A
ABAC (Attribute-Based Access Control)Access control model that evaluates attributes such as user role, resource type, and environment conditions to determine access permissions. Grand Central uses ABAC alongside RBAC for fine-grained authorization. ACH (Automated Clearing House)
Electronic funds transfer network used in the United States for batch processing of payments. Grand Central supports ACH payments through connectors such as the Alacriti Batch connector. AIS (Account Information Services)
Regulated service that lets a third party access a user’s bank account data with consent and present it in a consolidated or processed form. AIS is part of the Open Banking framework. AISP (Account Information Service Provider)
Third-party provider that uses standards-based APIs to access a customer’s accounts and provide account information services. Examples include accounting software that accesses account and transaction information from business bank accounts, or a bank whose mobile app accesses account information from other banks to provide a consolidated financial overview. AKS (Azure Kubernetes Service)
Microsoft Azure’s managed Kubernetes service. Grand Central runs on AKS for container orchestration, scaling, and cluster management. AML (Anti-Money Laundering)
Regulations and procedures designed to prevent criminals from using financial systems to launder money. Grand Central integrates with AML providers such as ComplyAdvantage. API Gateway
Entry point for all API requests to Grand Central. The gateway handles routing, authentication, rate limiting, and request transformation. For more information, see API management. APIM (API Management)
The API management layer in Grand Central that provides full control over the API lifecycle, including design, publishing, monitoring, security, and retirement. For more information, see API management. ASPSP (Account Servicing Payment Service Provider)
Institution that provides accounts and access to account information services through standards-based APIs. For example, a bank that offers current accounts. ASPSPs are part of the Open Banking framework. Automated validation
Process that automatically reviews tool configurations for security, compliance, and performance requirements before enabling them in Grand Central.
B
Back pressureMechanism in Sync Hub for managing event flow when a consumer processes events slower than the producer publishes them. Sync Hub handles back pressure automatically with per-consumer delivery guarantees to prevent data loss. BIAN (Banking Industry Architecture Network)
Industry framework that provides a standardized model for banking service domains. Grand Central’s Unified APIs are BIAN-inspired, mapping banking capabilities into consistent, domain-aligned interfaces.
C
Canonical formatStandardized event structure used across Sync Hub to ensure consistent event data regardless of the source system. Canonical formats simplify multi-consumer distribution by normalizing data from different vendors. Connector
Out-of-the-box integration component hosted on the Grand Central iPaaS that wraps a third-party API or data source and maps it to Grand Central’s Unified APIs. You can configure connectors without writing custom code. For more information, see Get started with connectors. Connector domain
Logical grouping of business capabilities and data ownership. Available domains include Core Banking, Customer Relationship Management, Payments Processing, Onboarding & Origination, and Data Enrichment. For more information, see Platform terminology. Connector pack
Collection of connectors within the same business domain of an ISV. A connector pack groups related connectors for a single vendor. Connector slot
Licensed unit of capacity that lets you activate one distinct connection to an external system within a specific business domain. For more information, see Platform terminology. Consent
Permission explicitly granted by a customer to let a third-party provider access account information on their behalf. Consent management is central to Open Banking compliance. Consumer
System that receives and processes events from Sync Hub. Consumers subscribe to specific event topics and process events independently. Consumer group
Set of consumers that coordinate to process events from Sync Hub. Consumer groups enable parallel processing while ensuring each event is handled by one consumer in the group. Content-based routing
Sync Hub capability that routes events to specific consumers based on the event content, such as transaction type, amount, or currency. This lets you direct events to the right systems without building custom routing logic. COP (Confirmation of Payee)
Name-checking service that verifies the payee’s name matches the account details before a payment is sent. Grand Central supports COP through the SurePay connector. Custom connector
Connector that you build on the Grand Central platform to integrate with an ISV or financial institution that doesn’t have a pre-built connector available. For more information, see Platform terminology. CVV2 (Card Verification Value 2)
Three- or four-digit security code printed on a payment card, used to verify that the cardholder has physical possession of the card during card-not-present transactions.
D
DDoS (Distributed Denial of Service)Attack that overwhelms a system with traffic from multiple sources. Grand Central’s infrastructure includes DDoS protection as part of its network connectivity and security architecture. Dead letter queue
Queue in Sync Hub that stores events that failed processing after all retry attempts are exhausted. Dead letter queues prevent failed events from blocking the processing of subsequent events. Domain service
Microservice aligned with a BIAN-inspired service domain, exposed as a set of API methods and endpoints. Multiple domain services make up a Grand Central Connector.
E
ECP (European Payments Council)Organization that manages and develops European payment schemes. Grand Central references ECP guidelines in the context of Verification of Payee standards. EEA (European Economic Area)
Economic area comprising EU member states plus Iceland, Liechtenstein, and Norway. Relevant for regulatory scope of payment directives such as PSD2. Event distribution
Process of delivering events from a producer to one or more consuming systems through Sync Hub. Distribution supports fan-out, content-based routing, and guaranteed delivery. External MCP server
Third-party MCP-compatible service hosted outside Grand Central that you can access through Grand Central’s unified interface for consistent authentication, auditing, and rate limiting.
F
Fan-outSync Hub distribution pattern that delivers a single published event to multiple consumers simultaneously. Fan-out eliminates the need to build separate point-to-point integrations for each consuming system. FATF (Financial Action Task Force)
Intergovernmental organization that sets international standards for combating money laundering and terrorist financing. Grand Central’s AML integrations help meet FATF compliance requirements.
G
GitOpsOperational framework that uses Git repositories as the source of truth for infrastructure and app configuration. Grand Central uses GitOps practices for API management configuration and connector deployment. Grand Central
The collective term for the Grand Central iPaaS platform and Backbase Connectors. Grand Central Connector
Set of domain services developed by Backbase, hosted on the Grand Central iPaaS, that connects a functional app with third-party systems. You can configure Grand Central Connectors without writing custom code. Each connector wraps a specific third-party API or data source and maps it to Backbase APIs. See also Connector. Grand Central iPaaS
Backbase’s Integration Platform as a Service that links functional apps with third-party systems through Backbase Connectors. Premium features include the tooling to build custom integrations to internal and external systems. For more information, see Platform overview. Guaranteed delivery
Sync Hub capability that ensures events reach consumers even during transient failures. Sync Hub uses retry logic with exponential backoff, dead letter handling, and message ordering guarantees.
H
HSM (Hardware Security Module)Physical device that manages and safeguards cryptographic keys. Grand Central’s infrastructure uses HSMs for secure key storage as part of its security architecture.
I
IBAN (International Bank Account Number)Internationally agreed-upon system of identifying bank accounts across national borders. Used in Grand Central’s payment connectors for account identification. IDV (Identity Verification)
Process of confirming that a person is who they claim to be. Grand Central integrates with IDV providers such as Onfido and Prove. Installation
A customer’s own instance of the Grand Central iPaaS, including multiple runtimes and environments (development, test, production) depending on specific customer needs. ISV (Independent Software Vendor)
Company that develops, markets, and sells software solutions. In Grand Central, ISVs are the third-party systems that connectors integrate with. For more information, see Platform terminology.
J
JMS (Java Message Service)Java API for message-oriented middleware. Grand Central supports JMS as one of the event streaming protocols in Sync Hub integration patterns. JWT (JSON Web Token)
Compact, URL-safe token format for securely transmitting claims between parties. Grand Central uses JWTs for API authentication and authorization.
K
KameletsReusable snippets of Camel DSL that developers can reference and reuse when building custom connectors, similar to a traditional SDK construct. For more information, see the Apache Camel Kamelets documentation. KYB (Know Your Business)
Due diligence process for verifying the identity and legitimacy of a business entity. Grand Central supports KYB through KYC-KYB connectors. KYC (Know Your Customer)
Regulatory process for verifying the identity of customers. Grand Central supports KYC through connectors such as Onfido and ComplyAdvantage.
M
MCP (Model Context Protocol)Open protocol that enables AI agents to discover and invoke backend API operations as tools through standardized tool discovery and invocation endpoints. MFA (Multi-Factor Authentication)
Authentication method that requires two or more verification factors (such as a password plus a one-time code) to access a system. Grand Central enforces MFA for platform access. mTLS (Mutual TLS)
Extension of TLS where both the client and server authenticate each other using certificates. Grand Central uses mTLS for secure service-to-service communication. For more information, see Network connectivity. Multi-consumer distribution
Sync Hub integration pattern that delivers events from a single source to multiple consuming systems, each with independent delivery guarantees and processing speeds. For more information, see Sync Hub integration patterns.
N
NACHA (National Automated Clearing House Association)Organization that manages the ACH network in the United States. NACHA defines the rules and formats for ACH transactions processed through Grand Central’s payment connectors. Native tools
MCP tools backed directly by Grand Central’s internal APIs, included in platform subscriptions with predictable costs and optimized performance.
O
OAuth (Open Authorization)Authorization framework that lets third-party applications access resources on behalf of a user without exposing credentials. Grand Central uses OAuth for API authentication. OBL (Open Banking Limited)
UK entity that sets the technical standards, APIs, and guidelines for Open Banking compliance in the UK, aligned with PSD2. For more information, see Open Banking connector. OBPM (Oracle Banking Payments Manager)
Oracle’s payment processing platform. Grand Central provides connectors for both real-time and batch payment processing through OBPM. OIDC (OpenID Connect)
Identity layer built on top of OAuth that provides authentication in addition to authorization. Grand Central supports OIDC for identity federation.
P
PAIN (Payment Initiation)ISO 20022 message type for payment initiation. PAIN.001 messages contain payment instructions and PAIN.002 messages contain status reports. Used in Grand Central’s OBPM Batch connector. PAN (Primary Account Number)
Number embossed or printed on a payment card that identifies the card issuer and the cardholder’s account. Grand Central’s card management connectors handle PAN data in compliance with PCI DSS requirements. PCI DSS (Payment Card Industry Data Security Standard)
Security standard for organizations that handle payment card data. Grand Central’s infrastructure meets PCI DSS requirements for card data handling. For more information, see Security. PEP (Politically Exposed Person)
Individual who holds or has held a prominent public function. Financial institutions screen customers against PEP lists as part of AML compliance. Grand Central supports PEP screening through the ComplyAdvantage connector. Pre-built connector
Connector that comes with the Grand Central platform, also referred to as a managed connector. Pre-built connectors provide out-of-the-box integration with an ISV without custom development. For more information, see Platform terminology. Producer
System that publishes events to Sync Hub when data changes occur. Producers can be webhook endpoints, event consumers reading from external brokers, file processors, or direct API integrations. PSD2 (Payment Services Directive 2)
EU regulatory directive that sets the legal foundation for Open Banking and mandates banks to provide access to customer data and payment services to authorized third-party providers. For more information, see Open Banking connector.
R
Rate limitingControlling the number of requests a client can make to Grand Central’s API endpoints in a given time period. Rate limits are enforced through APIM policies and tied to subscription keys. RBAC (Role-Based Access Control)
Access control model that assigns permissions based on user roles. Grand Central uses RBAC for platform administration and API access control. RTP (Real-Time Payments)
Payment network that enables instant fund transfers between bank accounts in the United States. Grand Central supports RTP through the Alacriti connector.
S
SandboxDeveloper environment on the Grand Central iPaaS that lets you remotely connect, deploy, and run connectors from your local machine. The sandbox provides a live development experience where local changes are reflected on the remote environment. SCA (Strong Customer Authentication)
Standard for ensuring that access and actions are authorized by the account owner using suitably secure authentication methods, such as two-factor authentication or MFA. SCA is required by PSD2 for Open Banking transactions. Schema evolution
Sync Hub capability for managing schema versioning and backward compatibility as banking systems evolve over time. Sync Hub handles schema evolution automatically to prevent integration breakage when vendor data formats change. SFTP (SSH File Transfer Protocol)
Secure protocol for transferring files over an encrypted connection. Grand Central uses SFTP for batch file processing in connectors such as the OBPM Batch connector. SOC (System and Organization Controls)
Audit framework for evaluating an organization’s controls over security, availability, processing integrity, confidentiality, and privacy. Grand Central maintains SOC 2 Type 2 compliance. For more information, see Security. SOPS (Secrets OPerationS)
Tool for encrypting and managing secrets in configuration files. Grand Central uses SOPS for secure management of connector credentials and API keys during connector configuration. SOX (Sarbanes-Oxley Act)
United States federal law that establishes auditing and financial reporting requirements for publicly traded companies. Grand Central’s compliance controls support SOX requirements for financial data handling. Subscription key
API key that authenticates requests to Grand Central’s endpoints and determines which endpoints are accessible. Subscription keys are managed through APIM. Sync Hub
Managed event distribution platform that enables real-time data synchronization between the systems that Grand Central connects. Sync Hub supports multiple integration patterns including webhooks, event streaming, file processing, and multi-consumer distribution. For more information, see Sync Hub.
T
TemplateGolden sample of either a connector or an API that you use to build your custom instance. Templates come with all the tooling necessary to build and run a custom connector on the Grand Central iPaaS. Tool discovery
MCP capability that lets AI agents query available operations through the
tools/list endpoint, receiving tool names, descriptions, and parameter schemas.
Tool invocationProcess of calling a specific MCP tool through the
tools/call endpoint with required parameters, returning results to the AI agent.
Tool schemaJSON Schema definition describing a tool’s parameters, including required fields, data types, validation patterns, and descriptions that guide AI agents in correct usage.
U
Unified APIBIAN-inspired API specification that Grand Central Connectors implement to provide a consistent interface across different third-party systems. Unified APIs abstract the complexity of different ISV implementations into standardized endpoints. For more information, see Unified APIs.
V
VoP (Verification of Payee)Service that verifies the identity of a payment recipient before a transaction is completed. Grand Central supports VoP through the SurePay connector, compliant with ECP VoP guidelines.
W
WAF (Web Application Firewall)Security tool that monitors and filters HTTP traffic between a web app and the internet. Grand Central’s infrastructure includes WAF protection as part of its network connectivity architecture.
For general Backbase terms, see the Backbase glossary. For Grand Central key concepts, see Grand Central and Platform terminology.