Card issuing is a key component within the fintech industry today, but why? 

A card issuer can offer debit, credit, prepaid, physical or virtual cards to cardholders, and card issuing companies (also known as the Payer’s Payment Service Provider) will facilitate the payments, regardless of card form i.e. physical or digital. 

It’s the speed and convenience card payments offer customers, enabling them to transact with merchants online and in-store with ease, while at the same time creating revenue for the card issuers through cardholder fees and interest income.

What is card issuing?

A card issuer is a financial institution, typically an issuing bank, that provides payment cards to customers.

As card issuers work as intermediaries on behalf of card schemes like Visa and Mastercard, issuers manage cardholder accounts, issue cards to respective account holders, authorise transactions, settle with the scheme and bear most of the risk.  

Card issuing enables card payment transactions and provides financial flexibility to users quickly and easily, allowing users to make purchases at POS, online and withdraw cash using an ATM. But how does this all work? 

Behind every card payment is an ecosystem of different organisations that provide the technology, infrastructure and resources that enable the transaction to work in real-time. This ecosystem enables different entities from the acquirer to the card scheme to the issuer to communicate with each other when facilitating transactions.

If a customer wishes to use their card to make a payment either in-store or online, the api first routes the authorisation request to the Acquiring Payment Service Provider, then onto the payment scheme and finally to the appropriate financial institution or bank for authorisation decision. 

This process is almost instantaneous, meaning transactions can be processed quickly and merchants benefit from increased sales.

Card issuers can provide cards with different functionalities for a range of products:  

• Credit cards: Credit cards allow for borrowing money and making payments
• Debit cards: Used to make payments from a linked account
• Prepaid cards: Users load or ‘top up’ money in advance to make transactions
• Forex cards: These can hold multiple currencies making them ideal for international travels

Key challenges in card issuing

Card issuers face several challenges in the ever evolving fintech and digital banking landscape, some of which include:

• Fraud and security: Identity theft, data breaches, and unauthorised transactions are just a few of the illegal activities putting card issuers and users at risk
• Regulatory compliance: Card issuers must comply with numerous rules and regulations, including laws on anti-money laundering, consumer protection and data privacy. Enforcing these rules requires specialist knowledge, regular training and clearly defined internal processes 
• Technology developments: A card issuer must adjust to new technologies promptly to remain competitive and appealing to changing end user expectations. Card issuers must keep up with technological developments or risk being left behind 
• Changing consumer demands: Consumer expectations and preferences continuously change - especially in a world where options seem infinite. This means, card issuers must stay ahead of the curve, staying in tune with the needs of cardholders, and modifying their products accordingly. Previous developments associated with changing consumer demands include connections with digital wallets and payments using wearable devices. 

Since 2011, most prepaid card issuers in the UK have to comply with the Electronic Money Regulations (EMRs) set up by the FCA to ensure enhanced transparency and fair competition with the sector and its operations.

Card issuers need to think about regulatory hurdles such as having the right licences to offer open-loop cards, the need for technological infrastructure when setting up a card issuing platform and the complexities associated with establishing partnerships with card schemes like Visa or Mastercard.

The card issuing process explained

Card issuers need to follow a process in order to get the green light from the card scheme and regulators. These include:

Obtaining licences

Card issuers need to have a Payment Institution or an Electronic Money Institution (EMI) licence to be able to hold or transfer cardholder funds.  

All prospective card issuers operating out of the UK must comply with FCA regulations  before being given the green light.

Securing scheme membership

A card issuer needs to become a member of a card scheme, before they can be given the go ahead to issue card products. 

For example, if a prospective card issuer wants to offer Mastercard labelled cards they need to to become a licenced Principal member , and need to be vetted, ensuring they meet certain regional or international requirements for various regulations.

This membership is crucial for compliance and network access for the card issuer.

Partnership with card networks

First and foremost, a card issuer authorises the transaction based on account balance. To pay a merchant, the funds must come from the issuing bank- and it is the card issuer’s responsibility to ensure the money is available to pay the merchant. 

Card issuer vs acquirer

While card issuers and acquirers both play crucial roles in the payment ecosystem, they serve opposite ends of every transaction.

What's the difference?

A card issuer represents the cardholder. They provide payment cards to customers, manage their accounts, and authorise transactions based on available funds or credit. When a customer makes a purchase, the issuer approves or declines the transaction and ultimately transfers funds to complete the payment.

An acquirer (or acquiring bank) represents the merchant. They provide businesses with the ability to accept card payments, process transaction requests, and ensure merchants receive funds from sales. The acquirer routes authorisation requests from the merchant's payment terminal through the card scheme to the appropriate issuer.

How they work together

Every card payment involves both parties working in harmony:

1. A customer attempts to make a purchase at a merchant's store or website
2. The acquirer receives the transaction request and routes it through the card scheme (Visa, Mastercard, etc.)
3. The issuer receives the authorisation request and checks the account for sufficient funds
4. The issuer approves or declines the transaction and sends the response back through the scheme
5. The acquirer communicates the result to the merchant
6. If approved, funds flow from the issuer to the acquirer, who then deposits them into the merchant's account

This entire process happens in seconds, enabling the seamless payment experiences customers expect today.

Why the distinction matters

For fintechs and businesses building payment solutions, understanding this distinction is essential. If you want to offer branded cards to your customers, you need to work with a card issuer. If you want to accept payments from customers, you need an acquiring relationship. Some businesses require both capabilities to create end-to-end payment experiences.

Technological requirements for card issuing

To operate as a card issuer, there are certain technology and security requirements to handle card-based transactions.  

These include:

• Systems for processing transactions (authorisation, clearing and settlement)
• Ensuring cardholder data security 

Security measures in card issuing

There are a number of essential security measures that need to be followed by card issuers.  

PCI DSS compliance, encryption and tokenisation are just a few security measures that safeguard transaction data and protect against fraud.

PCI DSS compliance

Any entity that stores, processes or transmits cardholder data must comply with the Payment Card Industry Data Security Standard (PCI DSS).

Any organisation that doesn’t comply with the latest PCI DSS regulations could not only risk their customer’s financial position, but they will also be liable to a fines.

Tokenisation

Tokenisation replaces sensitive card data such as the 16 digit Primary Account Number (PAN) with a digital token which is used by technology such as Apple or Google to make the payment using a device.  

This means that when a payment is tokenised the underlying card details are concealed, keeping payment data safe. 

Tokenisation can greatly reduce the risk of data breaches.

Other security measures include:

• 3D Secure authentication
• Strong Customer Authentication
• Chip and PIN
• Card Verification Value (CVV) checks

The benefits of working with card issuers

Fintechs, corporates and retailers are able to offer debit, credit and prepaid card programs to their customers, and by partnering with a card issuer, these businesses can leverage their infrastructure and expertise to provide a secure, seamless payment experience for customers.

Edenred Payment Solutions can support businesses to create a customised card program and issue cards with its Mastercard Principal Membership.

It offers:

• A range of product configuration options and flexible BIN sponsorship to suit requirements
• Works with leading technology vendors and card fulfilment partners
• Provides guidance and support to launch new card programs
• Speeds up time to market by removing complex technical integration. 

Check out guide on whether you should partner with a card issuer or build in-house

Why industry leaders choose Edenred Payment Solutions

Choosing a card issuing platform isn’t just about ticking feature boxes. It’s about finding a partner that understands your business, can move at your pace, and has the experience to back it up.

Edenred Payment Solutions is that partner for many leading enterprises:

• Proven infrastructure used by digital banks, fintechs, and large enterprises

• Modular, API-first infrastructurefor maximum flexibility

• FCA-regulated compliance and operational resilience

• Cardholder onboarding, card management, and program controls 

• Deep industry expertise and dedicated implementation support

In a market where many platforms are still catching up, Edenred Payment Solutions is already delivering at scale.

📢 Watch our on-demand webinar with thinkmoney to learn how you can simplify tech complexity and scale fast.

Final thoughts

We live in a world of digital payments and transactions today, with card issuers, and the role they play, becoming increasingly important. 

That is why card issuers need to have a well-managed card issuing process, as this will directly affect a business’s ability to compete and innovate within the financial services market.

Looking to launch or upgrade your card program?

Explore the full range of capabilities with Edenred Payment Solutions and see how your business can go further, faster.

FAQs

What is card issuing?

Card issuing refers to the process that a financial institution provides credit or debit cards to customers. These cards can be used to make purchases or access funds at an ATM

What does a card issuer do?

A card issuer enables cardholders to pay for goods and services. The card issuer is the financial institution or bank that issues the credit or debit card to the customer. Issuing banks are members of the card scheme, such as Visa and Mastercard, but they can also operate as both issuer and card scheme—for example, American Express.

What is a card issuing platform?

Financial technology solutions, otherwise known as a card issuing platform, allows businesses to issue payment cards, such as debit or credit cards to their customers.

Contact us today

If you would like to learn more about mobile payment technology and other related services, we want to hear from you. Support your next payment solution