The simplicity of using a credit card hides the complexity of everything that happens behind the scenes to complete a transaction quickly and securely. While a small business can rely on its payment processor to make sure certain facets of the transaction are handled properly, it is helpful to understand the process. This offers transparency into how and where charges and liabilities can arise, and how the payments technology, and security solutions, work. This information is useful for making wise decisions in selecting and/or upgrading credit card systems.
Behind the scenes
Credit card transactions involve both authorization and the settlement. Before we discuss the process, let’s take at the key players involved in a payment transaction.
The consumer who is using a credit card to make a purchase.
The business accepting credit card payments from and remitting goods or services to the cardholder.
Credit Card Associations
A network of issuing banks and acquiring banks that process the payment cards of a specific brand. These brands include Visa, MasterCard, Discover, American Express, and others. In addition to providing the backbone for processing the transaction, the card brands serve as the governing body of financial institutions that issue credit cards.
The bank that processes and settles a merchant's credit and debit card transactions. Also known as the merchant bank.
The entity that manages the transaction process for merchants. Some processors also provide the necessary card reader equipment, as well as customer support and other value added services.
The cardholder’s bank, which is responsible for remitting funds from the cardholder's account to the acquiring bank for approved transactions.
When a cardholder makes a purchase, the merchant's payment solution sends the credit card data for approval to the acquiring bank/payment processor who then sends that data to the credit card association. The credit card association requests payment approval from the issuing bank, who reviews the credit card data to make sure the card has not been reported stolen or lost and the cardholder is in good standing and has sufficient credit, and lets the credit card association know if the transaction is approved or declined. The credit card association then passes on that information to the acquiring bank/payment processor who lets the merchant know if the transaction has been approved. All of this just takes seconds!
The issuing bank then sends funds in the amount of the sale less their fee back through the acquiring bank/payment processor, who forwards the funds, less their fee, to the merchant’s bank account. Note that the fees deducted from the merchant’s payment are determined by a variety of factors, including the negotiated processing rate, risk, and type of card. These fees are agreed upon when a merchant opens an account to take credit card payments.
Secure technology solutions help protect merchants
Security is a necessary component of credit card processing since it helps protect merchants from data theft and the related costs. A new development in secure credit card processing took place on October 1, 2015. That's when liability for certain fraudulent payment transactions shifted to merchants. Now, merchants can be held liable for certain types of fraud if they process an EMV chip card on a device that is not enabled to process chip cards.
EMV - which stands for Europay, Mastercard and Visa - is a global standard for credit cards. Chip cards are embedded with a chip which securely stores the cardholder's account information. Unlike the magnetic strips on traditional payment cards, the chip creates a unique transaction code for each purchase that can’t be used again.
Another important security feature now available in payment systems is point to point encryption (P2PE). Encryption encodes data so it can only be read by those it is intended for by using a unique key to translate that data. P2PE is used throughout the entire transaction process, providing a much greater level of security over traditional means of data communication.
Tokenization is another security technology used in processing payments. By replacing sensitive data with a unique token, tokenization protects data at rest. It is particularly useful for recurring billing and tip adjustment scenarios.
Credit cards usage going to keep growing
According to the well-respected Surveys of Consumers research by the University of Michigan, in 2016, 40 percent of U.S .consumers said they prefer to make purchases with credit cards, continuing the decades-long growth of credit card popularity. Needless to say, credit card transactions are more important than ever to small businesses. Understanding what is involved in a credit card transaction, including security features,can go a long way toward helping a small business control costs and increase profits.