Table of Contents
The Money Atlas
A Systems-Level Guide to Payments in a Fragmented World.
- 01Styleguide
- 02Table of contents
- 03Introduction
- 04Part I: Why Payments Exist (And Why They're Hard)
- 05Part II: The Modern Payment Stack
- Chapter 4 — A Payment in Motion: The Canonical Payment Flow
- Chapter 5 — Who's Who in Payments: Card Networks, Platforms & Protocols
- Chapter 6 — Making Cards More Flexible: The Internet Layer
- Chapter 7 — Where Web3 Enters the Story
- Chapter 8 — Geography Still Matters: Why Payments Look Different Everywhere
- 06Part III: Cards: The Dominant Rail
- Chapter 9 — How Card Payments Actually Work
- Chapter 10 — Debit vs Credit Cards: Same Rails, Different Rules
- Chapter 11 — 3DS: Security, Friction, and Power
- Chapter 12 — Network Tokens, Vaults & Credentials
- Chapter 13 — Chargebacks, Fraud & Disputes
- Chapter 14 — Merchant-Affiliate Card Programmes: Gift Cards, Co-Brand Prepaid & Card-Linked Offers
- [ARCHIVED] Chapter 8 — Clearing: The Paperwork Phase
- [ARCHIVED] Chapter 9 — Settlement: When Money Actually Moves
- [ARCHIVED] Chapter 10 — Reconciliation and Disputes
- [ARCHIVED] Chapter 6B — The Token Deep-Dive: FPAN, DPAN, MPAN and How They Flow
- Archive: extra
- 07Part IV: Recurring, Subscriptions & Complex Billing
- 08Part V: Alternative Payment Methods (APMs)
- Chapter 18 — Bank Transfers, RTPs & Virtual Accounts
- Chapter 19 — QR Codes, Proxies & Pay-by-Scan
- Chapter 20 — Direct Debit, Mandates & Pull-Based Payments
- Chapter 21 — Carrier Billing & Embedded Telco Payments
- Chapter 22 — Wallets, Super Apps & Closed-Loop Payments
- Chapter 23 — BNPL: Credit Masquerading as Payments
- 09Part VI: Security, Compliance & Control
- Chapter 24 — PCI-DSS: What It Is (and Isn't)
- Chapter 25 — Vaulting, Encryption & Tokenization
- Chapter 26 — Risk, Compliance & Monitoring
- [ARCHIVED → Ch 24] Chapter 20 — Who's Watching the Vault?
- [ARCHIVED → Ch 24] Chapter 20 — 24 Questions or 328: Why Your Integration Choice Is a Compliance Decision
- [ARCHIVED → Ch 24] Chapter 20 — Shrinking the Blast Radius
- [ARCHIVED → Ch 24] Chapter 20 — Seven Lies Merchants Tell Themselves About PCI
- [ARCHIVED → Ch 24] Chapter 20 — From Countertop Terminal to SAQ D: One Coffee Shop's Compliance Odyssey
- [SUPERSEDED — corrupted formatting, safe to delete] Chapter 24 first draft
- 10Part VII: Web3, Stablecoins & Crypto
- 11Part VIII: Orchestration & The Second Gilded Age
- 12Part IX: How to Use This Knowledge
- 13Part X: The Living System
- 14Appendices
- 15References
- 16News articles
- 17Glossary
- 18Sources
- 19The Rail Is Not the Business — Agentic Payments, Mid-2026