Card issuing is a key component within the fintech industry today, but why?
A card issuer can offer debit, credit and prepaid cards to cardholders, and card issuing companies (also known as the Payer’s Payment Service Provider) will facilitate the payments, regardless of card form i.e. physical or digital.
It’s the speed and convenience card payments offer customers, enabling them to transact with merchants online and in-store with ease, while at the same time creating revenue for the card issuers through cardholder fees and interest income.
What is card issuing?
A card issuer is a financial institution, typically an issuing bank, that provides payment cards to customers.
As card issuers work as intermediaries on behalf of card schemes like Visa and Mastercard, issuers manage cardholder accounts, issue cards to respective account holders, authorise transactions, settle with the scheme and bear most of the risk.
Card issuing enables card payment transactions and provides financial flexibility to users quickly and easily, allowing users to make purchases at POS, online and withdraw cash using an ATM. But how does this all work?
Behind every card payment is an ecosystem of different organisations that provide the technology, infrastructure and resources that enable the transaction to work. This ecosystem enables different entities from the acquirer to the card scheme to the issuer to communicate with each other when facilitating transactions.
If a customer wishes to use their card to make a payment either in-store or online, the authorisation request is routed initially to the Acquiring Payment Service Provider, then onto the payment scheme and finally to the appropriate financial institution or bank for authorisation decision.
This process is almost instantaneous, meaning transactions can be processed quickly and merchants benefit from increased sales.
Card issuers can provide cards with different functionalities for a range of products:
- Credit cards: Credit cards allow for borrowing money and making payments
- Debit cards: Used to make payments from a linked account
- Prepaid cards: Users load or ‘top up’ money in advance to make transactions
- Forex cards: These can hold multiple currencies making them ideal for international travels
Key challenges in card issuing
Card issuers face several challenges in the ever evolving fintech landscape, some of which include:
- Fraud and security: Identity theft, data breaches, and unauthorised transactions are just a few of the illegal activities putting card issuers and users at risk
- Regulatory compliance: Card issuers must comply with numerous rules and regulations, including laws on anti-money laundering, consumer protection and data privacy. Enforcing these rules requires specialist knowledge, regular training and clearly defined internal processes
- Technology developments: A card issuer must adjust to new technologies promptly to remain competitive and appealing to changing end user expectations. Card issuers must keep up with technological developments or risk being left behind
- Changing consumer demands: Consumer expectations and preferences continuously change - especially in a world where options seem infinite. This means, card issuers must stay ahead of the curve, staying in tune with the needs of cardholders, and modifying their products accordingly. Previous developments associated with changing consumer demands include connections with digital wallets and payments using wearable devices.
Since 2011, most prepaid card issuers in the UK have to comply with the Electronic Money Regulations (EMRs) set up by the FCA to ensure enhanced transparency and fair competition with the sector and its operations.
Card issuers need to think about regulatory hurdles such as having the right licences to offer open-loop cards, the need for technological infrastructure when setting up a card issuing platform and the complexities associated with establishing partnerships with card schemes like Visa or Mastercard.
The card issuing process explained
Card issuers need to follow a process in order to get the green light from the card scheme and regulators. These include:
Obtaining licences
Card issuers need to have a Payment Institution or an Electronic Money Institution (EMI) licence to be able to hold or transfer cardholder funds.
All prospective card issuers operating out of the UK must comply with FCA regulations before being given the green light.
Securing scheme membership
A card issuer needs to become a member of a card scheme, before they can be given the go ahead to issue card products.
For example, if a prospective card issuer wants to offer Mastercard labelled cards they need to to become a licenced Principal member , and need to be vetted, ensuring they meet certain regional or international requirements for various regulations.
This membership is crucial for compliance and network access for the card issuer.
Partnership with card networks
First and foremost, a card issuer authorises the transaction based on account balance. To pay a merchant, the funds must come from the issuing bank- and it is the card issuer’s responsibility to ensure the money is available to pay the merchant.
Technological requirements for card issuing
To operate as a card issuer, there are certain technology and security requirements to handle card-based transactions.
These include:
- Systems for processing transactions (authorisation, clearing and settlement)
- Ensuring cardholder data security
Security measures in card issuing
There are a number of essential security measures that need to be followed by card issuers.
PCI DSS compliance, encryption and tokenisation are just a few security measures that safeguard transaction data and protect against fraud.
PCI DSS compliance
Any entity that stores, processes or transmits cardholder data must comply with the Payment Card Industry Data Security Standard (PCI DSS).
Any organisation that doesn’t comply with the latest PCI DSS regulations could not only risk their customer’s financial position, but they will also be liable to a £4,000-81,000 per month fine.
Tokenisation
Tokenisation replaces sensitive card data such as the 16 digit Primary Account Number (PAN) with a digital token which is used by technology such as Apple or Google to make the payment using a device.
This means that when a payment is tokenised the underlying card details are concealed, keeping payment data safe.
Tokenisation can greatly reduce the risk of data breaches.
Other security measures include:
- 3D Secure authentication
- Strong Customer Authentication
- Chip and PIN
- Card Verification Value (CVV) checks
The benefits of working with card issuers
Fintechs, corporates and retailers are able to offer debit, credit and prepaid card programs to their customers, and by partnering with a card issuer, these businesses can leverage their infrastructure and expertise to provide a secure, seamless payment experience for customers.
Edenred Payment Solutions can support businesses to create a customised card program and issue cards with its Mastercard Principal Membership.
It offers:
- A range of product configuration options and flexible BIN sponsorship to suit requirements
- Works with leading technology vendors and card fulfilment partners
- Provides guidance and support to launch new card programs
- Speeds up time to market by removing complex technical integration.
Find out more here.
Summary
We live in a world of digital payments and transactions today, with card issuers, and the role they play, becoming increasingly important.
That is why card issuers need to have a well-managed card issuing process, as this will directly affect a business’s ability to compete and innovate within the financial services market.
FAQs
What is card issuing?
Card issuing refers to the process that a financial institution provides credit or debit cards to customers. These cards can be used to make purchases or access funds at an ATM
What does a card issuer do?
A card issuer enables cardholders to pay for goods and services. The card issuer is the financial institution or bank that issues the credit or debit card to the customer. Issuing banks are members of the card scheme, such as Visa and Mastercard, but they can also operate as both issuer and card scheme—for example, American Express.
What is a card issuing platform?
Financial technology solutions, otherwise known as a card issuing platform, allows businesses to issue payment cards, such as debit or credit cards to their customers.
Contact us today
If you would like to learn more about mobile payment technology and other related services, we want to hear from you. Support your next payment solution
