Act (2025) sets federal rules for stablecoins: full reserves, public audits, and legal protection for users if issuers fail.
Governance, risk, and compliance (GRC) Governance, risk, and compliance (GRC): Framework aligning business goals with regulations. Key glossary term for enterprise compliance.
Gramm-Leach-Bliley Act (GLBA) Gramm-Leach-Bliley Act (GLBA): U.S. law for financial data privacy and security. Glossary entry for banking and compliance.
Graph database Graph database: Database optimized for managing relationships. Glossary term for data analysis and fraud detection.
H
I
INFORM Consumers Act INFORM Consumers Act: U.S. law increasing transparency for online sellers. Glossary entry for marketplace compliance and risk.
Identity Assurance Levels (IAL) Identity Assurance Levels (IAL): NIST-defined levels of identity proofing rigor. Glossary entry for digital identity and compliance.
Identity and access management (IAM) Identity and access management (IAM): Controls user access to systems and data. Key glossary term for enterprise security.
Identity authentication Identity authentication: Verifying a user’s claimed identity. Glossary term for cybersecurity and access control.
Identity graph Identity graph: Database linking identifiers to a single user. Glossary entry for digital identity and fraud prevention.
Identity proofing Identity proofing: Verifying a person’s real-world identity. Key glossary term for onboarding and compliance checks.
Identity verification (IDV) Identity verification (IDV): Confirms a user’s identity at onboarding or transaction. Glossary term for fraud prevention and compliance.
Inherent risk Inherent risk: Risk level before controls are applied. Glossary term for enterprise risk management and assessment.
K
Know Your Business (KYB) Know Your Business (KYB): Process of verifying business entity legitimacy. Glossary entry for B2B compliance and onboarding.
Know Your Customer (KYC) Know Your Customer (KYC): Verifies customer identity to prevent fraud. Glossary term for financial compliance and AML.
Know Your Employee (KYE) Know Your Employee (KYE): Due diligence to verify employee identity and background. Glossary entry for internal risk management.
Know Your Patient (KYP) Know Your Patient (KYP): Verifies patient identity in healthcare. Glossary term for medical compliance and data accuracy.
Know Your Seller (KYS) Know Your Seller (KYS): Verifies legitimacy of marketplace sellers. Glossary entry for e-commerce compliance and fraud prevention.
Knowledge-based authentication (KBA) Knowledge-based authentication (KBA): Identity verification using personal questions. Glossary term for access control and security.
L
M
Marketplace account suspension Marketplace account suspension: Temporary or permanent deactivation due to policy violations. Glossary term for e-commerce risk management.
Marketplace risk Marketplace risk: Exposure to fraud, non-compliance, or illegal activity on online platforms. Glossary entry for digital business risk.
Money services businesses (MSB) Money services businesses (MSB): Non-bank entities handling money transfers or exchanges. Glossary term for financial compliance.
Multi-factor authentication Multi-factor authentication: Security requiring two or more credentials for access. Glossary entry for cybersecurity best practices.
P
Personally identifiable information (PII) Personally identifiable information (PII): Data that can identify an individual. Glossary term for privacy and data protection.
Placement money laundering Placement money laundering: First stage of laundering introducing illicit funds into the system. Glossary entry for AML processes.
Politically exposed person (PEP) Politically exposed person (PEP): Individual in a high-profile public role, considered higher risk for corruption. Glossary for compliance.
Progressive risk segmentation Progressive risk segmentation: Adjusts verification based on user risk profile. Glossary term for adaptive fraud prevention.
R
S
Sanctions Sanctions: Legal restrictions on individuals, entities, or countries. Glossary entry for compliance and international trade.
Second-party fraud Second-party fraud: Fraud involving a legitimate user sharing their account with a third party. Glossary term for fraud types.
Secretary of State (SOS) filing Secretary of State (SOS) filing: Official business registration with a state. Glossary entry for business verification.
Securities and Exchange Commission (SEC) Securities and Exchange Commission (SEC): U.S. agency regulating securities markets. Glossary term for financial regulation.
Self-sovereign identity (SSI) Self-sovereign identity (SSI): Decentralized digital identity under user control. Glossary entry for identity management.
Selfie check Selfie check: Biometric verification comparing a selfie to an ID. Glossary term for identity proofing methods.
Single sign-on (SSO) Single sign-on (SSO): One login for multiple systems. Glossary entry for authentication and access management.
Social media profiling Social media profiling: Analyzing digital footprints to assess risk or verify identity. Glossary term for fraud detection.
Spear phishing Spear phishing: Targeted email scams impersonating trusted sources. Glossary entry for cybersecurity threats.
Strong Customer Authentication (SCA) Strong Customer Authentication (SCA): EU requirement for multi-factor authentication in payments. Glossary for payment security.
Subject access request (SAR) Subject access request (SAR): Request under data laws for a copy of personal data held. Glossary entry for privacy and compliance.
Suspicious transaction report (STR) Suspicious transaction report (STR): Report filed for potentially illegal or suspicious activity. Glossary term for AML compliance.
Synthetic ID Synthetic ID: Fake identity built from real and fabricated data. Glossary term for fraud detection and risk management.
Synthetic fraud Synthetic fraud: Fraud using fake identities made from real and false data. Glossary entry for financial crime prevention.
T
The National Institute of Standards and Technology (NIST) The National Institute of Standards and Technology (NIST): U.S. agency setting technical and security standards. Glossary entry.
Third-party fraud Third-party fraud: Fraud using someone else’s identity without their knowledge. Glossary term for identity theft and financial crime.
U
V
VAT validation VAT validation confirms a business’s VAT number is legitimate, supporting tax compliance and fraud prevention in cross-border trade.
Vishing Vishing is a phone scam where attackers trick unsuspecting victims into revealing sensitive info like passwords or bank details using fake calls.