You process transactions with them every day, but do you really know how credit card readers work? What’s actually happening from swipe, tap, or insert (in the case of chip cards) to the completion of a sale? Below, we explain the credit and debit card processing system and take you through how credit and debit card readers work for chip cards, and contactless payments. Knowing how credit card readers work will make you a much more informed small business owner.
How do credit card readers work?
Credit card readers read a customer’s credit or debit card information and securely communicate the transaction data to the banks and credit card networks. Whether working with traditional credit card machines or mobile card readers, it’s helpful to understand how credit card readers work and how they process payment flows—from the moment of insertion or tap to settlement.
Credit card processing explained
Square credit card reader processing can be broken down into three stages: authorisation, capture, and settlement. Let’s go through each:
Step 1: Authorisation
When a customer’s credit card is inserted or tapped using a Square credit card reader the payment request is sent to Square. We then pass the transaction to a financial institution known as the acquiring bank (sometimes called a merchant bank or acquirer). The acquiring bank acts as a go-between and sends the request to the issuing bank of the customer’s debit card or credit card. The issuing bank checks if the customer has enough money or credit for the charge. The issuing bank also uses fraud detection software to check if the transaction is legitimate. If everything is approved, the transaction is authorised and a hold is put on the funds, which shows up as “pending.”
Step 2: Capture
The funds are then moved from the credit card company to the acquiring bank. Lots of payments from credit and debit card readers are moved together in one big batch, so this part of the process is sometimes known as batching.
Step 3: Settlement
It’s payday. The funds from the debit and credit card sales get settled through Square’s systems and are transferred into the seller’s bank account. Square sellers receive their funds in one to two business days. For sellers who would like their funds more quickly, Square has a faster option for just 1% of the total transfer amount. And for those who want their money deposited at a particular time, we also have manual transfer, which gives sellers the option to receive the day’s sales in their bank accounts on the same day at a set time, seven days a week. Sellers can also opt for instant transfer, which is a one-off instantaneous transfer of a specific sale into their accounts. This can help immensely should a business have cash flow issues.
How chip (EMV) readers work
What is EMV? EMV® is a global standard for credit cards that uses computer chips to securely authenticate chip-card transactions. EMV was developed and managed by American Express, Discover, JCB, Mastercard, UnionPay, and Visa. Chip cards are far more secure than magstripe cards and have been the standard in most of the world for over a decade. Why the switch to chip cards? Chip cards have proven to be super effective in fighting fraud, particularly in Europe, where roughly 90 percent of credit card terminals are now EMV-enabled. The UK, for example, has seen a nearly 70 per cent decline in counterfeit card transactions since adopting chip cards, according to Barclays’ 2016 study Security in Payments: A Look into Fraud, Fraud Prevention, & the Future.
In an effort to accelerate the adoption of chip cards, on 1 January 2005, the nation changed how banks and processing networks handled certain types of credit card fraud, known as “liability shift”. It served as a driving force for the national adoption of chip and PIN readers that was easy enough for high street retail giants to adopt, and thanks to Square, small businesses can too.
So, what makes chip cards more secure than magstripe credit and debit cards? Chip cards are far more secure than magstripe cards because the data on them is dynamically encrypted when it is inserted into the credit card reader. This makes it extremely difficult for fraudsters to isolate the cardholder data and extract it into anything meaningful. EMV technology has been proven to help fight fraud. Countries that have already switched to EMV chip cards have seen a dramatic reduction in fraud since phasing out magstripe cards.
How do chip card readers work?
Each EMV card has an embedded computer chip that stores cardholders’ bank details. However, unlike magstripe cards, where the payment info is static, chip card data keeps changing, which makes it extremely difficult for fraudsters to extract anything useful. When a chip card is dipped into a credit card reader, the chip and reader communicate with each other in an encrypted language. A new code is created for each transaction and the data is encrypted the moment the card is dipped by the credit card reader application. The encrypted data is then sent to the acquirer as explained above.
But while chip card payments are extremely secure, the processing time is slower than it is with magstripe cards. (All those security checks make the transaction take longer.) This sluggishness can become problematic if your business is one that typically has long lines. Contactless (NFC) payments, on the other hand, are significantly faster. Plus, they’re just as secure as chip cards but much more convenient and are processed in a fraction of the time.
How Apple Pay and Android Pay readers work
NFC stands for “near field communication. NFC (or “contactless”) payments keep your bank info safe with several layers of security. Like chip cards, NFC data is both encrypted and dynamic, which means it changes for every transaction. Apple Pay, Google Pay, and Samsung Pay are all examples of popular NFC payment apps. Many contactless credit card applications, like Apple Pay, have an added level of security because they require a customer’s fingerprint or facial recognition (known as Touch ID and Face ID respectively on Apple) or passcode to unlock the app and initiate the payment. And in the unfortunate case that your phone is stolen, a fraudster wouldn’t be able to get past this fingerprint or facial identification or passcode verification step.
To process NFC payments, customers hold their smartphone over the contactless reader, with their finger on the home button or the passcode entered, and the transaction takes just seconds. For phones that use biometric facial recognition, the user looks at the phone’s front-facing camera until the phone unlocks before placing on the reader.
Apple Pay uses a technology known as tokenisation, which keeps bank info safe. To set up Apple Pay, you take a photo of your credit card within the app. Apple then transmits the card info to your credit card provider. The card provider then swaps out your card info with a “token,” or random series of numbers. The token is sent to Apple, which sends it to your phone. Because the token and not your actual credit card info is transmitted during each payment, your info is safe, and fraudsters can’t do anything with the scrambled info that’s transmitted. A different token is also generated for each transaction. All this makes it extremely difficult for a fraudster to hack.
We’re not your typical merchant service provider. Square charges just 1.75% per insert, or tap, and 2.5% for each manually entered transaction. There are no long-term commitments, hidden fees, or surprises. You don’t need to have a traditional brick-and-mortar store to take advantage of Square’s hardware. We have credit card readers that go wherever you go, so making payments is easy and convenient for your customers. No matter how your customers choose to pay, we’ve got you covered.