... to the card readers so when an ORCA card is tapped on the reader, it can check the ... If your card was issued by your employer or other organization, please refer to them for
The ORCA ("One Regional Card for All") card is a contactless, stored value smart card used for payment of public transport fares in the Puget Sound region of Washington state. ORCA was introduced on a limited basis on April 20, 2009, to be followed by an extensive public launch in late 2009.
Central Puget Sound transit agencies have collaborated in a region-wide fare system since 1991 with the introduction of U-PASS and later FlexPass. In 1996, voters approved Sound Move, which called for an integrated regional fare policy for a "one-ticket ride". That goal led to the creation of the PugetPass in 1999, which allowed transit riders to use a single pass for five transit agencies.
On April 29, 2003, an agreement to implement a smart card system between the seven agencies in the Central Puget Sound Regional Fare Coordination Project (Sound Transit, King County Metro, Community Transit, Everett Transit, Pierce Transit, Kitsap Transit, and Washington State Ferries) was signed along with a US$43 million contract awarded to ERG Transit Systems as the vendor of the project. ERG was purchased by Cubic Transportation Systemsin 2009. The ORCA card was originally anticipated to be operational in 2006.
On Friday, April 17, 2009, ORCA announced a limited rollout of the regional smart card beginning April 20, 2009. The limited rollout allowed remaining technical issues in the system to be resolved. An extensive rollout and public outreach campaign followed in June 2009. Blank cards were available at no charge during the introductory period, but as of March 1, 2010, the card cost $5 ($3 for reduced fare permit holders). Users of PugetPasses, FlexPasses, and other passes were to be gradually transitioned to ORCA.
The ORCA launch press kit gave a launch timeline as follows:
Between November 9 and December 22, 2006, as many as 6,000 transit riders were asked to participate in a live test of the smart card system. The test was conducted on selected routes of the seven participating agencies. The University of Washington conducted a separate test for integrating ORCA with the Husky Card and U-PASS during the same period.
The card uses the ISO/IEC 14443 RFID standard. Specifically, the MIFARE DESFire EV1 which, "implements all 4 levels of ISO / IEC 14443A and uses optional ISO / IEC 7816-4 commands.".
The ORCA project is jointly managed by staff of Sound Transit and King County Metro. The system is centrally managed by ERG.
The ORCA card is currently accepted on:
An ORCA card can be used as a stored-value card through a function called the electronic purse (E-purse). The E-purse holds value that can be used like cash to pay fare. The minimum value that can be added to an E-purse is $5. The maximum value that can be stored in an E-purse is $300.
Funds can be added to an ORCA card by the card user's business under the ORCA Business Choice program which allows businesses to add funds to employee ORCA cards on a monthly basis. Employees can apply the E-voucher funds to the purchase of a monthly pass or the funds can be converted to an E-purse. Any unused E-voucher amount at the end of the month is removed from the employee ORCA cards and refunded to the business.
The regional pass, similar to a PugetPass, allows unlimited travel on transit services in the region, except Washington State Ferries, for a specified period of time. Regional passes are valid for payment of fares up to the value of the pass. Pass values available range from 50¢ to $4.75.
An agency pass covers rides on a specific transit agency's service. Examples include Washington State Ferries' monthly passes, Metro ACCESS paratransit passes, and Metro vanpool passes.
ORCA cards allow a two-hour transfer from the time fare is paid. If an E-purse or regional pass was used to pay fare, transfers are allowed on any bus or rail system in the region. If an agency pass was used, transfers are allowed only on services within that agency. Transfers are stored on the card and automatically calculated for the user. Transfers are not given or accepted on Washington State Ferries.
ORCA card users paying with an E-purse can set their zone preference for King County Metro and Sound Transit services where zone-based fares are used. For example, a person who regularly travels one zone on a two-zone bus can preset their zone to avoid having to tell the driver to change the zone preset on the reader.
Several features of the ORCA card are only available when it is registered.
Balance protection protects the user from losing any value on the card when it is lost or stolen. A replacement card is issued with its value restored for the cost of a new card if the card is registered.
An Autoload automatically adds transportation products to an ORCA card on a regular basis using a Visa or MasterCard. Examples of autoloads are adding value to an E-purse when its balance falls below a certain amount and recurring purchases of monthly passes.
It takes between 24–48 hours for an online credit to apply to an E-purse, whether you do it directly via the web page or call customer service. The only way to get an immediate credit is to go to one of the bus stations that sell ORCA cards and reload the card via a Ticket Vending Machine.
A My ORCA account can be created on the ORCA website to monitor and manage ORCA cards. The account lets the user view transportation products stored on their card (E-purse balance, validity period of passes), transaction history, purchase additional ORCA cards for others, set up an Autoload, set fare presets, and report lost, stolen, or damaged cards.
The ORCA card, especially subsidized ones may be used to track users. Information regarding the trips of a card's user's trips may be released to third parties including employers who subsidize the cards. Many other parties may also obtain detailed trip information.
A debit card (also known as a bank card or check card) is a plastic payment card that provides the cardholder electronic access to his or her bank account(s) at a financial institution. Some cards have a stored value with which a payment is made, while most relay a message to the cardholder's bank to withdraw funds from a payee's designated bank account. The card, where accepted, can be used instead of cash when making purchases. In some cases, the primary account number is assigned exclusively for use on the Internet and there is no physical card.
In many countries, the use of debit cards has become so widespread that their volume has overtaken or entirely replaced cheques and, in some instances, cash transactions. The development of debit cards, unlike credit cards and charge cards, has generally been country specific resulting in a number of different systems around the world, which were often incompatible. Since the mid-2000s, a number of initiatives have allowed debit cards issued in one country to be used in other countries and allowed their use for internet and phone purchases.
Unlike credit and charge cards, payments using a debit card are immediately transferred from the cardholder's designated bank account, instead of them paying the money back at a later date.
Debit cards usually also allow for instant withdrawal of cash, acting as the ATM card for withdrawing cash. Merchants may also offer cashback facilities to customers, where a customer can withdraw cash along with their purchase.
There are currently three ways that debit card transactions are processed: EFTPOS (also known as online debit or PIN debit), offline debit (also known as signature debit) and the Electronic Purse Card System. One physical card can include the functions of all three types, so that it can be used in a number of different circumstances.
Although many debit cards are of the Visa or MasterCard brand, there are many other types of debit card, each accepted only within a particular country or region, for example Switch (now: Maestro) and Solo in the United Kingdom, Interac in Canada, Carte Bleue in France, Laser in Ireland, EC electronic cash (formerly Eurocheque) in Germany, UnionPay in China, RuPay in India and EFTPOS cards in Australia and New Zealand. The need for cross-border compatibility and the advent of the euro recently led to many of these card networks (such as Switzerland's "EC direkt", Austria's "Bankomatkasse" and Switch in the United Kingdom) being re-branded with the internationally recognised Maestro logo, which is part of the MasterCard brand. Some debit cards are dual branded with the logo of the (former) national card as well as Maestro (for example, EC cards in Germany, Laser cards in Ireland, Switch and Solo in the UK, Pinpas cards in the Netherlands, Bancontact cards in Belgium, etc.). The use of a debit card system allows operators to package their product more effectively while monitoring customer spending.
Online debit cards require electronic authorization of every transaction and the debits are reflected in the user’s account immediately. The transaction may be additionally secured with the personal identification number (PIN) authentication system; some online cards require such authentication for every transaction, essentially becoming enhanced automatic teller machine (ATM) cards.
One difficulty with using online debit cards is the necessity of an electronic authorization device at the point of sale (POS) and sometimes also a separate PINpad to enter the PIN, although this is becoming commonplace for all card transactions in many countries.
Overall, the online debit card is generally viewed as superior to the offline debit card because of its more secure authentication system and live status, which alleviates problems with processing lag on transactions that may only issue online debit cards. Some on-line debit systems are using the normal authentication processes of Internet banking to provide real-time on-line debit transactions. The most notable of these are Ideal and POLl.
Offline debit cards have the logos of major credit cards (for example, Visa or MasterCard) or major debit cards (for example, Maestro in the United Kingdom and other countries, but not the United States) and are used at the point of sale like a credit card (with payer's signature). This type of debit card may be subject to a daily limit, and/or a maximum limit equal to the current/checking account balance from which it draws funds. Transactions conducted with offline debit cards require 2–3 days to be reflected on users’ account balances.
In some countries and with some banks and merchant service organizations, a "credit" or offline debit transaction is without cost to the purchaser beyond the face value of the transaction, while a fee may be charged for a "debit" or online debit transaction (although it is often absorbed by the retailer). Other differences are that online debit purchasers may opt to withdraw cash in addition to the amount of the debit purchase (if the merchant supports that functionality); also, from the merchant's standpoint, the merchant pays lower fees on online debit transaction as compared to "credit" (offline)
Smart-card-based electronic purse systems (in which value is stored on the card chip, not in an externally recorded account, so that machines accepting the card need no network connectivity) are in use throughout Europe since the mid-1990s, most notably in Germany (Geldkarte), Austria (Quick Wertkarte), the Netherlands (Chipknip), Belgium (Proton), Switzerland (CASH) and France (Moneo, which is usually carried by a debit card). In Austria and Germany, all current bank cards now include electronic purses.
Prepaid debit cards, also called reloadable debit cards, appeal to a variety of users. The primary market for prepaid cards are unbanked people, that is, people who do not use banks or credit unions for their financial transactions, possibly because of poor credit ratings.
The advantages of prepaid debit cards include being safer than carrying cash, worldwide functionality due to Visa and MasterCard merchant acceptance, not having to worry about paying a credit card bill or going into debt, the opportunity for anyone over the age of 18 to apply and be accepted without regard to credit quality and the option to direct deposit paychecks and government benefits onto the card for free.
Some of the first companies to enter this market were: MiCash, RushCard and Netspend, who gained high market share as a result of being first to market. However, since 1999, there have been several new providers, such as TransCash, 247card and iKobo, that offer a number of other benefits, such as money remittance services, card-to-card transfers, and the ability to apply without a social security number.][
As of 2013, several city governments (including Oakland, California and Chicago, Illinois) are now offering prepaid debit cards, either as part of a municipal ID card (for persons such as undocumented immigrants, who are unable to obtain a state driver's license or DMV ID card) in the case of Oakland, or in conjunction with a prepaid transit pass (Chicago). These cards have been heavily criticized for their higher-than-average fees, including some (such as a flat fee added on to every purchase made with the card) that similar products offered by Green Dot and American Express do not have.
The U.S. federal government uses prepaid debit cards to make benefits payments to people who do not have bank accounts. In 2008, the U.S. Treasury Department paired with Comerica Bank to offer the Direct Express Debit MasterCard prepaid debit card.
In July 2013, the Association of Government Accountants released a report on government use of prepaid cards, concluding that such programs offer a number of advantages to governments and those who receive payments on a prepaid card rather than by check. The prepaid card programs benefit payments largely for cost savings they offer and provide easier access to cash for recipients, as well as increased security. The report also advises that governments should consider replacing any remaining cheque-based payments with prepaid card programs in order to realize substantial savings for taxpayers, as well as benefits for payees.
Consumer protections vary, depending on the network used. Visa and MasterCard, for instance, prohibit minimum and maximum purchase sizes, surcharges, and arbitrary security procedures on the part of merchants. Merchants are usually charged higher transaction fees for credit transactions, since debit network transactions are less likely to be fraudulent. This may lead them to "steer" customers to debit transactions. Consumers disputing charges may find it easier to do so with a credit card, since the money will not immediately leave their control. Fraudulent charges on a debit card can also cause problems with a checking account because the money is withdrawn immediately and may thus result in an overdraft or bounced checks. In some cases debit card-issuing banks will promptly refund any disputed charges until the matter can be settled, and in some jurisdictions the consumer liability for unauthorized charges is the same for both debit and credit cards.
In some countries, like India and Sweden, the consumer protection is the same regardless of the network used. Some banks set minimum and maximum purchase sizes, mostly for online-only cards. However, this has nothing to do with the card networks, but rather with the bank's judgement of the person's age and credit records. Any fees that the customers have to pay to the bank are the same regardless of whether the transaction is conducted as a credit or as a debit transaction, so there is no advantage for the customers to choose one transaction mode over another. Shops may add surcharges to the price of the goods or services in accordance with laws allowing them to do so. Banks consider the purchases as having been made at the moment when the card was swiped, regardless of when the purchase settlement was made. Regardless of which transaction type was used, the purchase may result in an overdraft because the money is considered to have left the account at the moment of the card swiping.
Debit cards and secured credit cards are popular among college students who have not yet established a credit history. Debit cards may also be used by expatriated workers to send money home to their families holding an affiliated debit card.
To the consumer, a debit transaction is perceived as occurring in real-time; i.e. the money is withdrawn from their account immediately following the authorization request from the merchant, which in many countries, is the case when making an online debit purchase. However, when a purchase is made using the "credit" (offline debit) option, the transaction merely places an authorization hold on the customer's account; funds are not actually withdrawn until the transaction is reconciled and hard-posted to the customer's account, usually a few days later. However, the previous sentence applies to all kinds of transaction types, at least when using a card issued by a European bank. This is in contrast to a typical credit card transaction; though it can also have a lag time of a few days before the transaction is posted to the account, it can be many days to a month or more before the consumer makes repayment with actual money.
Because of this, in the case of a benign or malicious error by the merchant or bank, a debit transaction may cause more serious problems (for example, money not accessible; overdrawn account) than in the case of a credit card transaction (for example, credit not accessible; over credit limit). This is especially true in the United States, where check fraud is a crime in every state, but exceeding your credit limit is not.
Debit cards may also be used on the Internet either with or without using a PIN. Internet transactions may be conducted in either online or offline mode, although shops accepting online-only cards are rare in some countries (such as Sweden), while they are common in other countries (such as the Netherlands). For a comparison, PayPal offers the customer to use an online-only Maestro card if the customer enters a Dutch address of residence, but not if the same customer enters a Swedish address of residence.
Internet purchases can be authenticated by the consumer entering their PIN if the merchant has enabled a secure online PIN pad, in which case the transaction is conducted in debit mode. Otherwise, transactions may be conducted in either credit or debit mode (which is sometimes, but not always, indicated on the receipt), and this has nothing to do with whether the transaction was conducted on online or offline mode, since both credit and debit transactions may be conducted in both modes.
In some countries, banks tend to levy a small fee for each debit card transaction. In some countries (for example, the UK) the merchants bear all the costs and customers are not charged. There are many people who routinely use debit cards for all transactions, no matter how small. Some (small) retailers refuse to accept debit cards for small transactions, where paying the transaction fee would absorb the profit margin on the sale, making the transaction uneconomic for the retailer.
The banks in Angola issue by official regulation only one brand of debit cards: Multicaixa, which is also the brand name of the one and only network of ATMs and POS terminals.
Debit cards in Australia are called different names depending on the issuing bank: Commonwealth Bank of Australia: Keycard; Westpac Banking Corporation: Handycard; National Australia Bank: FlexiCard; ANZ Bank: Access card; Bendigo Bank: Cashcard.
EFTPOS is very popular in Australia and has been operating there since the 1980s. EFTPOS-enabled cards are accepted at almost all swipe terminals able to accept credit cards, regardless of the bank that issued the card, including Maestro cards issued by foreign banks, with most businesses accepting them, with 450,000 point of sale terminals.
EFTPOS cards can also be used to deposit and withdraw cash over the counter at Australia Post outlets participating in GiroPost, just as if the transaction was conducted at a bank branch, even if the bank branch is closed. Electronic transactions in Australia are generally processed via the Telstra Argent and Optus Transact Plus network - which has recently superseded the old Transcend network in the last few years. Most early keycards were only usable for EFTPOS and at ATM or bank branches, whilst the new debit card system works in the same ways a credit card, except it will only use funds in the specified bank account. This means that, among other advantages, the new system is suitable for electronic purchases without a delay of two to four days for bank-to-bank money transfers.
Australia operates both electronic credit card transaction authorization and traditional EFTPOS debit card authorization systems, the difference between the two being that EFTPOS transactions are authorized by a personal identification number (PIN) while credit card transactions are usually authorized by the printing and signing of a receipt, however in recent years card holders have been encouraged to enter their pin for added security on credit card purchases, negating the need to sign the receipt. If the user fails to enter the correct pin three times, the consequences range from the card being locked out for a minimum 24 hour period, a phone call or trip to the branch to reactivate with a new PIN, the card being cut up by the merchant, or in the case of an ATM, being kept inside the machine, both of which require a new card to be ordered.
Generally credit card transaction costs are borne by the merchant with no fee applied to the end user while EFTPOS transactions cost the consumer an applicable withdrawal fee charged by their bank.
The introduction of Visa and MasterCard debit cards along with regulation in the settlement fees charged by the operators of both EFTPOS and credit cards by the Reserve Bank has seen a continuation in the increasing ubiquity of credit card use among Australians and a general decline in the profile of EFTPOS. However, the regulation of settlement fees also removed the ability of banks, who typically provide merchant services to retailers on behalf of Visa, MasterCard or Bankcard, from stopping those retailers charging extra fees to take payment by credit card instead of cash or EFTPOS. Though only a few operators with strong market power have done so, the passing on of fees charged for credit card transactions may result in an increased use of EFTPOS.
In Bahrain debit cards are under Benefit, the interbanking network for Bahrain. Benefit is also accepted in other countries though, mainly GCC, similar to the Saudi Payments Network and the Kuwaiti KNET.
In Brazil debit cards are called cartão de débito (singular) and are getting increasingly popular as a replacement for checks, which are still uncommonly popular in the country.
In Bulgaria debit cards are allowed in almost all stores and shops, as well as in the most of the hotels and restaurants in the bigger cities. Smaller restaurants or small shops will probably accept cash only. All Bulgarian banks can provide debit cards when you open a bank account, for maintenance costs. Usually debit cards used on ATMs owned by the same bank do not cost a thing, and used on ATMs of other banks costs low (3-10 times cheaper than using credit card). The most common cards in Bulgaria are Maestro and Visa Electron, accepted everywhere together with VISA and MasterCard.
Canada has a nation-wide EFTPOS system, called Interac Direct Payment. Since being introduced in 1994, IDP has become the most popular payment method in the country. Previously, debit cards have been in use for ABM usage since the late 1970s, with Credit Unions in Saskatchewan and Alberta, Canada introducing the first card-based, networked ATMs beginning in June, 1977. Debit Cards, which could be used anywhere a credit card was accepted, were first introduced in Canada by Saskatchewan Credit Unions in 1982. In the early 1990s, pilot projects were conducted among Canada's six largest banks to gauge security, accuracy and feasibility of the Interac system. Slowly in the later half of the 1990s, it was estimated that approximately 50% of retailers offered Interac as a source of payment. Retailers, many small transaction retailers like coffee shops, resisted offering IDP to promote faster service. In 2009, 99% of retailers offer IDP as an alternative payment form.
In Canada, the debit card is sometimes referred to as a "bank card". It is a client card issued by a bank that provides access to funds and other bank account transactions, such as transferring funds, checking balances, paying bills, etc., as well as point of purchase transactions connected on the Interac network. Since its national launch in 1994, Interac Direct Payment has become so widespread that, as of 2001, more transactions in Canada were completed using debit cards than cash. This popularity may be partially attributable to two main factors: the convenience of not having to carry cash, and the availability of automated bank machines (ABMs) and Direct Payment merchants on the network.
Debit cards may be considered similar to stored-value cards in that they represent a finite amount of money owed by the card issuer to the holder. They are different in that stored-value cards are generally anonymous and are only usable at the issuer, while debit cards are generally associated with an individual's bank account and can be used anywhere on the Interac network.
In Canada, the bank cards can be used at POS and ABMs. Interac Online has also been introduced in recent years allowing clients of most major Canadian banks to use their debit cards for online payment with certain merchants as well. Certain financial institutions also allow their clients to use their debit cards in the United States on the NYCE network.
In the last couple of months, VISA has introduced itself to Canadian bank card holders. INTERAC is still used at merchants (when at the merchants store), but on the Internet AND outside of Canada, VISA INTERACT Debit Cards have largely been treated like VISA cards are elsewhere.
Consumers in Canada are protected under a voluntary code* entered into by all providers of debit card services, The Canadian Code of Practice for Consumer Debit Card Services (sometimes called the "Debit Card Code"). Adherence to the Code is overseen by the Financial Consumer Agency of Canada (FCAC), which investigates consumer complaints.
According to the FCAC website, revisions to the Code that came into effect in 2005 put the onus on the financial institution to prove that a consumer was responsible for a disputed transaction, and also place a limit on the number of days that an account can be frozen during the financial institution's investigation of a transaction.
Chile has an EFTPOS system called Redcompra (Purchase Network) which is currently used in at least 23,000 establishments throughout the country. Goods may be purchased using this system at most supermarkets, retail stores, pubs and restaurants in major urban centers.
Colombia has a system called Redeban-Multicolor and Credibanco Visa which are currently used in at least 23,000 establishments throughout the country. Goods may be purchased using this system at most supermarkets, retail stores, pubs and restaurants in major urban centers. Colombian debit cards are Maestro (pin), Visa Electron (pin), Visa Debit (as Credit) and MasterCard-Debit (as Credit).
The Danish debit card Dankort was introduced on 1 September 1983, and despite the initial transactions being paper-based, the Dankort quickly won widespread acceptance in Denmark. By 1985 the first EFTPOS terminals were introduced, and 1985 was also the year when the number of Dankort transactions first exceeded 1 million. It is not uncommon that Dankort is the only card accepted at smaller stores, thus making it harder for tourists to travel without cash. It is also possible to get a Visa Electron debit card and MasterCard.
Miscellaneous facts & numbers
Most daily customer transactions are carried out with debit cards or online giro/electronic bill payment, although credit cards and cash are accepted. Checks are no longer used. Prior to European standardization, Finland had a national standard (pankkikortti). Physically, a pankkikortti was the same as an international credit card, and the same card imprinters and slips were used for pankkikortti and credit cards, but the cards were not accepted abroad. This has now been replaced by the Visa and MasterCard debit card systems, and Finnish cards can be used elsewhere in the European Union and the world.
An electronic purse system, with a chipped card, was introduced, but did not gain much traction.
Signing a payment offline entails incurring debt, thus offline payment is not available to minors. However, online transactions are permitted, and since almost all stores have electronic terminals, today also minors can use debit cards. Previously, only cash withdrawal from ATMs was available to minors (automaattikortti or Visa).
Carte Bancaire (CB), the national payment scheme, in 2008, had 57.5 million cards carrying its logo and 7,76 billion transactions (POS and ATM) were processed through the e-rsb network (135 transactions per card mostly debit or deferred debit). Most CB cards are debit cards, either debit or deferred debit. Less than 10% of CB cards were credit cards.
Banks in France charge annual fees for debit cards (despite card payments being very cost efficient for the banks), yet they do not charge personal customers for checkbooks or processing checks (despite checks being very costly for the banks). This imbalance dates from the unilateral introduction in France of Chip and PIN debit cards in the early 1990s, when the cost of this technology was much higher than it is now. Credit cards of the type found in the United Kingdom and United States are unusual in France and the closest equivalent is the deferred debit card, which operates like a normal debit card, except that all purchase transactions are postponed until the end of the month, thereby giving the customer between 1 and 31 days of interest-free credit.
The annual fee for a deferred debit card is around €10 more than for one with immediate debit. Most France debit cards are branded with the Carte Bleue logo, which assures acceptance throughout France. Most card holders choose to pay around €5 more in their annual fee to additionally have a Visa or a MasterCard logo on their Carte Bleue, so that the card is accepted internationally. A Carte Bleue without a Visa or a MasterCard logo is often known as a "Carte Bleue Nationale" and a Carte Bleue with a Visa or a MasterCard logo is known as a "Carte Bleue Internationale", or more frequently, simply called a "Visa" or "MasterCard".
Many smaller merchants in France refuse to accept debit cards for transactions under a certain amount because of the minimum fee charged by merchants' banks per transaction (this minimum amount varies from €5 to €15.25, or in some rare cases even more). But more and more merchants accept debit cards for small amounts, due to the massive daily use of debit card nowadays. Merchants in France do not differentiate between debit and credit cards, and so both have equal acceptance. It is legal in France to set a minimum amount to transactions, but the merchants must display it clearly.
Debit cards have enjoyed wide acceptance in Germany for years. Facilities already existed before EFTPOS became popular with the Eurocheque card, an authorization system initially developed for paper checks where, in addition to signing the actual check, customers also needed to show the card alongside the check as a security measure. Those cards could also be used at ATMs and for card-based electronic funds transfer (called Girocard) with PIN entry. These are now the only functions of such cards: the Eurocheque system (along with the brand) was abandoned in 2002 during the transition from the Deutsche Mark to the euro. As of 2005, most stores and petrol outlets have EFTPOS facilities. Processing fees are paid by the businesses, which leads to some business owners refusing debit card payments for sales totalling less than a certain amount, usually 5 or 10 euro.
To avoid the processing fees, many businesses resorted to using direct debit, which is then called electronic direct debit (German: , abbr. ELV). The point-of-sale terminal reads the bank sort code and account number from the card but instead of handling the transaction through the Girocard network it simply prints a form, which the customer signs to authorise the debit note. However, this method also avoids any verification or payment guarantee provided by the network. Further, customers can return debit notes by notifying their bank without giving a reason. This means that the beneficiary bears the risk of fraud and illiquidity. Some business mitigate the risk by consulting a proprietary blacklist or by switching to Girocard for higher transaction amounts.
Around 2000, an Electronic Purse Card was introduced, dubbed Geldkarte ("money card"). It makes use of the smart card chip on the front of the standard issue debit card. This chip can be charged with up to 200 euro, and is advertised as a means of making medium to very small payments, even down to several euros or cent payments. The key factor here is that no processing fees are deducted by banks. It did not gain the popularity its inventors had hoped for. However, this could change as this chip is now used as means of age verification at cigarette vending machines, which has been mandatory since January 2007. Furthermore, some payment discounts are being offered (e.g. a 10% reduction for public transport fares) when paying with "Geldkarte". The "Geldkarte" payment lacks all security measures, since it does not require the user to enter a PIN or sign a sales slip: the loss of a "Geldkarte" is similar to the loss of a wallet or purse - anyone who finds it can then use their find to pay for their own purchases.
A popular payment instant method widely used in Hong Kong is EPS. Bank customers can use their ATM card to make an instant EPS payment, much like a debit card. Most banks in Hong Kong provide ATM cards with EPS capability.
Only one bank at this time offers a Visa card as a debit card in Hong Kong. Hang Seng's Bank's Enjoy card is the only one. It is linked to a person's or company's savings or checking account and funds can be moved upon request or on a regularly scheduled basis to cover the charges that are incurred, whether in person or on-line. Overdraft privileges are not permitted at this time. The reason for the limited use is the virtual monopoly of the EPS Corporation which is co-owned by 21 major banks. Unfortunately, EPS is not usable on-line or overseas as a debit card (with limited exceptions, i.e. PLUS network POS transactions).
In Hungary debit cards are far more common and popular than credit cards. Many Hungarians even refer to their debit card ("betéti kártya") mistakenly using the word for credit card ("hitelkártya").
The debit card has limited popularity in India as the merchant is charged for each transaction. The debit card therefore is mostly used for ATM transactions. Most of the banks issue Visa debit cards, while some banks (like SBI and Citibank India) issue Maestro cards. The debit card transactions are routed through the Visa or MasterCard networks rather than directly via the issuing bank.
The National Payments Corporation of India (NPCI) has formally decided the name and logo of this new international payment gateway. The new name is being called RuPay.
Indonesia in addition of accepting foreign brands such as Visa, Maestro, MasterCard, and MEPS. The country also have a few nationwide domestic debit card networks, such as Debit BCA (and its Prima network's counterpart, Prima Debit) and Mandiri Debit.
Iraq's two biggest state-owned banks, Rafidain Bank and Rasheed Bank, together with the Iraqi Electronic Payment System (IEPS) have established a company called International Smart Card, which have developed a national credit card called 'Qi Card'. The card is issued since 2008. According to the company's website: 'after less than two years of the initial launch of the Qi card solution, we have hit 1.6 million cardholder with the potential to issue 2 million cards by the end of 2010, issuing about 100,000 card monthly is a testament to the huge success of the Qi card solution. Parallel to this will be the expansion into retail stores through a network of points of sales of about 30,000 units by 2015'
Israel cards system seems as a blend of features taken from different types of cards. Terminology speaking, the most common card in Israel is a deferred debit card, as in France, though the term is neither familiar nor referred to simply as "credit card". The term is not 100% compatible with the card characteristics, though; Its main feature may be a direct link to (& mostly issued by) a bank account, which it debits on a regular date once a month, but that's not all to it. This card usually enables immediate ATM cash withdrawals & balance inquiries (as debit cards do), an immediate bank account debit for all (ATM+purchases) abroad (though approved according to available credit, not withdraw-able bank account balance), installment & deferred charge interest free transactions offered by merchants (also applicable in Brazil), interest bearing installment plans/deferred charge/revolving credit which is transaction specific at the point of sale (though granted by the issuer, hence the interest), & variety of automated/upon request types of credit schemes including loans, some of which revolve or resemble the extended payment options sometimes offered by charge cards.
That would leave debit card itself not so common in Israel, though exists since 1994. This card is offered by two credit companies in Israel: One is ICC, short for "Israeli Credit Cards" ( pronounced by its Hebrew initials, "CAL"), which issues it in the form of valid only in Israel Visa Electron, mainly to the postal bank (which is not allowed, by regulation, to offer any type of credit) or to Israel Discount Bank, its main owner (where it's branded as "Discount Money Key" card). The other Card is branded "Direct" & offered by the Isracard consurtium to its affiliate banks, mainly as a card valid only in Israel, under its local & unique - though immensely popular - private label brand, "Isracard" (which is often viewed as MasterCard for local use only). Since 2006 Isracard offers next to its local debit card version "Isracard Direct" (formerly known as "Electro Cheque" till 2002) an international version - MasterCard Direct, which is rarely seen.
With those two debit card brands, obviously debit cards operates offline in Israel (meaning the transaction operates under the credit cards systems & debited officially from the cardholder account only few days later, after being processed - though reflected on the current account immediately). POS in Israel are not PIN based (only ATM) & only recently the credit companies had started issue EMV chip smart cards. That is ironic, due to the fact that almost all transactions in Israel are processed by the SHVA company, which is owned by the main banking groups & also serves as the interbank switch & ATM system. In fact, certain ATM bank cards can not withdraw cash at other banks ATM (as in the case of the First International Bank group Snifomat cards) or inquire account balance (as in the case of the postal office Visa Electron debit card).
On & all, Banks usually offers deferred debit cards almost automatically to its new costumers. Debit cards usually offered to those who can't or won't obtain credit,& are not profitable to the average cardholder - as it charges both monthly fee by the credit company & current account fee for every daily debit. Having said that, Isracard Direct is by far more common than ICC Visa Electron version of debit cards. Banks who issue mainly Visa cards will rather offer electronic use, mandate authorized transaction only, unembossed version of Visa Electron deferred debit cards (branded as "Visa Basic" or "Visa Classic") to its customers - sometimes even in the form of revolving credit card.
Debit cards are quite popular in Italy. There are both classic and prepaid cards. The main classic debit card in Italy is Bancomat/PagoBancomat: this kind of card is issued by Italian banks. Bancomat is the commercial brand for the cash withdrawal circuit, while PagoBancomat is used for POS transactions. Unlike other European countries such as UK, no Italian bank is issuing Visa/MasterCard debit cards. The main international debit circuit used by Italian banks is Maestro: for this reason almost every debit card issued in Italy has both PagoBancomat and Maestro logos, with Bancomat/PagoBancomat being used in Italy and the Maestro circuit when abroad. Sometimes, instead of using the Maestro circuit, the Bancomat/PagoBancomat debit card is issued along with V-Pay or Visa Electron logos, or sometimes with credit card functions (so you get a dual-mode card). In this last case, only the credit-card mode is allowed for abroad/Internet transactions, while the debit card mode is used only in Italy. The most popular prepaid debit card is "Postepay". It is issued by Poste italiane S.p.A., and runs on the Visa Electron circuit. It can be used on Poste Italiane's ATMs (Postamat) and on Visa's Electron-compatible bank ATMs all over the world. It has no fees when used on the Internet and in POS-based transactions. Other cards are issued by other companies, such as Vodafone CashCard, Banca Popolare di Milano's Carta Jeans and Carta Moneta Online.
In Japan people usually use their cash cards , originally intended only for use with cash machines, as debit cards. The debit functionality of these cards is usually referred to as J-Debit , and only cash cards from certain banks can be used. A cash card has the same size as a Visa/MasterCard. As identification, the user will have to enter his or her four-digit PIN when paying. J-Debit was started in Japan on March 6, 2000.
Suruga Bank began service of Japan's first Visa Debit in 2006. Rakuten Bank, formally known as Ebank, offers a Visa debit card.
Resona Bank also offers a Visa branded debit card.
In Kuwait, all banks provide a debit card to their account holders. This card is branded as KNET, which is the central switch in Kuwait. KNET card transactions are free for both customer and the merchant and therefore KNET debit cards are used for low valued transactions as well. KNET cards are mostly co-branded as Maestro or Visa Electron which makes it possible to use the same card outside Kuwait on any terminal supporting these payment schemes.
In Malaysia, there is one interbank network called the Malaysian Electronic Payment System (MEPS) through which all the banks issue a multipurpose card called bankcard. This acts as a debit card as well as an ATM card.
In the Netherlands using EFTPOS is known as pinnen (pinning), a term derived from the use of a Personal Identification Number. PINs are also used for ATM transactions, and the term is used interchangeably by many people, although it was introduced as a marketing brand for EFTPOS. The system was launched in 1987, and in 2010 there were 258,585 terminals throughout the country, including mobile terminals used by delivery services and on markets. All banks offer a debit card suitable for EFTPOS with current accounts.
PIN transactions are usually free to the customer, but the retailer is charged per-transaction and monthly fees. Equens, an association with all major banks as its members, runs the system, and until August 2005 also charged for it. Responding to allegations of monopoly abuse, it has handed over contractual responsibilities to its member banks through who now offer competing contracts. The system is organised through a special banking association Currence set up specifically to coordinate access to payment systems in the Netherlands. Interpay, a legal predecessor of Equens, was fined €47 million in 2004, but the fine was later dropped, and a related fine for banks was lowered from €17 million to €14 million. Per-transaction fees are between 5-10 eurocents, depending on volume.
Credit card use in the Netherlands is very low, and most credit cards cannot be used with EFTPOS, or charge very high fees to the customer. Debit cards can often, though not always, be used in the entire EU for EFTPOS. Most debit cards are Maestro cards. Visa debit cards are often not accepted, for example ticket machines at railway stations accept Maestro debit cards but not Visa debit cards. However, all kinds of cards can be used in ATMs.
In 2011 spending money using debit cards rose to 83 billion euro whilst cash spending dropped to 51 billion euro and creditcard spending grew to 5 billion.
Electronic Purse Cards (called Chipknip) were introduced in 1996, but have never become very popular.
EFTPOS (electronic fund transfer at point of sale) in New Zealand is highly popular. In 2006, 70 percent of all retail transactions were made by Eftpos, with an average of 306 Eftpos transaction being made per person. At the same time, there were 125,000 Eftpos terminals in operation (one for every 30 people), and 5.1 million Eftpos cards in circulation (1.27 per capita).
The system involves the merchant swiping (or inserting) the customer's card and entering the purchase amount. Point of sale systems with integrated EFTPOS often sent the purchase total to the terminal and the customer swipes their own card. The customer then selects the account they wish to use: Current/Cheque (CHQ), Savings (SAV), or Credit Card (CRD), before entering in their PIN. After a short processing time in which the terminal contacts the EFTPOS network and the bank, the transaction is approved (or declined) and a receipt is printed. The EFTPOS system is used for credit cards as well, with a customer selecting Credit Card and entering their PIN, or for older credit cards without loaded PIN, pressing OK and signing their receipt with identification through matching signatures. Fixed EFTPOS terminals in most businesses utilise the public switched telephone network to contact the EFTPOS network, either utilising dedicated phone lines or sharing the merchant's voice line (especially in smaller businesses). The uptake of broadband internet in the 21st century has seen some terminals move to internet protocol connections.
Virtually all retail outlets have EFTPOS facilities, so much that retailers without EFTPOS have to advertise so. In addition, an increasing number of mobile operator, such as taxis, stall holders and pizza deliverers have mobile EFTPOS systems. The system is made up of two primary networks: EFTPOS NZ, which is owned by ANZ Bank New Zealand (formerly ANZ National Bank) and Paymark Limited (formerly Electronic Transaction Services Limited), which is owned by ANZ Bank New Zealand, ASB Bank, Westpac and the Bank of New Zealand. The two networks are intertwined and highly sophisticated and secure, able to handle huge volumes of transactions during busy periods such as the lead-up to Christmas: on 24 December 2012, the Paymark network alone recorded an average of 132 transactions per second between 12:00 and 13:00. Network failures are rare, but when they occur they cause massive disruption, resulting in major delays and loss of income for businesses. Most businesses have to resort to manual "zip-zap" swipe machines in such case. Newer POS-based terminals have the ability to "capture" transactions in the event of a communications break-down - instead of entering a PIN, the customer signs their receipt and the transaction is approved on a matching signature, The transaction details are stored and sent for processing once the connection to the network is restored. A notable example of this occurs on the Cook Strait ferries, where in the middle of Cook Strait there is no mobile phone reception to connect to the EFTPOS network.
Depending on the user's bank, a fee may be charged for use of EFTPOS. Most youth accounts (the minimum age to obtain an Eftpos card from most banks in New Zealand is 13 years) and an increasing number of 'electronic transaction accounts' do not attract fees for electronic transactions, meaning the use of Eftpos by younger generations has become ubiquitous and subsequently cash use has become rare. Typically merchants don't pay fees for transactions, most only having to pay for the equipment rental.
One of the disadvantages of New Zealand's well-established EFTPOS system is that it is incompatible with overseas systems and non-face-to-face purchases. In response to this, many banks since 2005 have introduced international debit cards such as Maestro and Visa Debit which work online and overseas as well as on the New Zealand EFTPOS system.
In the Philippines, all three national ATM network consortia offer proprietary PIN debit. This was first offered by Express Payment System in 1987, followed by Megalink with Paylink in 1993 then BancNet with the Point-of-Sale in 1994.
Express Payment System or EPS was the pioneer provider, having launched the service in 1987 on behalf of the Bank of the Philippine Islands. The EPS service has subsequently been extended in late 2005 to include the other Expressnet members: Banco de Oro and Land Bank of the Philippines. They currently operate 10,000 terminals for their cardholders.
Megalink launched Paylink EFTPOS system in 1993. Terminal services are provided by Equitable Card Network on behalf of the consortium. Service is available in 2,000 terminals, mostly in Metro Manila.
BancNet introduced their point of sale system in 1994 as the first consortium-operated EFTPOS service in the country. The service is available in over 1,400 locations throughout the Philippines, including second and third-class municipalities. In 2005, BancNet signed a Memorandum of Agreement to serve as the local gateway for China UnionPay, the sole ATM switch in the People's Republic of China. This will allow the estimated 1.0 billion Chinese ATM cardholders to use the BancNet ATMs and the EFTPOS in all participating merchants.
Visa debit cards are issued by Union Bank of the Philippines (e-Wallet & eon), Chinatrust, Equicom Savings Bank (Key Card & Cash Card), Banco De Oro, HSBC, HSBC Savings Bank, Sterling Bank of Asia (Visa ShopNPay prepaid and debit cards)& EastWest Bank. Union Bank of the Philippines cards, EastWest Visa Debit Card, Equicom Savings Bank & Sterling Bank of Asia EMV cards which can also be used for internet purchases. Sterling Bank of Asia has released its first line of prepaid and debit Visa cards with EMV chip.
MasterCard debit cards are issued by Banco de Oro, Security Bank (Cashlink & Cash Card) & Smart Communications (Smart Money) tied up with Banco De Oro. MasterCard Electronic cards are issued by BPI (Express Cash) and Security Bank (CashLink Plus).
Originally, all Visa and MasterCard based debit cards in the Philippines are non-embossed and are marked either for "Electronic Use Only" (Visa/MasterCard) or "Valid only where MasterCard Electronic is Accepted" (MasterCard Electronic). However, EastWest Bank started to offer embossed Visa Debit Cards without the for "Electronic Use Only" mark. Paypass Debit MasterCard from other banks also have embossed labels without the for "Electronic Use Only" mark
In Poland, local debit cards, such as PolCard, have become largely substituted with international ones, such as Visa, MasterCard, or the unembossed Visa Electron or Maestro.There are also some banks that do not possess an identification system to allow customers to order debit cards online.
In Portugal, debit cards are accepted almost everywhere: ATMs, stores, and so on. The most commonly accepted are Visa and MasterCard, or the unembossed Visa Electron or Maestro. Regarding Internet payments debit cards can't be used for transfers, due to its unsafeness, so banks recommend the use of 'MBnet', a pre-registered safe system that creates a virtual card with a pre-selected credit limit. All the card system is regulated by SIBS, the institution created by Portuguese banks to manage all the regulations and communication processes proply. SIBS' shareholders are all the 27 banks operating in Portugal.
In addition to Visa, MasterCard and American Express, there are some local payment system based in general on Smart Card technology.
Nearly every transaction, regardless of brand or system, is processed as an immediate debit transaction. Non-debit transactions within these systems have spending limits that are strictly limited when compared with typical Visa or MasterCard accounts.
In Saudi Arabia, all debit card transactions are routed trough Saudi Payments Network (SPAN), the only electronic payment system in the Kingdom and all banks are required by the Saudi Arabian Monetary Agency (SAMA) to issue cards fully compatible with the network. It connects all point of sale (POS) terminals throughout the country to a central payment switch which in turn re-routes the financial transactions to the card issuer, local bank, Visa, Amex or MasterCard.
As well as its use for debit cards, the network is also used for ATM and credit card transactions.
Singapore's debit service is managed by the Network for Electronic Transfers (NETS), founded by Singapore’s leading banks and shareholders namely DBS, Keppel Bank, OCBC and its associates, OUB, IBS, POSB, Tat Lee Bank and UOB in 1985 as a result of a need for a centralised e-Payment operator.
However,due to the banking restructuring and mergers, the local banks became UOB, OCBC, DBS-POSB as the shareholders of NETS with Standard Chartered Bank to offer NETS to their customers. However, DBS and POSB customers can use their network atms on their own and not be shared with UOB, OCBC or SCB (StanChart). The mega failure of 5 July 2010 of POSB-DBS ATM Networks (about 97,000 machines) made the government to rethink the shared ATM system again as it affected the NETS system too.
In 2010, in line with the mandatory EMV system, Local Singapore Banks starts to reissue their Debit Visa/MasterCard branded debit cards with the EMV Chip compliant ones compared to the magnetic stripe system in place. Banks involved includes the NETS Members of POSB-DBS, UOB-OCBC-SCB along with the SharedATM alliance (NON-NETS) of HSBC, Citibank, State Bank of India, and Maybank. Standard Chartered Bank (SCB) is also a SharedATM alliance member. Non branded cards of POSB and Maybank local ATM Cards are kept without a chip but has a Plus or Maestro sign so that they can use it only to draw cash locally or overseas.
Maybank Debit MasterCard are also available to use in Malaysia just as a normal ATM or Dedit MEPS card.
Singapore also uses the e-purse systems of NETS CASHCARD and the CEPAS wave system by EZ-Link and NETS.
Debit cards are allowed in a large number stores, both large and small in Spain. Many banks usually offer debit cards when you open a bank account. These cards usually do not have a start up maintenance fee, or if they do the fees are low. These cards are used more often than credit cards at ATMs because there normally isn't a fee to take out money.
In the UK debit cards (an integrated EFTPOS system) are an established part of the retail market and are widely accepted both by bricks and mortar stores and by internet stores. The term EFTPOS is not widely used by the public; debit card is the generic term used. Cards commonly in circulation include Maestro (previously Switch), Debit MasterCard, Visa Debit (previously Visa Delta) and Visa Electron. Banks do not charge customers for EFTPOS transactions in the UK, but some retailers make small charges, particularly where the transaction amount in question is small. The UK has converted all debit cards in circulation to Chip and PIN (except for Chip and Signature cards issued to people with certain disabilities), based on the EMV standard, to increase transaction security; however, PINs are not required for internet transactions.
In the United Kingdom, banks started to issue debit cards in the mid-1980s in a bid to reduce the number of cheques being used at the point of sale, which are costly for the banks to process; the first bank to do so was Barclays with the Barclays Connect card. As in most countries, fees paid by merchants in the United Kingdom to accept credit cards are a percentage of the transaction amount, which funds card holders' interest-free credit periods as well as incentive schemes such as points, airmiles or cashback. Debit cards do not usually have these characteristics, and so the fee for merchants to accept debit cards is a low fixed amount, regardless of transaction amount. For very small amounts, this means it is cheaper for a merchant to accept a credit card than a debit card. Although merchants won the right through The Credit Cards (Price Discrimination) Order 1990 to charge customers different prices according to the payment method, few merchants in the UK charge less for payment by debit card than by credit card, the most notable exceptions being budget airlines, travel agents and IKEA. Debit cards in the UK lack the advantages offered to holders of UK-issued credit cards, such as free incentives (points, airmiles, cashback etc.), interest-free credit and protection against defaulting merchants under Section 75 of the Consumer Credit Act 1974. Almost all establishments in the United Kingdom that accept credit cards also accept debit cards (although not always Visa Electron), but a minority of merchants, for cost reasons, accept debit cards and not credit cards.
In the U.S., EFTPOS is universally referred to simply as debit. The same interbank networks that operate the ATM network also operate the POS network. Most interbank networks, such as Pulse, NYCE, MAC, Tyme, SHAZAM, STAR, and so on, are regional and do not overlap, however, most ATM/POS networks have agreements to accept each other's cards. This means that cards issued by one network will typically work anywhere they accept ATM/POS cards for payment. For example, a NYCE card will work at a Pulse POS terminal or ATM, and vice versa. Many debit cards in the United States are issued with a Visa, MasterCard or American Express logo allowing use of their signature-based networks.
The liability of a U.S. debit card user in case of loss or theft is up to $50 USD if the loss or theft is reported to the issuing bank in two business days after the customer notices the loss.
The fees charged to merchants on offline debit purchases—and the lack of fees charged merchants for processing online debit purchases and paper checks—have prompted some major merchants in the U.S. to file lawsuits against debit-card transaction processors such as Visa and MasterCard. In 2003, Visa and MasterCard agreed to settle the largest of these lawsuits and agreed to settlements of billions of dollars][.
Some consumers prefer "credit" transactions because of the lack of a fee charged to the consumer/purchaser; also, a few debit cards in the U.S. offer rewards for using "credit" (for example, S&T Bank's "Preferred Debit Rewards Card" ). However, since "credit" costs more for merchants, many terminals at PIN-accepting merchant locations now make the "credit" function more difficult to access. For example, if you swipe a debit card at Wal-Mart in the U.S., you are immediately presented with the PIN screen for online debit; to use offline debit you must press "cancel" to exit the PIN screen, then press "credit" on the next screen.
2009-07-08: Minimum and Maximum Charges for Visa in USA
The Merchants Agreement for Visa states (page 9, or 14/141 in PDF):
Always honor valid Visa cards in your acceptance category, regardless of the dollar amount of the purchase. Imposing minimum or maximum purchase amounts in order to accept a Visa card transaction is a violation of the Visa rules.
As a result of the Dodd-Frank Act, U.S. merchants can now set a minimum purchase amount on credit cards (but not debit cards), not to exceed $10.
In the United States, an FSA debit card only allows medical expenses. It is used by some banks for withdrawals from their FSAs, medical savings accounts (MSA), and health savings accounts (HSA) as well. They have Visa or MasterCard logos, but cannot be used as "debit cards", only as "credit cards", and they are not accepted by all merchants that accept debit and credit cards, but only by those that accept FSA debit cards. Merchant codes and product codes are used at the point of sale (required by law by certain merchants by certain dates in the USA) to restrict sales if they do not qualify. Because of the extra checking and documenting that goes on, later, the statement can be used to substantiate these purchases for tax deductions. In the occasional instance that a qualifying purchase is rejected, another form of payment must be used (a check or payment from another account and a claim for reimbursement later). In the more likely case that non-qualifying items are accepted, the consumer is technically still responsible, and the discrepancy could be revealed during an audit. A small but growing segment of the debit card business in the U.S. involves access to tax-favored spending accounts such as FSAs, HRAs, and HSAs. Most of these debit cards are for medical expenses, though a few are also issued for dependent care and transportation expenses.
Traditionally, FSAs (the oldest of these accounts) were accessed only through claims for reimbursement after incurring, and often paying, an out-of-pocket expense; this often happens after the funds have already been deducted from the employee's paycheck. (FSAs are usually funded by payroll deduction.) The only method permitted by the Internal Revenue Service (IRS) to avoid this "double-dipping" for medical FSAs and HRAs is through accurate and auditable reporting on the tax return. Statements on the debit card that say "for medical uses only" are invalid for several reasons: (1) The merchant and issuing banks have no way of quickly determining whether the entire purchase qualifies for the customer's type of tax benefit; (2) the customer also has no quick way of knowing; often has mixed purchases by necessity or convenience; and can easily make mistakes; (3) extra contractual clauses between the customer and issuing bank would cross-over into the payment processing standards, creating additional confusion (for example if a customer was penalized for accidentally purchasing a non-qualifying item, it would undercut the potential savings advantages of the account). Therefore, using the card exclusively for qualifying purchases may be convenient for the customer, but it has nothing to do with how the card can actually be used. If the bank rejects a transaction, for instance, because it is not at a recognized drug store, then it would be causing harm and confusion to the cardholder. In the United States, not all medical service or supply stores are capable of providing the correct information so an FSA debit card issuer can honor every transaction-if rejected or documentation is not deemed enough to satisfy regulations, cardholders may have to send in forms manually.
A smart card, chip card, or integrated circuit card (ICC) is any pocket-sized card with embedded integrated circuits. Smart cards are made of plastic, generally polyvinyl chloride, but sometimes polyethylene terephthalate based polyesters, acrylonitrile butadiene styrene or polycarbonate.
Smart cards can provide identification][, authentication, data storage and application processing. Smart cards may provide strong security authentication for single sign-on (SSO) within large organizations.
In 1968 and 1969 German electrical engineers Helmut Gröttrup and Jürgen Dethloff jointly filed patents for the automated chip card (for details see page of Helmut Gröttrup). French inventor Roland Moreno patented the memory card concept in 1974. An important patent for smart cards with a microprocessor and memory as used today was filed by Jürgen Dethloff in 1976 and granted as USP 4105156 in 1978. In 1977, Michel Ugon from Honeywell Bull invented the first microprocessor smart card. In 1978, Bull patented the SPOM (self-programmable one-chip microcomputer) that defines the necessary architecture to program the chip. Three years later, Motorola used this patent in its "CP8". At that time, Bull had 1,200 patents related to smart cards. In 2001, Bull sold its CP8 division together with its patents to Schlumberger, who subsequently combined its own internal smart card department and CP8 to create Axalto. In 2006, Axalto and Gemplus, at the time the world's top two smart card manufacturers, merged and became Gemalto. In 2008 Dexa Systems spun off from Schlumberger and acquired Enterprise Security Services business, which included the smart card solutions division responsible for deploying the first large scale public key infrastructure (PKI) based smart card management systems.
The first mass use of the cards was as a telephone card for payment in French pay phones, starting in 1983.][
After the Télécarte, microchips were integrated into all French Carte Bleue debit cards in 1992. Customers inserted the card into the merchant's POS terminal, then typed the PIN, before the transaction was accepted. Only very limited transactions (such as paying small highway tolls) are processed without a PIN.
Smart-card-based "electronic purse" systems store funds on the card so that readers do not need network connectivity. They entered European service in the mid-1990s. They have been common in Germany (Geldkarte), Austria (Quick Wertkarte), Belgium (Proton), France (Moneo), the Netherlands (Chipknip Chipper (decommissioned in 2001)), Switzerland ("Cash"), Norway ("Mondex"), Sweden ("Cash", decommissioned in 2004), Finland ("Avant"), UK ("Mondex"), Denmark ("Danmønt") and Portugal ("Porta-moedas Multibanco").
Since the 1990s, smart-cards have been the SIMs used in European GSM mobile phone equipment. Mobile phones are widely used in Europe, so smart cards have become very common.
EMV-compliant cards and equipment are widespread except in a few countries such as the United States Typically, a country's national payment association, in coordination with MasterCard International, Visa International, American Express and JCB, jointly plan and implement EMV systems.
Historically, in 1993 several international payment companies agreed to develop smart-card specifications for debit and credit cards. The original brands were MasterCard, Visa, and Europay. The first version of the EMV system was released in 1994. In 1998 the specifications became stable.
EMVCo maintains these specifications. EMVco's purpose is to assure the various financial institutions and retailers that the specifications retain backward compatibility with the 1998 version. EMVco upgraded the specifications in 2000 and 2004.
Contactless smart cards do not require physical contact between a card and reader. They are becoming more popular for payment and ticketing. Typical uses include mass transit and motorway tolls. Visa and MasterCard implemented a version deployed in 2004–2006 in the USA. Most contactless fare collection systems are incompatible, though the MIFARE Standard card from NXP Semiconductors has a considerable market share in the US and Europe.
Smart cards are also being introduced for identification and entitlement by regional, national, and international organizations. These uses include citizen cards, drivers’ licenses, and patient cards. In Malaysia, the compulsory national ID MyKad enables eight applications and has 18 million users. Contactless smart cards are part of ICAO biometric passports to enhance security for international travel.
A smart card may have the following generic characteristics:
Contact smart cards have a contact area of approximately 1 square centimetre (0.16 sq in), comprising several gold-plated contact pads. These pads provide electrical connectivity when inserted into a reader, which is used as a communications medium between the smart card and a host (e.g., a computer, a point of sale terminal) or a mobile telephone. Cards do not contain batteries; power is supplied by the card reader.
The ISO/IEC 7810 and ISO/IEC 7816 series of standards define:
Because the chips in financial cards are the same as those used in subscriber identity modules (SIMs) in mobile phones, programmed differently and embedded in a different piece of PVC, chip manufacturers are building to the more demanding GSM/3G standards. So, for example, although the EMV standard allows a chip card to draw 50 mA from its terminal, cards are normally well below the telephone industry's 6 mA limit. This allows smaller and cheaper financial card terminals.
Communication protocols for contact smart cards include T=0 (character-level transmission protocol, defined in ISO/IEC 7816-3) and T=1 (block-level transmission protocol, defined in ISO/IEC 7816-3).
A second card type is the contactless smart card, in which the card communicates with and is powered by the reader through RF induction technology (at data rates of 106–848 kbit/s). These cards require only proximity to an antenna to communicate. Like smart cards with contacts, contactless cards do not have an internal power source. Instead, they use an inductor to capture some of the incident radio-frequency interrogation signal, rectify it, and use it to power the card's electronics.
APDU transmission via a contactless interface is defined in ISO/IEC 14443-4.
Dual-interface cards implement contactless and contact interfaces on a single card with some shared storage and processing. An example is Porto's multi-application transport card, called Andante, which uses a chip with both contact and contactless (ISO/IEC 14443 Type B) interfaces.
Smart cards serve as credit or ATM cards, fuel cards, mobile phone SIMs, authorization cards for pay television, household utility pre-payment cards, high-security identification and access-control cards, and public transport and public phone payment cards.
Smart cards may also be used as electronic wallets. The smart card chip can be "loaded" with funds to pay parking meters, vending machines or merchants. Cryptographic protocols protect the exchange of money between the smart card and the machine. No connection to the a bank is needed. The holder of the card may use it even if not the owner. Examples are Proton, Geldkarte, Chipknip and Moneo. The German Geldkarte is also used to validate customer age at vending machines for cigarettes.
These are the best known payment cards (classic plastic card):
Roll-outs started in 2005 in USA. Asia and Europe followed in 2006. Contactless (non PIN) transactions cover a payment range of ~$5–50. There is an ISO/IEC 14443 PayPass implementation. Some, but not all PayPass implementations conform to EMV.
Non-EMV cards work like magnetic stripe cards. This is common in the U.S. (PayPass Magstripe and VISA MSD). The cards do not hold or maintain the account balance. All payment passes without a PIN, usually in off-line mode. The security of such a transaction is no greater than with a magnetic stripe card transaction.
EMV cards can have either contact or contactless interfaces. They work as if they were a normal EMV card with a contact interface. Via the contactless interface they work somewhat differently, in that the card commands enabled improved features such as lower power and shorter transaction times.
Smart-cards can authenticate identity. Usually, they employ a public key infrastructure (PKI). The card stores an encrypted digital certificate issued from the PKI provider along with other relevant information. Examples include the U.S. Department of Defense (DoD) Common Access Card (CAC), and other cards used by other governments for their citizens. If they include biometric identification data, cards can provide superior two- or three-factor authentication.
Smart cards are not always privacy-enhancing, because the subject may carry incriminating information on the card. Contactless smart cards that can be read from within a wallet or even a garment simplify authentication; however, criminals may access data from these cards.
Cryptographic smart cards are often used for single sign-on. Most advanced smart cards include specialized cryptographic hardware that uses algorithms such as RSA and DSA. Today's cryptographic smart cards generate key pairs on board, to avoid the risk from having more than one copy of the key (since by design there usually isn't a way to extract private keys from a smart card). Such smart cards are mainly used for digital signatures and secure identification.
The most common way to access cryptographic smart card functions on a computer is to use a vendor-provided PKCS#11 library.][ On Microsoft Windows the CSP API is also supported.
The most widely used cryptographic algorithms in smart cards (excluding the GSM so-called "crypto algorithm") are Triple DES and RSA. The key set is usually loaded (DES) or generated (RSA) on the card at the personalization stage.
Some of these smart cards are also made to support the NIST standard for Personal Identity Verification, FIPS 201.
Turkey implemented the first smart card driver's license system in 1987. Turkey had a high level of road accidents and decided to develop and use digital tachograph devices on heavy vehicles, instead of the existing mechanical ones, to reduce speed violations. Since 1987, the professional driver's licenses in Turkey have been issued as smart cards. A professional driver is required to insert his driver's license into a digital tachograph before starting to drive. The tachograph unit records speed violations for each driver and gives a printed report. The driving hours for each driver are also being monitored and reported. In 1990 the European Union conducted a feasibility study through BEVAC Consulting Engineers, titled "Feasibility study with respect to a European electronic drivers license (based on a smart-card) on behalf of Directorate General VII". In this study, chapter seven describes Turkey's experience.
Argentina's Mendoza province began using smart card driver's licenses in 1995. Mendoza also had a high level of road accidents, driving offenses, and a poor record of recovering fines.][ Smart licenses hold up-to-date records of driving offenses and unpaid fines. They also store personal information, license type and number, and a photograph. Emergency medical information such as blood type, allergies, and biometrics (fingerprints) can be stored on the chip if the card holder wishes. The Argentina government anticipates that this system will help to collect more than $10 million per year in fines.
In 1999 Gujarat was the first Indian state to introduce a smart card license system. As of 2005, it has issued 5 million smart card driving licenses to its people.
In 2002, the Estonian government started to issue smart cards named ID Kaart as primary identification for citizens to replace the usual passport in domestic and EU use. As of 2010 about 1 million smart cards have been issued (total population is about 1.3 million) and they are widely used in internet banking, buying public transport tickets, authorization on various websites etc.
By the start of 2009 the entire population of Spain and Belgium will have an eID card that is used for identification. These cards contain two certificates: one for authentication and one for signature. This signature is legally enforceable. More and more services in these countries use eID for authorization.
After August 14, 2012, the ID card of Pakistan will be replaced. The Smart Card is a third generation chip-based identity document that is produced according to international standards and requirements. The card has over 36 physical security features and has the latest encryption codes. This smart card will also replace the NICOP (the ID card for overseas Pakistani).
Smart cards may identify emergency responders and their skills. Cards like these allow first responders to bypass organizational paperwork and focus more time on the emergency resolution. In 2004, The Smart Card Alliance expressed the needs: "to enhance security, increase government efficiency, reduce identity fraud, and protect personal privacy by establishing a mandatory, Government-wide standard for secure and reliable forms of identification". emergency response personnel can carry these cards to be positively identified in emergency situations. WidePoint Corporation, a smart card provider to FEMA, produces cards that contain additional personal information, such as medical records and skill sets.
In 2007, the Open Mobile Alliance (OMA) proposed a new standard defining V1.0 of the Smart Card Web Server (SCWS), an HTTP server embedded in a SIM card intended for a smartphone user. The non-profit trade association SIMalliance has been promoting the development and adoption of SCWS. SIMalliance states that SCWS offers end-users a familiar, OS-independent, browser-based interface to secure, personal SIM data. As of mid-2010, SIMalliance had not reported widespread industry acceptance of SCWS. The OMA has been maintaining the standard, approving V1.1 of the standard in May 2009, and V1.2 is expected to be approved in October 2012.
Smart cards and integrated ticketing are used by many public transit operators. Card users may also make small purchases using the cards. Some operators offer points for usage, exchanged at retailers or for other benefits. Examples include Hong Kong's Octopus Card, London's Oyster Card, Dublin's Leap card, Brussels' MoBIB, Québec's OPUS card and San Francisco's Clipper card. However, these present a privacy risk because they allow the mass transit operator (and the government) to track an individual's movement. In Finland, for example, the Data Protection Ombudsman prohibited the transport operator Helsinki Metropolitan Area Council (YTV) from collecting such information, despite YTV's argument that the card owner has the right to a list of trips paid with the card. Earlier, such information was used in the investigation of the Myyrmanni bombing.][
The UK's Department for Transport mandated smart cards to administer travel entitlements for elderly and disabled residents. These schemes let residents use the cards for more than just bus passes. They can also be used for taxi and other concessionary transport. One example is the "Smartcare go" scheme provided by Ecebs. The UK systems use the ITSO_Ltd specification.
Smart cards can be used as a security token.
The Mozilla Firefox web browser can use smart cards to store certificates for use in secure web browsing.
Some disk encryption systems, such as FreeOTFE, TrueCrypt and Microsoft Windows 7 BitLocker, can use smart cards to securely hold encryption keys, and also to add another layer of encryption to critical parts of the secured disk.
GnuPG, the well known encryption suite, also supports storing keys in a smartcard.
Smart cards are also used for single sign-on to log on to computers.
Smart card support functionality has been added to Windows Live passports.
Smart cards are being provided to students at schools and colleges. Uses include:
Smart health cards can improve the security and privacy of patient information, provide a secure carrier for portable medical records, reduce health care fraud, support new processes for portable medical records, provide secure access to emergency medical information, enable compliance with government initiatives (e.g., organ donation) and mandates, and provide the platform to implement other applications as needed by the health care organization.
Smart cards are widely used to protect digital television streams. VideoGuard is a specific example of how smart card security worked.
The Malaysian government uses smart identity cards carried by all citizens and resident non-citizens. The personal information inside the MYKAD card can be read using special APDU commands.
Since April 2009, Toppan Printing Company has manufactured reusable smart cards for money transfer and made from paper instead of plastic.
Smart cards have been advertised as suitable for personal identification tasks, because they are engineered to be tamper resistant. The chip usually implements some cryptographic algorithm. There are, however, several methods for recovering some of the algorithm's internal state.
Differential power analysis involves measuring the precise time and electrical current required for certain encryption or decryption operations. This can deduce the on-chip private key used by public key algorithms such as RSA. Some implementations of symmetric ciphers can be vulnerable to timing or power attacks as well.
Smart cards can be physically disassembled by using acid, abrasives, or some other technique to obtain unrestricted access to the on-board microprocessor. Although such techniques obviously involve a fairly high risk of permanent damage to the chip, they permit much more detailed information (e.g. photomicrographs of encryption hardware) to be extracted.
The benefits of smart cards are directly related to the volume of information and applications that are programmed for use on a card. A single contact/contactless smart card can be programmed with multiple banking credentials, medical entitlement, driver’s license/public transport entitlement, loyalty programs and club memberships to name just a few. Multi-factor and proximity authentication can and has been embedded into smart cards to increase the security of all services on the card. For example, a smart card can be programmed to only allow a contactless transaction if it is also within range of another device like a uniquely paired mobile phone. This can significantly increase the security of the smart card.
Governments and their local regional authorities gain a significant enhancement to the provision of publicly funded services through the increased security offered by smart cards. These savings are passed onto society through a reduction in the necessary funding or enhanced public services. There are many examples of the such schemes in the UK, many using a common open LASSeO specification.
Individuals gain increased security and convenience when using smart cards designed for interoperability between services. For example, consumers only need to replace one card if their wallet is lost or stolen. Additionally, the data storage available on a card could contain medical information that is critical in an emergency should the card holder allow access to this.
The plastic card in which the chip is embedded is fairly flexible, and the larger the chip, the higher the probability that normal use could damage it. Cards are often carried in wallets or pockets, a harsh environment for a chip. However, for large banking systems, failure-management costs can be more than offset by fraud reduction.][
If the account holder's computer hosts malware, the smart card security model may be broken. Malware can override the communication (both input via keyboard and output via application screen) between the user and the application. Man-in-the-browser malware (e.g. the trojan Silentbanker) could modify a transaction, unnoticed by the user. Banks like Fortis and Belfius in Belgium and Rabobank ("random reader") in the Netherlands combine a smart card with an unconnected card reader to avoid this problem. The customer enters a challenge received from the bank's website, a PIN and the transaction amount into the reader, The reader returns an 8-digit signature. This signature is manually entered into the personal computer and verified by the bank, preventing malware from changing the transaction amount.
Smart cards have also been the targets of a variety of attacks capable of compromising built-in security features. These attacks vary from invasive attacks requiring extensive physical manipulation, up to the point of destruction, of the card's electronics, to non-invasive attacks that exploit weaknesses in the card's design to expose private keys and read and manipulate secure data. Once an attacker develops a non-invasive attack for a particular smart card model, he is typically able to perform the attack on other cards of that model in seconds, often using equipment that can be disguised as a normal smart card reader. While manufactures may develop new card models with additional security, it may be costly and/or logistically complex for users to upgrade existing vulnerable systems. Tamper-evident and audit features in a smart card deployment may mitigate some of the risks of compromised cards.
Another problem is the lack of standards for functionality and security. To address this problem, The Berlin Group launched the ERIDANE Project to propose "a new functional and security framework for smart-card based Point of Interaction (POI) equipment".
A credit card is a payment card issued to users as a system of payment. It allows the cardholder to pay for goods and services based on the holder's promise to pay for them. The issuer of the card creates a revolving account and grants a line of credit to the consumer (or the user) from which the user can borrow money for payment to a merchant or as a cash advance to the user.
A credit card is different from a charge card: a charge card requires the balance to be paid in full each month. In contrast, credit cards allow the consumers a continuing balance of debt, subject to interest being charged. A credit card also differs from a cash card, which can be used like currency by the owner of the card. A credit card differs from a charge card also in that a credit card typically involves a third-party entity that pays the seller and is reimbursed by the buyer, whereas a charge card simply defers payment by the buyer until a later date.
The size of most credit cards is × in (85.60 × 53.98 mm), conforming to the ISO/IEC 7810 ID-1 standard. Credit cards have an embossed bank card number complying with the ISO/IEC 7812 numbering standard.
The concept of using a card for purchases was described in 1887 by Edward Bellamy in his utopian novel Looking Backward. Bellamy used the term credit card eleven times in this novel, although this referred to a card for spending a citizen's dividend rather than borrowing.
The modern credit card was the successor of a variety of merchant credit schemes. It was first used in the 1940s, in the United States, specifically to sell fuel to a growing number of automobile owners. In 1938 several companies started to accept each other's cards. Western Union had begun issuing charge cards to its frequent customers in 1921. Some charge cards were printed on paper card stock, but were easily counterfeited.
The Charga-Plate, developed in 1928, was an early predecessor to the credit card and used in the U.S. from the 1930s to the late 1950s. It was a 2½ in × 1¼ in rectangle of sheet metal related to Addressograph and military dog tag systems. It was embossed with the customer's name, city and state. It held a small paper card for a signature. In recording a purchase, the plate was laid into a recess in the imprinter, with a paper "charge slip" positioned on top of it. The record of the transaction included an impression of the embossed information, made by the imprinter pressing an inked ribbon against the charge slip. Charga-Plate was a trademark of Farrington Manufacturing Co. Charga-Plates were issued by large-scale merchants to their regular customers, much like department store credit cards of today. In some cases, the plates were kept in the issuing store rather than held by customers. When an authorized user made a purchase, a clerk retrieved the plate from the store's files and then processed the purchase. Charga-Plates speeded back-office bookkeeping that was done manually in paper ledgers in each store, before computers.
In 1934, American Airlines and the Air Transport Association simplified the process even more with the advent of the Air Travel Card. They created a numbering scheme that identified the issuer of card as well as the customer account. This is the reason the modern UATP cards still start with the number 1. With an Air Travel Card, passengers could "buy now, and pay later" for a ticket against their credit and receive a fifteen percent discount at any of the accepting airlines. By the 1940s, all of the major domestic airlines offered Air Travel Cards that could be used on 17 different airlines. By 1941 about half of the airlines' revenues came through the Air Travel Card agreement. The airlines had also started offering installment plans to lure new travelers into the air. In October 1948, the Air Travel Card became the first inter-nationally valid charge card within all members of the International Air Transport Association.
The concept of customers paying different merchants using the same card was expanded in 1950 by Ralph Schneider and Frank McNamara, founders of Diners Club, to consolidate multiple cards. The Diners Club, which was created partially through a merger with Dine and Sign, produced the first "general purpose" charge card, and required the entire bill to be paid with each statement. That was followed by Carte Blanche and in 1958 by American Express which created a worldwide credit card network (although these were initially charge cards that acquired credit card features after BankAmericard demonstrated the feasibility of the concept).
However, until 1958, no one had been able to create a working revolving credit financial instrument issued by a third-party bank that was generally accepted by a large number of merchants (as opposed to merchant-issued revolving cards accepted by only a few merchants). A dozen experiments by small American banks had been attempted (and had failed). In September 1958, Bank of America launched the BankAmericard in Fresno, California. BankAmericard became the first successful recognizably modern credit card (although it underwent a troubled gestation during which its creator resigned), and with its overseas affiliates, eventually evolved into the Visa system. In 1966, the ancestor of MasterCard was born when a group of banks established Master Charge to compete with BankAmericard; it received a significant boost when Citibank merged its proprietary Everything Card (launched in 1967) into Master Charge in 1969.
Early credit cards in the U.S., of which BankAmericard was the most prominent example, were mass-produced and mass mailed unsolicited to bank customers who were thought to be good credit risks. But, "They have been mailed off to unemployables, drunks, narcotics addicts and to compulsive debtors, a process President Johnson's Special Assistant Betty Furness found very like 'giving sugar to diabetics'." These mass mailings were known as "drops" in banking terminology, and were outlawed in 1970 due to the financial chaos they caused, but not before 100 million credit cards had been dropped into the U.S. population. After 1970, only credit card applications could be sent unsolicited in mass mailings.
The fractured nature of the U.S. banking system under the Glass–Steagall Act meant that credit cards became an effective way for those who were traveling around the country to move their credit to places where they could not directly use their banking facilities. In 1966 Barclaycard in the UK launched the first credit card outside of the U.S.
There are now countless variations on the basic concept of revolving credit for individuals (as issued by banks and honored by a network of financial institutions), including organization-branded credit cards, corporate-user credit cards, store cards and so on.
Although credit cards reached very high adoption levels in the US, Canada and the UK in the mid twentieth century, many cultures were more cash-oriented, or developed alternative forms of cash-less payments, such as Carte bleue or the Eurocard (Germany, France, Switzerland, and others). In these places, adoption of credit cards was initially much slower. It took until the 1990s to reach anything like the percentage market-penetration levels achieved in the US, Canada, or UK. In some countries, acceptance still remains poor as the use of a credit card system depends on the banking system being perceived as reliable. Japan remains a very cash oriented society, with credit card adoption being limited to only the largest of merchants, although an alternative system based on RFIDs inside cellphones has seen some acceptance. Because of strict regulations regarding banking system overdrafts, some countries, France in particular, were much faster to develop and adopt chip-based credit cards which are now seen as major anti-fraud credit devices. Debit cards and online banking are used more widely than credit cards in some countries.
The design of the credit card itself has become a major selling point in recent years. The value of the card to the issuer is often related to the customer's usage of the card, or to the customer's financial worth. This has led to the rise of Co-Brand and Affinity cards, where the card design is related to the "affinity" (a university or professional society, for example) leading to higher card usage. In most cases a percentage of the value of the card is returned to the affinity group.
A growing field of numismatics (study of money), or more specifically exonumia (study of money-like objects), credit card collectors seek to collect various embodiments of credit from the now familiar plastic cards to older paper merchant cards, and even metal tokens that were accepted as merchant credit cards. Early credit cards were made of celluloid plastic, then metal and fiber, then paper, and are now mostly polyvinyl chloride (PVC) plastic.
Credit cards are issued by a credit card issuer, such as a bank or credit union, after an account has been approved by the credit provider, after which cardholders can use it to make purchases at merchants accepting that card. Merchants often advertise which cards they accept by displaying acceptance marks – generally derived from logos – or may communicate this orally, as in "We take (brands X, Y, and Z)" or "We don't take credit cards".
When a purchase is made, the credit card user agrees to pay the card issuer. The cardholder indicates consent to pay by signing a receipt with a record of the card details and indicating the amount to be paid or by entering a personal identification number (PIN). Also, many merchants now accept verbal authorizations via telephone and electronic authorization using the Internet, known as a card not present transaction (CNP).
Electronic verification systems allow merchants to verify in a few seconds that the card is valid and the credit card customer has sufficient credit to cover the purchase, allowing the verification to happen at time of purchase. The verification is performed using a credit card payment terminal or point-of-sale (POS) system with a communications link to the merchant's acquiring bank. Data from the card is obtained from a magnetic stripe or chip on the card; the latter system is called Chip and PIN in the United Kingdom and Ireland, and is implemented as an EMV card.
For card not present transactions where the card is not shown (e.g., e-commerce, mail order, and telephone sales), merchants additionally verify that the customer is in physical possession of the card and is the authorized user by asking for additional information such as the security code printed on the back of the card, date of expiry, and billing address.
Each month, the credit card user is sent a statement indicating the purchases undertaken with the card, any outstanding fees, and the total amount owed. In the US, after receiving the statement, the cardholder may dispute any charges that he or she thinks are incorrect (see 15 U.S.C. § 1643, which limits cardholder liability for unauthorized use of a credit card to $50). The Fair Credit Billing Act gives details of the US regulations. The cardholder must pay a defined minimum portion of the amount owed by a due date, or may choose to pay a higher amount up to the entire amount owed which may be greater than the amount billed. The credit issuer charges interest on the unpaid balance if the billed amount is not paid in full (typically at a much higher rate than most other forms of debt). In addition, if the credit card user fails to make at least the minimum payment by the due date, the issuer may impose a "late fee" and/or other penalties on the user. To help mitigate this, some financial institutions can arrange for automatic payments to be deducted from the user's bank accounts, thus avoiding such penalties altogether as long as the cardholder has sufficient funds.
Many banks now also offer the option of electronic statements, either in lieu of or in addition to physical statements, which can be viewed at any time by the cardholder via the issuer's online banking website. Notification of the availability of a new statement is generally sent to the cardholder's email address. If the card issuer has chosen to allow it, the cardholder may have other options for payment besides a physical check, such as an electronic transfer of funds from a checking account. Depending on the issuer, the cardholder may also be able to make multiple payments during a single statement period, possibly enabling him or her to utilize the credit limit on the card several times over.
Credit card advertising regulations in the US include the Schumer box disclosure requirements. A large fraction of junk mail consists of credit card offers created from lists provided by the major credit reporting agencies. In the United States, the three major US credit bureaus (Equifax, TransUnion and Experian) allow consumers to opt out from related credit card solicitation offers via its Opt Out Pre Screen program.
Credit card issuers usually waive interest charges if the balance is paid in full each month, but typically will charge full interest on the entire outstanding balance from the date of each purchase if the total balance is not paid.
For example, if a user had a $1,000 transaction and repaid it in full within this grace period, there would be no interest charged. If, however, even $1.00 of the total amount remained unpaid, interest would be charged on the $1,000 from the date of purchase until the payment is received. The precise manner in which interest is charged is usually detailed in a cardholder agreement which may be summarized on the back of the monthly statement. The general calculation formula most financial institutions use to determine the amount of interest to be charged is APR/100 x ADB/365 x number of days revolved. Take the annual percentage rate (APR) and divide by 100 then multiply to the amount of the average daily balance (ADB) divided by 365 and then take this total and multiply by the total number of days the amount revolved before payment was made on the account. Financial institutions refer to interest charged back to the original time of the transaction and up to the time a payment was made, if not in full, as RRFC or residual retail finance charge. Thus after an amount has revolved and a payment has been made, the user of the card will still receive interest charges on their statement after paying the next statement in full (in fact the statement may only have a charge for interest that collected up until the date the full balance was paid, i.e. when the balance stopped revolving).
The credit card may simply serve as a form of revolving credit, or it may become a complicated financial instrument with multiple balance segments each at a different interest rate, possibly with a single umbrella credit limit, or with separate credit limits applicable to the various balance segments. Usually this compartmentalization is the result of special incentive offers from the issuing bank, to encourage balance transfers from cards of other issuers. In the event that several interest rates apply to various balance segments, payment allocation is generally at the discretion of the issuing bank, and payments will therefore usually be allocated towards the lowest rate balances until paid in full before any money is paid towards higher rate balances. Interest rates can vary considerably from card to card, and the interest rate on a particular card may jump dramatically if the card user is late with a payment on that card or any other credit instrument, or even if the issuing bank decides to raise its revenue.
The main benefit to each customer is convenience. Compared to debit cards and checks, a credit card allows small short-term loans to be quickly made to a customer who need not calculate a balance remaining before every transaction, provided the total charges do not exceed the maximum credit line for the card.
Different countries offer different levels of protection. In the UK, for example, the bank is jointly liable with the merchant for purchases of defective products over £100.
Many credit cards offer rewards and benefits packages, such as enhanced product warranties at no cost, free loss/damage coverage on new purchases, various insurance protections, for example, rental car insurance, common carrier accident protection, and travel medical insurance. Credit cards can also offer reward points which may be redeemed for cash, products, or airline tickets. Research has examined whether competition among card networks may potentially make payment rewards too generous, causing higher prices among merchants, thus actually deteriorating social welfare and its distribution, a situation potentially warranting public policy interventions.
Low introductory credit card rates are limited to a fixed term, usually between 6 and 12 months, after which a higher rate is charged. As all credit cards charge fees and interest, some customers become so indebted to their credit card provider that they are driven to bankruptcy. Some credit cards often levy a rate of 20 to 30 percent after a payment is missed. In other cases a fixed charge is levied without change to the interest rate. In some cases universal default may apply: the high default rate is applied to a card in good standing by missing a payment on an unrelated account from the same provider. This can lead to a snowball effect in which the consumer is drowned by unexpectedly high interest rates. Further, most card holder agreements enable the issuer to arbitrarily raise the interest rate for any reason they see fit. First Premier Bank at one point offered a credit card with a 79.9% interest rate, however they discontinued this card February 2011 because of persistent defaults.
Complex fee structures in the credit card industry limit customers' ability to comparison shop, help ensure that the industry is not price-competitive and help maximize industry profits.
Merchants that accept credit cards must pay interchange fees and discount fees on all credit-card transactions. In some cases merchants are barred by their credit agreements from passing these fees directly to credit card customers, or from setting a minimum transaction amount (no longer prohibited in the United States). The result is that merchants may charge all customers (including those who do not use credit cards) higher prices to cover the fees on credit card transactions. In the United States in 2008 credit card companies collected a total of $48 billion in interchange fees, or an average of $427 per family, with an average fee rate of about 2% per transaction. Research shows that a substantial fraction of consumers (about 40 percent) choose a sub-optimal credit card agreement, with some incurring hundreds of dollars of avoidable interest costs.
Several studies have shown that consumers are likely to spend more money when they pay by credit card. Researchers suggest that when people pay using credit cards, they do not experience the abstract pain of payment. Furthermore, researchers have found that using credit cards can increase consumption of unhealthy food.
A credit card's grace period is the time the customer has to pay the balance before interest is assessed on the outstanding balance. Grace periods may vary, but usually range from 20 to 55 days depending on the type of credit card and the issuing bank. Some policies allow for reinstatement after certain conditions are met.
Usually, if a customer is late paying the balance, finance charges will be calculated and the grace period does not apply. Finance charges incurred depend on the grace period and balance; with most credit cards there is no grace period if there is any outstanding balance from the previous billing cycle or statement (i.e. interest is applied on both the previous balance and new transactions). However, there are some credit cards that will only apply finance charge on the previous or old balance, excluding new transactions.
For merchants, a credit card transaction is often more secure than other forms of payment, such as cheques, because the issuing bank commits to pay the merchant the moment the transaction is authorized, regardless of whether the consumer defaults on the credit card payment (except for legitimate disputes, which are discussed below, and can result in charges back to the merchant). In most cases, cards are even more secure than cash, because they discourage theft by the merchant's employees and reduce the amount of cash on the premises. Finally, credit cards reduce the back office expense of processing checks/cash and transporting them to the bank.
Prior to credit cards, each merchant had to evaluate each customer's credit history before extending credit. That task is now performed by the banks which assume the credit risk. Credit cards can also aid in securing a sale, especially if the customer does not have enough cash on his or her person or checking account. Extra turnover is generated by the fact that the customer can purchase goods and/or services immediately and is less inhibited by the amount of cash in his or her pocket and the immediate state of his or her bank balance. Much of merchants' marketing is based on this immediacy.
For each purchase, the bank charges the merchant a commission (discount fee) for this service and there may be a certain delay before the agreed payment is received by the merchant. The commission is often a percentage of the transaction amount, plus a fixed fee (interchange rate).
Merchants are charged several fees for accepting credit cards. The merchant is usually charged a commission of around 1 to 4 percent of the value of each transaction paid for by credit card. The merchant may also pay a variable charge, called an interchange rate, for each transaction. In some instances of very low-value transactions, use of credit cards will significantly reduce the profit margin or cause the merchant to lose money on the transaction. Merchants with very low average transaction prices or very high average transaction prices are more averse to accepting credit cards. In some cases merchants may charge users a "credit card supplement", either a fixed amount or a percentage, for payment by credit card. This practice is prohibited by most credit card contracts in the United States, and is actually illegal in 10 states, although the contracts allow the merchants to give discounts for cash payment.
Merchants are also required to lease processing terminals, meaning merchants with low sales volumes may have to commit to long lease terms. For some terminals, merchants may also need to subscribe to a separate telephone line. Merchants must also satisfy data security compliance standards which are highly technical and complicated. In many cases, there is a delay of several days before funds are deposited into a merchant's bank account. Because credit card fee structures are very complicated, smaller merchants are at a disadvantage to analyze and predict fees.
Finally, merchants assume the risk of chargebacks by consumers.
The flow of information and money between these parties — always through the card associations — is known as the interchange, and it consists of a few steps.
A secured credit card is a type of credit card secured by a deposit account owned by the cardholder. Typically, the cardholder must deposit between 100% and 200% of the total amount of credit desired. Thus if the cardholder puts down $1000, they will be given credit in the range of $500–$1000. In some cases, credit card issuers will offer incentives even on their secured card portfolios. In these cases, the deposit required may be significantly less than the required credit limit, and can be as low as 10% of the desired credit limit. This deposit is held in a special savings account. Credit card issuers offer this because they have noticed that delinquencies were notably reduced when the customer perceives something to lose if the balance is not repaid.
The cardholder of a secured credit card is still expected to make regular payments, as with a regular credit card, but should they default on a payment, the card issuer has the option of recovering the cost of the purchases paid to the merchants out of the deposit. The advantage of the secured card for an individual with negative or no credit history is that most companies report regularly to the major credit bureaus. This allows building a positive credit history.
Although the deposit is in the hands of the credit card issuer as security in the event of default by the consumer, the deposit will not be debited simply for missing one or two payments. Usually the deposit is only used as an offset when the account is closed, either at the request of the customer or due to severe delinquency (150 to 180 days). This means that an account which is less than 150 days delinquent will continue to accrue interest and fees, and could result in a balance which is much higher than the actual credit limit on the card. In these cases the total debt may far exceed the original deposit and the cardholder not only forfeits their deposit but is left with an additional debt.
Most of these conditions are usually described in a cardholder agreement which the cardholder signs when their account is opened.
Secured credit cards are an option to allow a person with a poor credit history or no credit history to have a credit card which might not otherwise be available. They are often offered as a means of rebuilding one's credit. Fees and service charges for secured credit cards often exceed those charged for ordinary non-secured credit cards, however, for people in certain situations, (for example, after charging off on other credit cards, or people with a long history of delinquency on various forms of debt), secured cards are almost always more expensive than unsecured credit cards.
Sometimes a credit card will be secured by the equity in the borrower's home.
A prepaid credit card is not a true credit card, since no credit is offered by the card issuer: the card-holder spends money which has been "stored" via a prior deposit by the card-holder or someone else, such as a parent or employer. However, it carries a credit-card brand (such as Discover, Visa, MasterCard, American Express, or JCB etc.) and can be used in similar ways just as though it were a regular credit card. Unlike debit cards, prepaid credit cards generally do not require a PIN. An exception are prepaid credit cards with an EMV chip. These cards do require a PIN if the payment is processed via Chip and PIN technology.
After purchasing the card, the cardholder loads the account with any amount of money, up to the predetermined card limit and then uses the card to make purchases the same way as a typical credit card. Prepaid cards can be issued to minors (above 13) since there is no credit line involved. The main advantage over secured credit cards (see above section) is that the cardholder is not required to come up with $500 or more to open an account. With prepaid credit cards purchasers are not charged any interest but are often charged a purchasing fee plus monthly fees after an arbitrary time period. Many other fees also usually apply to a prepaid card.
Prepaid credit cards are sometimes marketed to teenagers for shopping online without having their parents complete the transaction.
Prepaid cards can be utilized globally. The prepaid card is convenient for payees in developing countries like Brazil, Russia, India and China, where international wire transfers and bank checks are time consuming, complicated and costly.][
Because of the many fees that apply to obtaining and using credit-card-branded prepaid cards, the Financial Consumer Agency of Canada describes them as "an expensive way to spend your own money" The agency publishes a booklet entitled Pre-paid Cards which explains the advantages and disadvantages of this type of prepaid card.#Further Readingsee
As well as convenient, accessible credit, credit cards offer consumers an easy way to track expenses, which is necessary for both monitoring personal expenditures and the tracking of work-related expenses for taxation and reimbursement purposes. Credit cards are accepted worldwide, and are available with a large variety of credit limits, repayment arrangement, and other perks (such as insurance protection, rewards schemes in which points earned by purchasing goods with the card can be redeemed for further goods and services or cashback).
Some countries, such as the United States, the United Kingdom, and France, limit the amount for which a consumer can be held liable due to fraudulent transactions as a result of a consumer's credit card being lost or stolen.
Credit card security relies on the physical security of the plastic card as well as the privacy of the credit card number. Therefore, whenever a person other than the card owner has access to the card or its number, security is potentially compromised. Once, merchants would often accept credit card numbers without additional verification for mail order purchases. It's now common practice to only ship to confirmed addresses as a security measure to minimise fraudulent purchases. Some merchants will accept a credit card number for in-store purchases, whereupon access to the number allows easy fraud, but many require the card itself to be present, and require a signature. A lost or stolen card can be cancelled, and if this is done quickly, will greatly limit the fraud that can take place in this way. European banks can require a cardholder's security PIN be entered for in-person purchases with the card.
The PCI DSS is the security standard issued by The PCI SSC (Payment Card Industry Security Standards Council). This data security standard is used by acquiring banks to impose cardholder data security measures upon their merchants.
The goal of the credit card companies is not to eliminate fraud, but to "reduce it to manageable levels". This implies that high-cost low-return fraud prevention measures will not be used if their cost exceeds the potential gains from fraud reduction – as would be expected from organisations whose goal is profit maximisation.
Internet fraud may be by claiming a chargeback which is not justified ("friendly fraud"), or carried out by the use of credit card information which can be stolen in many ways, the simplest being copying information from retailers, either online or offline. Despite efforts to improve security for remote purchases using credit cards, security breaches are usually the result of poor practice by merchants. For example, a website that safely uses SSL to encrypt card data from a client may then email the data, unencrypted, from the webserver to the merchant; or the merchant may store unencrypted details in a way that allows them to be accessed over the Internet or by a rogue employee; unencrypted card details are always a security risk. Even encryption data may be cracked.
Controlled Payment Numbers which are used by various banks such as Citibank (Virtual Account Numbers), Discover (Secure Online Account Numbers, Bank of America (Shop Safe), 5 banks using eCarte Bleue and CMB's Virtualis in France, and Swedbank of Sweden's eKort product are another option for protecting against credit card fraud. These are generally one-time use numbers that front one's actual account (debit/credit) number, and are generated as one shops on-line. They can be valid for a relatively short time, for the actual amount of the purchase, or for a price limit set by the user. Their use can be limited to one merchant. If the number given to the merchant is compromised, it will be rejected if an attempt is made to use it again.
A similar system of controls can be used on physical cards. Technology provides the option for banks to support many other controls too that can be turned on and off and varied by the credit card owner in real time as circumstances change (i.e., they can change temporal, numerical, geographical and many other parameters on their primary and subsidiary cards). Apart from the obvious benefits of such controls: from a security perspective this means that a customer can have a Chip and PIN card secured for the real world, and limited for use in the home country. In this eventuality a thief stealing the details will be prevented from using these overseas in non chip and pin EMV countries. Similarly the real card can be restricted from use on-line so that stolen details will be declined if this tried. Then when card users shop online they can use virtual account numbers. In both circumstances an alert system can be built in notifying a user that a fraudulent attempt has been made which breaches their parameters, and can provide data on this in real time. This is the optimal method of security for credit cards, as it provides very high levels of security, control and awareness in the real and virtual world.
Additionally, there are security features present on the physical card itself in order to prevent counterfeiting. For example, most modern credit cards have a watermark that will fluoresce under ultraviolet light. Most major credit cards have a hologram. A Visa card has a letter V superimposed over the regular Visa logo and a MasterCard has the letters MC across the front of the card. Older Visa cards have a bald eagle or dove across the front. In the aforementioned cases, the security features are only visible under ultraviolet light and are invisible in normal light.
The United States Secret Service, Federal Bureau of Investigation, and U.S. Postal Inspection Service are responsible for prosecuting criminals who engage in credit card fraud in the United States,][ but they do not have the resources to pursue all criminals. In general, federal officials only prosecute cases exceeding US$5,000. Three improvements to card security have been introduced to the more common credit card networks but none has proven to help reduce credit card fraud so far. First, the on-line verification system used by merchants is being enhanced to require a 4 digit Personal Identification Number (PIN) known only to the card holder. Second, the cards themselves are being replaced with similar-looking tamper-resistant smart cards which are intended to make forgery more difficult. The majority of smart card (IC card) based credit cards comply with the EMV (Europay MasterCard Visa) standard. Third, an additional 3 or 4 digit Card Security Code (CSC) is now present on the back of most cards, for use in card not present transactions. Stakeholders at all levels in electronic payment have recognized the need to develop consistent global standards for security that account for and integrate both current and emerging security technologies. They have begun to address these needs through organizations such as PCI DSS and the Secure POS Vendor Alliance.
Code 10 calls are made when merchants are suspicious about accepting a credit card.
The operator then asks the merchant a series of YES or NO questions to find out whether the merchant is suspicious of the card or the cardholder. The merchant may be asked to retain the card if it is safe to do so. The merchant may receive a reward for returning a confiscated card to the issuing bank, especially if an arrest is made.
In recent times, credit card portfolios have been very profitable for banks, largely due to the booming economy of the late nineties. However, in the case of credit cards, such high returns go hand in hand with risk, since the business is essentially one of making unsecured (uncollateralized) loans, and thus dependent on borrowers not to default in large numbers.
Credit card issuers (banks) have several types of costs:
Banks generally borrow the money they then lend to their customers. As they receive very low-interest loans from other firms, they may borrow as much as their customers require, while lending their capital to other borrowers at higher rates. If the card issuer charges 15% on money lent to users, and it costs 5% to borrow the money to lend, and the balance sits with the cardholder for a year, the issuer earns 10% on the loan. This 10% difference is the "net interest spread" and the 5% is the "interest expense".
This is the cost of running the credit card portfolio, including everything from paying the executives who run the company to printing the plastics, to mailing the statements, to running the computers that keep track of every cardholder's balance, to taking the many phone calls which cardholders place to their issuer, to protecting the customers from fraud rings. Depending on the issuer, marketing programs are also a significant portion of expenses.
When a consumer becomes severely delinquent on a debt (often at the point of six months without payment), the creditor may declare the debt to be a charge-off. It will then be listed as such on the debtor's credit bureau reports (Equifax, for instance, lists "R9" in the "status" column to denote a charge-off.)
A charge-off is considered to be "written off as uncollectable." To banks, bad debts and even fraud are simply part of the cost of doing business.
However, the debt is still legally valid, and the creditor can attempt to collect the full amount for the time periods permitted under state law, which is usually 3 to 7 years. This includes contacts from internal collections staff, or more likely, an outside collection agency. If the amount is large (generally over $1500–$2000), there is the possibility of a lawsuit or arbitration.
Many credit card customers receive rewards, such as frequent flyer points, gift certificates, or cash back as an incentive to use the card. Rewards are generally tied to purchasing an item or service on the card, which may or may not include balance transfers, cash advances, or other special uses. Depending on the type of card, rewards will generally cost the issuer between 0.25% and 2.0% of the spread. Networks such as Visa or MasterCard have increased their fees to allow issuers to fund their rewards system. Some issuers discourage redemption by forcing the cardholder to call customer service for rewards. On their servicing website, redeeming awards is usually a feature that is very well hidden by the issuers.][ With a fractured and competitive environment, rewards points cut dramatically into an issuer's bottom line, and rewards points and related incentives must be carefully managed to ensure a profitable portfolio. Unlike unused gift cards, in whose case the breakage in certain US states goes to the state's treasury, unredeemed credit card points are retained by the issuer.
In relative numbers the values lost in bank card fraud are minor, calculated in 2006 at 7 cents per 100 dollars worth of transactions (7 basis points). In 2004, in the UK, the cost of fraud was over £500 million. When a card is stolen, or an unauthorized duplicate made, most card issuers will refund some or all of the charges that the customer has received for things they did not buy. These refunds will, in some cases, be at the expense of the merchant, especially in mail order cases where the merchant cannot claim sight of the card. In several countries, merchants will lose the money if no ID card was asked for, therefore merchants usually require ID card in these countries. Credit card companies generally guarantee the merchant will be paid on legitimate transactions regardless of whether the consumer pays their credit card bill. Most banking services have their own credit card services that handle fraud cases and monitor for any possible attempt at fraud. Employees that are specialized in doing fraud monitoring and investigation are often placed in Risk Management, Fraud and Authorization, or Cards and Unsecured Business. Fraud monitoring emphasizes minimizing fraud losses while making an attempt to track down those responsible and contain the situation. Credit card fraud is a major white collar crime that has been around for many decades, even with the advent of the chip based card (EMV) that was put into practice in some countries to prevent cases such as these. Even with the implementation of such measures, credit card fraud continues to be a problem.
Offsetting the costs are the following revenues:
In addition to fees paid by the card holder, merchants must also pay interchange fees to the card-issuing bank and the card association. For a typical credit card issuer, interchange fee revenues may represent about a quarter of total revenues.
These fees are typically from 1 to 6 percent of each sale, but will vary not only from merchant to merchant (large merchants can negotiate lower rates), but also from card to card, with business cards and rewards cards generally costing the merchants more to process. The interchange fee that applies to a particular transaction is also affected by many other variables including: the type of merchant, the merchant's total card sales volume, the merchant's average transaction amount, whether the cards were physically present, how the information required for the transaction was received, the specific type of card, when the transaction was settled, and the authorized and settled transaction amounts. In some cases, merchants add a surcharge to the credit cards to cover the interchange fee, encouraging their customers to instead use cash, debit cards, or even cheques.
Interest charges vary widely from card issuer to card issuer. Often, there are "teaser" rates in effect for initial periods of time (as low as zero percent for, say, six months), whereas regular rates can be as high as 40 percent. In the U.S. there is no federal limit on the interest or late fees credit card issuers can charge; the interest rates are set by the states, with some states such as South Dakota, having no ceiling on interest rates and fees, inviting some banks to establish their credit card operations there. Other states, for example Delaware, have very weak usury laws. The teaser rate no longer applies if the customer doesn't pay their bills on time, and is replaced by a penalty interest rate (for example, 23.99%) that applies retroactively.
The major fees are for:
Consumers who keep their account in good order by always staying within their credit limit, and always making at least the minimum monthly payment will see interest as the biggest expense from their card provider. Those who are not so careful and regularly surpass their credit limit or are late in making payments are exposed to multiple charges that were typically as high as £25 – £35 until a ruling from the Office of Fair Trading that they would presume charges over £12 to be unfair which led the majority of card providers to reduce their fees to £12.
The Credit CARD Protection Act of 2009, that was signed into law by President Obama, requires that consumers "opt-in" to over-limit charges. Some card issuers have therefore commenced solicitations requesting customers to opt into overlimit fees, presenting this as a benefit as it may avoid the possibility of a future transaction being declined. Other issuers have simply discontinued the practice of charging overlimit fees. Whether a customer opts into the overlimit fee or not, banks will in practice have discretion as to whether they choose to authorize transactions above the credit limit or not. Of course, any approved over limit transactions will only result in an overlimit fee for those customers who have opted into the fee. This legislation took effect on February 22, 2010.
The higher level of fees originally charged were claimed to be designed to recoup the costs of the card operator's overall business and to ensure that the credit card business as a whole generated a profit, rather than simply recovering the cost to the provider of the limit breach which has been estimated as typically between £3-£4. Profiting from a customer's mistakes is arguably not permitted under UK common law, if the charges constitute penalties for breach of contract, or under the Unfair Terms In Consumer Regulations 1999.
Subsequent rulings in respect of personal current accounts suggest that the argument that these charges are penalties for breach of contract is weak, and given the OFT's ruling it seems unlikely that any further test case will take place.
Whilst the law remains in the balance, many consumers have made claims against their credit cards providers for the charges that they have incurred, plus interest that they would have earned had the money not been deducted from their account. It is likely that claims for amounts charged in excess of £12 will succeed, but claims for charges at the OFT's £12 threshold level are more contentious.
The Government of Canada maintains a database of the fees, features, interest rates and reward programs of nearly 200 credit cards available in Canada. This database is updated on a quarterly basis with information supplied by the credit card issuing companies. Information in the database is published every quarter on the website of the Financial Consumer Agency of Canada (FCAC).
Information in the database is published in two formats. It is available in PDF comparison tables that break down the information according to type of credit card, allowing the reader to compare the features of, for example, all the student credit cards in the database.
The database also feeds into an interactive tool on the FCAC website. The interactive tool uses several interview-type questions to build a profile of the user's credit card usage habits and needs, eliminating unsuitable choices based on the profile, so that the user is presented with a small number of credit cards and the ability to carry out detailed comparisons of features, reward programs, interest rates, etc.
Credit card debt has increased steadily. Since the late 1990s, lawmakers, consumer advocacy groups, college officials and other higher education affiliates have become increasingly concerned about the rising use of credit cards among college students. The major credit card companies have been accused of targeting a younger audience, in particular college students, many of whom are already in debt with college tuition fees and college loans and who typically are less experienced at managing their own finances. Credit card debt may also negatively affect their grades as they are likely to work more both part and full-time positions.
Another controversial area is the universal default feature of many North American credit card contracts. When a cardholder is late paying a particular credit card issuer, that card's interest rate can be raised, often considerably. With universal default, a customer's other credit cards, for which the customer may be current on payments, may also have their rates and/or credit limit changed. The universal default feature allows creditors to periodically check cardholders' credit portfolios to view trade, allowing these other institutions to decrease the credit limit and/or increase rates on cardholders who may be late with another credit card issuer. Being late on one credit card will potentially affect all the cardholder's credit cards. Citibank voluntarily stopped this practice in March 2007 and Chase stopped the practice in November 2007. The fact that credit card companies can change the interest rate on debts that were incurred when a different rate of interest was in place is similar to adjustable rate mortgages where interest rates on current debt may rise. However, in both cases this is agreed to in advance, and is a trade off that allows a lower initial rate as well as the possibility of an even lower rate (mortgages, if interest rates fall) or perpetually keeping a below-market rate (credit cards, if the user makes their debt payments on time). It should be noted that the Universal Default practice was actually encouraged by Federal Regulators, particularly those at the Office of the Comptroller of the Currency (OCC) as a means of managing the changing risk profiles of cardholders.
Another controversial area is the trailing interest issue. Trailing interest is the practice of charging interest on the entire bill no matter what percentage of it is paid. U.S Senator Carl Levin raised the issue of millions of Americans affected by hidden fees, compounding interest and cryptic terms. Their woes were heard in a Senate Permanent Subcommittee on Investigations hearing which was chaired by Senator Levin, who said that he intends to keep the spotlight on credit card companies and that legislative action may be necessary to purge the industry. In 2009, the C.A.R.D. Act was signed into law, enacting protections for many of the issues Levin had raised.
In the United States, some have called for Congress to enact additional regulations on the industry; to expand the disclosure box clearly disclosing rate hikes, use plain language, incorporate balance payoff disclosures, and also to outlaw universal default. At a congress hearing around March 1, 2007, Citibank announced it would no longer practice this, effective immediately. Opponents of such regulation argue that customers must become more proactive and self-responsible in evaluating and negotiating terms with credit providers. Some of the nation's influential top credit card issuers, who are among the top fifty corporate contributors to political campaigns, successfully opposed it.
In the United Kingdom, merchants won the right through The Credit Cards (Price Discrimination) Order 1990 to charge customers different prices according to the payment method. As of 2007, the United Kingdom was one of the world's most credit-card-intensive countries, with 2.4 credit cards per consumer, according to the UK Payments Administration Ltd.
In the United States until 1984, federal law prohibited surcharges on card transactions. Although the federal Truth in Lending Act provisions that prohibited surcharges expired that year, a number of states have since enacted laws that continue to outlaw the practice; California, Colorado, Connecticut, Florida, Kansas, Massachusetts, Maine, New York, Oklahoma, and Texas have laws against surcharges. As of 2006, the United States probably had one of the world's highest if not the top ratio of credit cards per capita, with 984 million bank-issued Visa and MasterCard credit card and debit card accounts alone for an adult population of roughly 220 million people. The credit card per US capita ratio was nearly 4:1 as of 2003 and as high as 5:1 as of 2006.
The numbers found on credit cards have a certain amount of internal structure, and share a common numbering scheme.
The card number's prefix, called the Bank Identification Number, is the sequence of digits at the beginning of the number that determine the bank to which a credit card number belongs. This is the first six digits for MasterCard and Visa cards. The next nine digits are the individual account number, and the final digit is a validity check code.
In addition to the main credit card number, credit cards also carry issue and expiration dates (given to the nearest month), as well as extra codes such as issue numbers and security codes. Not all credit cards have the same sets of extra codes nor do they use the same number of digits.
Many credit cards can also be used in an ATM to withdraw money against the credit limit extended to the card, but many card issuers charge interest on cash advances before they do so on purchases. The interest on cash advances is commonly charged from the date the withdrawal is made, rather than the monthly billing date. Many card issuers levy a commission for cash withdrawals, even if the ATM belongs to the same bank as the card issuer. Merchants do not offer cashback on credit card transactions because they would pay a percentage commission of the additional cash amount to their bank or merchant services provider, thereby making it uneconomical.
Many credit card companies will also, when applying payments to a card, do so, for the matter at hand, when applying payments to a card, at the end of a billing cycle, and apply those payments to everything before cash advances. For this reason, many consumers have large cash balances, which have no grace period and incur interest at a rate that is (usually) higher than the purchase rate, and will carry those balances for years, even if they pay off their statement balance each month.
Credit cards are a risky way for entrepreneurs to acquire capital for their start ups when more conventional financing is unavailable. It's widely reported that Len Bosack and Sandy Lerner used personal credit cards to start Cisco Systems. It is rumoured that Larry Page and Sergey Brin's start up of Google was financed by credit cards to buy the necessary computers and office equipment, more specifically "a terabyte of hard disks". Similarly, filmmaker Robert Townsend financed part of Hollywood Shuffle using credit cards. Director Kevin Smith funded Clerks in part by maxing out several credit cards. Actor Richard Hatch also financed his production of Battlestar Galactica: The Second Coming partly through his credit cards. Famed hedge fund manager Bruce Kovner began his career (and, later on, his firm Caxton Associates) in financial markets by borrowing from his credit card. UK entrepreneur James Caan (as seen on Dragon's Den) financed his first business using several credit cards.
Because many other countries have introduced smart cards (chip cards) solutions, but the United States has not, travellers from the USA have encountered some problems abroad. As yet, the US banking system has not updated the cards and associated readers in the USA, stating that the costs would be prohibitive.
A stored-value card refers to monetary value on a card not in an externally recorded account and differs from prepaid cards where money is on deposit with the issuer similar to a debit card. One major difference between stored value cards and prepaid debit cards is that prepaid debit cards are usually issued in the name of individual account holders, while stored value cards are usually anonymous.
The term stored-value card means the funds and or data are metaphorically 'physically' stored on the card, in the form of binary-coded data. With prepaid cards the data is maintained on computers affiliated with the card issuer. The value associated with the card can be accessed using a magnetic stripe embedded in the card, on which the card number is encoded; using radio-frequency identification (RFID); or by entering a code number, printed on the card, into a telephone or other numeric keypad.
Typical applications of stored-value cards include transit system farecards, telephone prepaid calling cards, Cafeterias, or for micropayments in shops or vending machines. Examples of country specific payment cards include Chipknip in the Netherlands, Geldkarte in Germany, Quick in Austria, Moneo in France, Proton in Belgium, FeliCa in Japan, EZ-Link and NETS (CashCard and FlashPay) in Singapore and Octopus card in Hong Kong. The German Geldkarte and the Austrian Quick card are also used to validate customer age at vending machines for cigarettes.
Typical applications of organization specific or industry specific prepaid card include payroll cards, rebate cards, gift cards, cafeteria cards and travel cards and U.S. based health schemes such as HSA cards. The U.S. Department of the Treasury manages three stored-value card programs (EZpay, EagleCash, and Navy Cash) which are used by the U.S. military as electronic alternatives to cash in areas characterized by difficult access and limited banking / telecommunications infrastructure. Some examples of non-government related stored-value cards are Aramark GuestExpress, Compass Zipthru, and FreedomPay FreetoGo.
Stored value cards can save organizations a considerable amount of money by allowing customers to add a large amount of funds at one time to the card and then paying a lower transaction fee for each use of the stored value card on smaller purchases.
Closed system prepaid cards have emerged and replaced the traditional paper gift certificate, and are commonly known as merchant gift cards or store cards. "Closed system" means the cards are only accepted at a single merchant. Purchasers buy a card for a fixed amount and can only use the card at the merchant that issues the card. Generally, few if any laws govern these types of cards. Card issuers or sellers are not required to obtain a license. Closed system prepaid cards are not subject to the USA PATRIOT Act, as they generally cannot identify a customer. As debts owed to consumers who purchased the card, these purchases remain on the books of a merchant as a liability rather than an asset. Consequently, gift certificates and merchant gift cards have fallen under state escheat or abandoned property laws (APL). However, the emergence of closed system prepaid cards has blurred the applicability of APL. North Carolina and Illinois have excluded these types of cards from APL provided the card has no expiration date or a service fee. Maine and Virginia require the issuer to pay the state when the cards are abandoned. In Connecticut an issuer is required to identify the residence of the gift card owner. Since most merchant gift cards are anonymous, the residence of the card's owner is deemed to be the state's treasurer's office.
Presently, no law exists that requires an issuer to provide refunds for lost or stolen cards. Whether a refund is possible is specified in an issuer's cardholder agreement. In addition, most closed system cards cannot be redeemed for cash. When a cardholder redeems all but an insignificant portion of the card on merchandise, that amount is generally lost and is absorbed by the issuer.
Such cards are increasingly becoming a way for Mexican drug cartels to smuggle money across the border without repercussions.
Semi-closed system prepaid cards are similar to closed system prepaid cards. However, cardholders are permitted to redeem the cards at multiple merchants within a geographic area. These types of cards are issued by a third party, rather than the retailer who accepts the card. Examples include university cards and mall gift cards. The laws governing these types of cards are unsettled. Depending on the state, the issuer may or may not be required to have a money transmitter license or other similar license. In addition to the District of Columbia, the states that require a license include Connecticut, Florida, Illinois, Iowa, Louisiana, Maryland, Minnesota, Mississippi, North Carolina, Oregon, Texas, Vermont, Virginia, West Virginia, Washington, and Wyoming. Note, these states explicitly require licensing for card issuers. Other states may have more subtle licensing laws. Under 18 USC section 1960, it is a crime for an issuer to conduct a money transmitting business without a license. Cardholders generally suffer from the same redressability problems that closed system card holders suffer. It is unclear whether or not Chapters 7 and 11 of the Bankruptcy code are applicable to these types of cards.
Open system prepaid cards or network branded prepaid cards are not credit cards, although they are sometimes marketed as "prepaid credit cards". No credit is offered by the card issuer and the cardholder spends money which has been prepaid to a card. Therefore, these cards are also marketed as "prepaid debit cards". The value is not physically stored on the card instead, the card number uniquely identifies a record in a central database, where the balance is recorded. These cards are similar to closed system prepaid cards, but are endorsed by a retail electronic payments network such as Visa, Visa Electron, MasterCard, or Maestro and can, unlike gift cards, be used anywhere debit cards with the same logo may be used. They are very similar to a debit card except that they don't require a checking account. Market participants such as Caxton FX, Travelex and My Travel have used these cards to stimulate the adoption and appeal of open system prepaid cards in the UK. These cards have seen a 10 – 15% growth since they appeared in the UK market in 2005. These cards are also sometimes referred to as "open loop" cards.
These cards have been marketed to consumers with poor credit, who are unable to qualify for the line of credit that backs a mainstream credit card. The fees associated with these cards are often very high. These have been criticized as unjustified, because the issuer is not taking any credit risk. The Financial Consumer Agency of Canada describes prepaid credit cards as "an expensive way to spend your own money"
While historically marketed to consumers with poor credit, in 2012 a few large institutions started marketing prepaid cards as an alternative to checking and debit products due to the Dodd–Frank Wall Street Reform and Consumer Protection Act passed on July 21, 2010, also known as the "Durbin Amendment". This amendment reduced the revenue issuing banks will receive on debit card transactions, making prepaid card a more profitable product for financial institutions to offer. Driven by the improved profitability of prepaid cards for banks and legislative pressures to reduce fees and provide better consumer protections, prepaid cards in U.S. have become more mainstream, marketed to consumers who do have access to alternative products and have above average credit. Examples of these products include Chase's Liquid and American Express' Bluebird.
A variation on this are the PaidByCash virtual cards in the United States and the 3V cards issued in the UK, Canada and Ireland. These consist only of a card number plus expiry date and verification number, so can only be used for customer not present transactions. The Tobacco Card has undergone testing and is scheduled for nationwide introduction in Japan in 2008. It will contain an IC with information about the cardholder's age, and will be required for purchasing cigarettes from vending machines. It will have stored-value capability.][
Generally these cards are afforded similar characteristics as "open system prepaid cards". Similar to credit cards, these cards may carry an expiration date, an account number, and a verification number. They also may carry with them service fees and other fees associated with use, or non use of the card. The money on the card can be redeemed for goods only, and is not redeemable for cash. These cards are generally issued by a "money services business"(MSB) or an FDIC banking institution. The type of issuer depends on the law governing them. MSB's are only required to obtain a money transmitter license if they sell more than $1,000 per person per day. Cards issued by an MSB generally are governed by the laws governing "closed system cards" and "semi-closed system laws". Cards issued by an FDIC bank are covered under the Federal Reserve Act and afford cardholders much more protection and opportunity to assert claims. The cardholder should be aware of the network's agreement and rules and regulations set forth by these networks.
Another example of open system prepaid cards is the Payroll card. Payroll cards are used by employers to pay employees. The employee is issued a card that permits access to an account established by the employer. At the end of each pay period, the employee's ability to draw money from that account is increased by the amount of his or her wages. The card may be used at an Automated Teller Machine (ATM) to obtain cash, and may be used at a store to pay for purchases. These cards are subject to Chapters 7 and 11 of the Bankruptcy Code, as well as the Electronic Funds Transfer Act (Regulation E). They are also subject to the Federal Deposit Insurance Reform Act.][
While there are many examples of prepaid card services marketed widely to consumers, a new focus on business customers has emerged, in turn establishing a new sub-industry within the general prepaid card market called “corporate prepaid” (,). Issuing a prepaid corporate card to an employee is attractive to business owners because:
Unlike traditional business credit cards, prepaid business expense card providers do not require credit checks on the business owner or the business for enrollment because there is no debt underwriting. Like other prepaid card services, accounts are “loaded” (deposited) to a card in advance of spend rather than through a company line of credit. Spending on each individual employee debit card may be limited by the account administrator to specific dollar amounts and merchant categories ().
There is growing concern that drug traffickers and other criminals worldwide are using stored-value cards to move the proceeds from drug transactions and other criminal activities across international borders. In the United States, it is legal for anyone to enter or leave the country with money that is stored on these cards, and (unlike cash in high amounts) does not have to be reported to customs or another government entity. Some members of the U.S. Congress are considering creating laws that would require travelers crossing entering or leaving the country to report these cards.
The Financial Crimes Enforcement Network of the U.S. Department of the Treasury has published a notice of proposed rulemaking on stored-value cards in the June 28, 2010 edition of the Federal Register. The proposed rules would require sellers of prepaid cards to register with the government and keep records on transactions and customers.
A magnetic stripe card is a type of card capable of storing data by modifying the magnetism of tiny iron-based magnetic particles on a band of magnetic material on the card. The magnetic stripe, sometimes called swipe card or magstripe, is read by swiping past a magnetic reading head.
Magnetic recording on steel tape and wire was invented during World War II for recording audio. In the 1950s, magnetic recording of digital computer data on plastic tape coated with iron oxide was invented. In 1960 IBM used the magnetic tape idea to develop a reliable way of securing magnetic stripes to plastic cards, under a contract with the US government for a security system. A number of International Organization for Standardization standards, ISO/IEC 7810, ISO/IEC 7811, ISO/IEC 7812, ISO/IEC 7813, ISO 8583, and ISO/IEC 4909, now define the physical properties of the card, including size, flexibility, location of the magstripe, magnetic characteristics, and data formats. They also provide the standards for financial cards, including the allocation of card number ranges to different card issuing institutions.
Magnetic storage was already known from World War II and computer data storage in the 1950s.
One development for a magnetically striped card was in 1960 when Forrest Parry, an IBM engineer, had the idea of securing a piece of magnetic tape, the predominant storage medium at the time, to a plastic card base. He became frustrated because every adhesive he tried produced unacceptable results. The tape strip either warped or its characteristics were affected by the adhesive, rendering the tape strip unusable. After a frustrating day in the laboratory, trying to get the right adhesive, he came home with several pieces of magnetic tape and several plastic cards. As he walked in the door at home, his wife Dorothea was ironing clothing. When he explained the source of his frustration: inability to get the tape to "stick" to the plastic in a way that would work, she suggested that he use the iron to melt the stripe on. He tried it and it worked. The heat of the iron was just high enough to bond the tape to the card.
The major development of the magnetic striped plastic card began in 1969 at the IBM Information Records Division (IRD) headquartered in Dayton N.J.][ It took almost two years for IBM IRD engineers to not only develop the process for reliably applying the magnetic stripe to plastic cards via a hot stamping method, but also develop the process for encoding the magnetic stripe utilizing the IBM Delta Distance C Optical Bar Code format.][ This engineering effort resulted in IBM IRD producing the first magnetic stripped plastic credit and ID cards used by banks, insurance companies, hospitals and many others. Another result of this project was that IBM IRD and IBM Data Processing Division announced on February 24, 1971 the first Magnetic Credit Card Service Center and the IBM 2730-1 Transaction Validation Terminal. Arthur Hahn BSEE NJIT was hired by IBM IRD in Dayton, N.J. on Aug 12, 1969][ to head up this engineering effort. Other members of the group were David Morgan (Manager), Billy House (Software Developer), and E. J. Gillen (Mechanical Engineering/Machining). They were given a recently announced IBM 360 computer for control of the encoding/embossing of the Magnetic Stripe Cards.][ The IBM 360 computer was for scientific/business applications so the IRD engineers first had to convert the 360 into a “process control computer” and then develop software and hardware around it. This conversion enabled the 360 computer to monitor and control the entire production process the IRD engineers designed and built. The engineering design/build effort was carried out in a raised floor secured area of IBM IRD in Dayton, N.J. which was built specifically for the project. This tightly secured area with limited access was required because of the sensitivity of the data that would ultimately be used to encode and emboss the credit and ID cards.
The IRD engineers first had to develop a reliable process of hot stamping the magnetic stripe to the plastic cards. This was necessary in order to meet the close tolerances required to reliability encode and read the data on the Magnetic Stripe Cards by magnetic write/read heads. The magnetic stripe was (dimens and picture) encoded with a single track of data utilizing the IBM Delta Distance C Optical Bar Code format. #add ref from spec#. The Delta Distance C Optical Bar Code was developed by the IBM Systems Development Division working at Research Triangle Park in Raleigh North Carolina headed up by George J. Laurer. Other members of the group were N. Joseph Woodland, Paul McEnroe, Dr. Robert “B.O. Evans, Bernard Silver, Art Hamburgen, Heard Baumeister and Bill Crouse #ref the cpu museum and the IBM 100#. The IBM group in Raleigh was competing with RCA, Litton-Zellweger and other companies #add ref from NY Times mag# who were working with the National Retail Merchants Association NRMA to develop a standard optical bar code to be used in the retail industry. NRMA wanted an optically readable code that could be printed on products allowing purchasers to rapidly “check out” at the new electronic cash register/checkout counters being developed. The code would also be used for production and inventory control of products. Of the many optical bar codes submitted to NRMA by IBM and other companies, NRMA finally selected the later version of the IBM bar code known as the Delta Distance D Optical Bar Code format.# Add ref from upc museum#. This code was selected in 1973 by NRMA as their standard and has become the World Wide Standard that we all know today as the UPC Uniform Product Code. #add ref to NMRA accept)
In 1971, after the IBM IRD engineers completed the development and building phase of the project they began in 1969, they released the equipment to the IRD manufacturing group in Dayton N.J. to begin producing the plastic Magnetic Stripped Credit and ID cards. Because of the sensitivity of the customer data and the security requirements of banks, insurance companies and others, the manufacturing group decided to leave the entire line in the secured area where it was developed.
Banks, insurance companies, hospitals etc., supplied IBM IRD with “raw plastic cards” preprinted with their logos, contact information etc. They also supplied the data information which was to be encoded and embossed on the cards. This data was supplied to IRD on large 0.5 inch wide; 10.5 inch diameter IBM Magnetic Tape Reels which was the standard for computers at that time.][ The manufacturing process started by first applying the magnetic stripe to the preprinted plastic cards via the hot stamping process developed by the IBM IRD engineers. This operation of applying the magnetic stripe to the plastic cards was done off line in another area of IBM IRD and not in the secured area. The cards were then brought into the secured area and placed in “hoppers” at the beginning of the production line. The tape reel s containing the data were then installed on the modified IBM 360 computer prior to beginning the encoding, embossing and verification of the cards. After the 360 performed a check to verify that all systems and stations were loaded and ready to go, the computer began feeding the Magnetic Stripped Plastic Cards from the “hoppers” at the front end of the production line down a motorized track. The entire operation was fully automated and controlled by the modified IBM 360 business computer. The line consisted of the following stations and operations:
This completed the manufacturing line for the magnetic stripped encoded and embossed plastic credit and badge access cards. The envelopes were then taken to be posted and mailed directly to the customers of the companies who had ordered the cards from IRD.
What this small engineering group at IBM IRD and the IBM Bar Code development group in Raleigh accomplished in developing the first Magnetic Stripe Credit and ID cards cannot be overstated. They laid the foundation for the entire Magnetic Stripe Card industry that we know and use today through our use of Credit Cards, ATM Cards, ID Cards, Hotel Room and Access Cards, Transportation Tickets etc. not to mention all the terminals and card readers that were and are being developed to read the cards and enter the data into computers. Their developments resulted in (for better or worst) every person on earth having the ability to easily carry a card that connects them directly to computers with all the ramifications thereof as well as opening hotel room doors.
IBM (or no one else for that matter) ever applied for or received any patents pertaining to the Magnetic Stripe Card, the Delta Distance Bar Codes or even the Uniform Product Code UPC. IBM felt that with an open architecture it would enhance the growth of the media thereby resulting in more IBM computers and associated hardware being sold. As with all new technologies, the Magnetic Stripe Card #add card pic# developed and produced by IBM IRD with one track of encoded data using the Delta Distance C Bar Code format was quickly obsolete. Because of the electronic ATM/ reservation/check out/and access systems that were rapidly developing, the banks, airlines and other industries required more encoded data. A wider magnetic stripe enabling multiple tracks of encoding along with new encoding standards was required.
The first US Patents for the ATM were granted in 1972 and 1973 to Marior Karecki, George Chastain, Thomas Barnes and Thomas Barnes, George Chastain, Don Wetzel
Other groups within IBM and other companies continued on with expanding the work done by this small group of engineers at IBM IRD, however, the contributions that these IBM IRD engineers made to the development of the Magnetic Stripe Card, is analogous to the Wright Brother’s contribution to the Airline Industry of today.
There were a number of steps required to convert the magnetic striped media into an industry acceptable device. These steps included: 1) Creating the international standards for stripe record content, including which information, in what format, and using which defining codes. 2) Field testing the proposed device and standards for market acceptance. 3) Developing the manufacturing steps needed to mass-produce the large number of cards required. 4) Adding stripe issue and acceptance capabilities to available equipment. These steps were initially managed by Jerome Svigals of the Advanced Systems Division of IBM, Los Gatos, California from 1966 to 1975.
In most magnetic stripe cards, the magnetic stripe is contained in a plastic-like film. The magnetic stripe is located 0.223 inches (5.66 mm) from the edge of the card, and is 0.375 inches (9.52 mm) wide. The magnetic stripe contains three tracks, each 0.110 inches (2.79 mm) wide. Tracks one and three are typically recorded at 210 bits per inch (8.27 bits per mm), while track two typically has a recording density of 75 bits per inch (2.95 bits per mm). Each track can either contain 7-bit alphanumeric characters, or 5-bit numeric characters. Track 1 standards were created by the airlines industry (IATA). Track 2 standards were created by the banking industry (ABA). Track 3 standards were created by the Thrift-Savings industry.
Magstripes following these specifications can typically be read by most point-of-sale hardware, which are simply general-purpose computers that can be programmed to perform specific tasks. Examples of cards adhering to these standards include ATM cards, bank cards (credit and debit cards including VISA and MasterCard), gift cards, loyalty cards, driver's licenses, telephone cards, membership cards, electronic benefit transfer cards (e.g. food stamps), and nearly any application in which value or secure information is not stored on the card itself. Many video game and amusement centers now use debit card systems based on magnetic stripe cards.
Magnetic stripe cloning can be detected by the implementation of magnetic card reader heads and firmware that can read a signature of magnetic noise permanently embedded in all magnetic stripes during the card production process. This signature can be used in conjunction with common two factor authentication schemes utilized in ATM, debit/retail point-of-sale and prepaid card applications.
Counterexamples of cards which intentionally ignore ISO standards include hotel key cards, most subway and bus cards, and some national prepaid calling cards (such as for the country of Cyprus) in which the balance is stored and maintained directly on the stripe and not retrieved from a remote database.
Magstripes come in two main varieties: high-coercivity (HiCo) at 4000 Oe and low-coercivity (LoCo) at 300 Oe but it is not infrequent to have intermediate values at 2750 Oe. High-coercivity magstripes require higher amount of magnetic energy to encode, and therefore are harder to erase. HiCo stripes are appropriate for cards that are frequently used, such as a credit card. Low-coercivity magstripes require a lower amount of magnetic energy to record, and hence the card writers are much cheaper than machines which are capable of recording high-coercivity magstripes. However, LoCo cards are much easier to erase and have a shorter lifespan. A card reader can read either type of magstripe, and a high-coercivity card writer may write both high and low-coercivity cards (most have two settings, but writing a LoCo card in HiCo may sometimes work), while a low-coercivity card writer may write only low-coercivity cards.
In practical terms, usually low coercivity magnetic stripes are a light brown color, and high coercivity stripes are nearly black; exceptions include a proprietary silver-colored formulation on transparent American Express cards. High coercivity stripes are resistant to damage from most magnets likely to be owned by consumers. Low coercivity stripes are easily damaged by even a brief contact with a magnetic purse strap or fastener. Because of this, virtually all bank cards today are encoded on high coercivity stripes despite a slightly higher per-unit cost.
Magnetic stripe cards are used in very high volumes in the mass transit sector, replacing paper based tickets with either a directly applied magnetic slurry or hot foil stripe. Slurry applied stripes are generally less expensive to produce and are less resilient but are suitable for cards meant to be disposed after a few uses.
There are up to three tracks on magnetic cards known as tracks 1, 2, and 3. Track 3 is virtually unused by the major worldwide networks, and often isn't even physically present on the card by virtue of a narrower magnetic stripe. Point-of-sale card readers almost always read track 1, or track 2, and sometimes both, in case one track is unreadable. The minimum cardholder account information needed to complete a transaction is present on both tracks. Track 1 has a higher bit density (210 bits per inch vs. 75), is the only track that may contain alphabetic text, and hence is the only track that contains the cardholder's name.
Track 1 is written with code known as DEC SIXBIT plus odd parity. The information on track 1 on financial cards is contained in several formats: A, which is reserved for proprietary use of the card issuer, B, which is described below, C-M, which are reserved for use by ANSI Subcommittee X3B10 and N-Z, which are available for use by individual card issuers:
Track 1, Format B:
Track 2: This format was developed by the banking industry (ABA). This track is written with a 5-bit scheme (4 data bits + 1 parity), which allows for sixteen possible characters, which are the numbers 0-9, plus the six characters
: ; < = > ? . The selection of six punctuation symbols may seem odd, but in fact the sixteen codes simply map to the ASCII range 0x30 through 0x3f, which defines ten digit characters plus those six symbols. The data format is as follows:
Service code values common in financial cards:
The data stored on magnetic stripes on American driver's licenses is specified by the American Association of Motor Vehicle Administrators. Not all states use a magnetic stripe on their driver's licenses. For a list of those that do, see the AAMVA list of US License Technology. The AAMVA site also contains a list of the Canadian jurisdictions that use magnetic stripes on their driver's licenses.
The following data is stored on track 1:
The following data is stored on track 2:
The following data is stored on track 3:
Note: Each state has a different selection of information they encode, not all states are the same. Note: Some states, such as Texas, have laws restricting drivers licenses being swiped under certain circumstances.
Smart cards are a newer generation of card containing an integrated circuit chip. The card may have metal contacts connecting the card physically to the reader, while contactless cards use a magnetic field or radio frequency (RFID) for proximity reading.
Hybrid smart cards include a magnetic stripe in addition to the chip — this is most commonly found in a payment card, so that the cards are also compatible with payment terminals that do not include a smart card reader.
Cards with all three features: magnetic stripe, smart card chip, and RFID chip are also becoming common as more activities require the use of such cards.][
Another type of card is a Chip-and PIN card. With this particular card, information is transmitted through a smartchip with a secure pin. Swiping the card is no longer required.
Online Authorization (or OLA) is a system used to verify a transaction on a payment card (e.g. credit card). The term 'on-line' refers to the real-time nature of the verification. In other words, if the account is overdrawn, in most cases, the transaction will be refused.
OLA is already commonplace for credit card networks such as VISA or Mastercard and is now being implemented in others (such as fuel cards).
During on-line аuthorisation:
(The recrypt PIN block process is not included in list.)
The set of verifications performed by an issuer bank depends on the card type, payment system requests and features of the issuer bank's processing system.
Electronic commerce, commonly known as e-commerce or eCommerce, is a type of industry where the buying and selling of products or services is conducted over electronic systems such as the Internet and other computer networks. Electronic commerce draws on technologies such as mobile commerce, electronic funds transfer, supply chain management, Internet marketing, online transaction processing, electronic data interchange (EDI), inventory management systems, and automated data collection systems. Modern electronic commerce typically uses the World Wide Web at least at one point in the transaction's life-cycle, although it may encompass a wider range of technologies such as e-mail, mobile devices, social media, and telephones as well.
Electronic commerce is generally considered to be the sales aspect of e-business. It also consists of the exchange of data to facilitate the financing and payment aspects of business transactions. This is an effective and efficient way of communicating within an organization and one of the most effective and useful ways of conducting business.
A card reader is a data input device that reads data from a card-shaped storage medium. The first were punched card readers, which read the paper or cardboard punched cards that were used during the first several decades of the computer industry to store information and programs for computer systems. Modern card readers are electronic devices that can read plastic cards embedded with either a barcode, magnetic strip, computer chip or another storage medium.
A memory card reader is a device used for communication with a smart card or a memory card. A magnetic card reader is a device used to read magnetic stripe cards, such as credit cards. A business card reader is a device used to scan and electronically save printed business cards. Card
A punched card reader or just card reader is a computer input device used to read executable computer programs, source code, and data from punched cards. A card punch is an output device that punches holes in cards under computer control. Sometimes card readers were combined with card punches and, later, other devices to form multifunction machines.
Most early computers, such as the ENIAC, the Remington Rand UNIVAC I, and the IBM NORC, provided for punched card input/output. Card readers and punches, either connected to computers or in off-line card to/from magnetic tape configurations, were ubiquitous through the mid-1970s.
A credit card is a payment card issued to users as a system of payment. It allows the cardholder to pay for goods and services based on the holder's promise to pay for them. The issuer of the card creates a revolving account and grants a line of credit to the consumer (or the user) from which the user can borrow money for payment to a merchant or as a cash advance to the user.
A credit card is different from a charge card: a charge card requires the balance to be paid in full each month. In contrast, credit cards allow the consumers a continuing balance of debt, subject to interest being charged. A credit card also differs from a cash card, which can be used like currency by the owner of the card. A credit card differs from a charge card also in that a credit card typically involves a third-party entity that pays the seller and is reimbursed by the buyer, whereas a charge card simply defers payment by the buyer until a later date.
The Chicago Card and the Chicago Card Plus are contactless smart cards used by riders of the Chicago Transit Authority (CTA) and Pace to electronically pay for bus and train fares in the city of Chicago, Illinois, USA and the surrounding suburbs.
The blue Chicago Card is a stored value card. Users add value to the card at CTA vending machines or at select retail locations, and turnstiles or fareboxes deduct value from the card. Users usually register cards with CTA and can receive a replacement in the event of theft, loss, or damage to the card. Technology
The payment system is an operational network - governed by laws, rules and standards - that links bank accounts and provides the functionality for monetary exchange using bank deposits. The payment system is the infrastructure (consisting of institutions, instruments, rules, procedures, standards,and technical means) established in effect the transfer of monetary value between parties discharging mutual obligations. Its technical efficiency determines the efficiency with which transaction money is used in the economy, and risk associated with its use.
What makes it a "system" is that it employs cash-substitutes; traditional payment systems are negotiable instruments such as drafts (e.g., checks) and documentary credits such as letter of credits. With the advent of computers and electronic communications a large number of alternative electronic payment systems have emerged. These include debit cards, credit cards, electronic funds transfers, direct credits, direct debits, internet banking and e-commerce payment systems. Some payment systems include credit mechanisms, but that is essentially a different aspect of payment. Payment systems are used in lieu of tendering cash in domestic and international transactions and consist of a major service provided by banks and other financial institutions.
The ORCA ("One Regional Card for All") card is a contactless, stored value smart card used for payment of public transport fares in the Puget Sound region of Washington state. ORCA was introduced on a limited basis on April 20, 2009, to be followed by an extensive public launch in late 2009.
Central Puget Sound transit agencies have collaborated in a region-wide fare system since 1991 with the introduction of U-PASS and later FlexPass. In 1996, voters approved Sound Move, which called for an integrated regional fare policy for a "one-ticket ride". That goal led to the creation of the PugetPass in 1999, which allowed transit riders to use a single pass for five transit agencies. Labor