Demystifying Cards – 2023 guide to payments and cards

So, you want to understand how to build a modern and competitive card programme that puts your business in the driving seat of digital payments innovation?

Well, you’ve come to the right place.

In the U.K., payments with banknotes declined by 50% between 2010 and 2019 to a mere 15% of all transactions, while card payments across Europe have soared from five billion payments per annum to more than 46 billion since the start of the millennium. 

We believe the future of spending is not only cashless but increasingly digital.

And it’s very much against this background that we’ve developed Marqeta’s Guide to Payments and Cards, in which you’ll find a wealth of information on how to establish or strengthen your position in a rapidly expanding card market.  

You’ll also gain an understanding of the fundamental competitive battlegrounds, such as how to offer a richer core card proposition; deliver faster customer onboarding; make the most of data and insights; and practice the best possible customer service. 

Alongside this are insights from brilliant businesses in the vanguard of modern payments products and services innovation, as well as a handy jargon buster, user-friendly explanation of the card ecosystem and a fascinating record of important technological breakthroughs during the postwar era.  

Importantly, the document can be read from start to finish, or you can simply dip in and out of relevant sections. 

But whatever approach you take, the contents promise to equip readers with the skills and knowledge needed to take advantage of the global migration to non-cash payments, whether that be cards, the emerging subscription economy or embedded finance.

Let’s get started.

How we got here

Before we dive deeper into the card programme world, you’ll need some useful context to the card and payments landscape. For example, how has the card ecosystem evolved into the trillion dollar industry it is today? And, just as important, what trends will shape the card ecosystem of tomorrow?

When you think about the simplicity, ease and convenience of payment cards , it’s a wonder cash has lasted this long. Now throw in technological advances, innovations from the fintech world, changing shopping habits, and a pandemic, and the future of cash is looking ever bleaker. The truth is, using physical currency to pay for goods and services may become obsolete.

“The total number of non-cash payments in the euro area, comprising all types of payment services[2], increased by 8.1% to 98.0 billion in 2019 compared with the previous year, with a total value of €162.1 trillion. Card payments accounted for 48% of all transactions, while credit transfers accounted for 23% and direct debits for 22%.”

Source: European Central Bank

Now, before we dive into what the future might hold for card payments, let’s look at some notable moments in the evolution of modern-day cards.

An example of a truly innovative consumer proposition has to be Lydia – the super-app for your money – as they describe themselves. ‘I’ll Lydia you’ has become a phrase used by millions of French people who use Lydia for payments and reimbursements.

The French fintech scene is full of excellent examples of innovation. France has been so successful at enabling entrepreneurs and innovators to launch and grow their card programmes as part of the wider payments and finance ecosystem

Types of cards

On paper, prepaid, debit and credit card propositions can look strikingly similar as almost all of them use some form of authorisation technology to streamline how a customer accesses funds on a card. In fact, the use cases and characteristics of these similar looking cards are actually a lot more nuanced than you think.

It’s also worth noting that different card networks OR schemes (the central payment networks linked to different types of cards e.g. Visa and Mastercard) have specific product requirements for each type of card. Your card proposition will need to take these requirements into account. Plus, these two card networks each have more nuances depending on whether your proposition is for consumer or commercial use. As technology has evolved, the lines are blurring between product boundaries with a prepaid and debit card often indistinguishable for the cardholder, as the user experience is often similar.

Prepaid (Including gift cards and general purpose prepaid cards)

A single or multi-use payment card with money loaded onto it. Used like a debit card to buy things or, where applicable, withdraw cash up to a fixed amount.

Key characteristics

  • Mainly used for disbursements, welfare payments, travel money, and gift cards.
  • Often a lower barrier is set to identity verification with lower, Know Your Customer (KYC) requirements. KYC is about making sure you can verify your customer’s identity, suitability, and risks of doing business with them. (Due to the reduced risk associated.)
  • Flexible – you don’t need a bank account to be directly linked to the card, but you can use it to make standing orders and other recurring payments and pay a regular salary into it.
  • Popular with fintechs as a quick route to market, plus prepaid flexibility has evolved since the very early pays of this card type.
  • As value is pre-loaded, prepaid is sometimes considered lower risk than debit for the issuer.
  • If not part of a major card network (scheme), coverage, and therefore card acceptance, may be limited.

Real-world example
A £100 rebate card is offered by a phone network to consumers purchasing the latest smartphone. The card is loaded in real-time when the cardholder buys a phone, and is no longer usable once they have spent their £100 value.

Monzo started out as a prepaid top up card, offering favourable rates for those travelling abroad and progressive in-app features. It meant they could launch a product before obtaining a banking license and allowed them to gain invaluable early adopters and learnings prior to launching their current account programme.


A payment card associated with a linked bank account that allows you to buy online and in shops, with payments taken directly from that account.

Key characteristics

  • Commonly offered by traditional banks but also available from many neo/digital banks for both corporate and consumer use.
  • Needs to be linked to an account with an attached IBAN or sort-code/account number.
  • Often comes with the ability to make standing orders, direct debits and set up recurring payments.
  • Frequently allow customers to have an overdraft by arrangement.
  • Don’t require a customer to ‘prefund’ or ‘load’ money onto the card before use as they’re linked to the underlying account.

Real-world example
A digital bank issues a new customer a debit card linked to their current account. The debit card is designed with the bank’s custom logo and can be added into a digital wallet. Worth noting that where a customer’s account is directly connected to a debit card these can be more prone to fraud. A credit card offers a level of protection on transactions as well as a layer of abstraction between a current account and card.

Yapeal – Swiss Challenger Bank – an existing Marqeta client and a leader in Switzerland in challenging the existing traditional consumer banking space – Debit (and Vpay) card issued. Read more.


A payment card that lets cardholders spend money on credit – it’s like having a loan for the amount you spend using the card.

Key characteristics

  • Linked to a revolving line of limited credit determined by the lender’s appetite for risk and the affordability for the customer to repay.
  • Require repayments based on the terms of the credit agreement provided by the card programme owner. Typically, minimum monthly payments but sometimes instalment plans.
  • In Europe, credit cards offer a marginal benefit over debit card issuers as interchange (the charge levied on an acquirer for each transaction) rates are 10 basis points (bps) higher.
  • Usually include other benefits for consumers and businesses such as insurances and loyalty points. These tend to be funded from interchange and the underlying revenues from using credit facilities.

Capital On Tap
Capital on Tap provides credit cards to small businesses in the UK, and have recently launched in Spain and the USA. Their cards are powered by Marqeta.

Physical v Virtual

Physical debit, credit and prepaid cards can all take a virtual form and can be used to make online as well as in-app purchases. You can also make purchases through mobile payment services like Apple Pay, Google Pay and Samsung Pay (See tokenised cards for further information). There are a few characteristics of virtual cards that can make them more attractive than just a standalone physical card proposition.

Key characteristics

  • Has a 16-digit number, an expiry and a CVV (Card Verification Value: the three- digit number on the back of a card) like physical cards, but is stored on your phone.
  • Single-use card numbers generated for each purchase that expire once used
  • A negligible physical cost of creating or sending cards to users
  • Quick to activate and ready to use in minutes
  • No risk of losing a virtual card! (But card security and protection is still paramount)
  • Easy to ‘freeze’ if fraud is suspected or the user’s phone is lost or stolen

Real-world example
A multi-use virtual card is issued to an online retail marketplace who uses it to pay multiple suppliers associated with a large order. The card is loaded with funds only once and is terminated after payments are completed successfully.

Twisto Issue a virtual card as an option for their customers to utilise as soon as the customer has passed KYC, enabling them to transact online immediately. Twisto customers have the option to order a physical card to follow, and card details can be transferred from the virtual card to the physical card.

The card ecosystem

The bedrock of the card ecosystem is the ‘four-party model’. It’s the industry’s accepted framework for processing digital or physical card payments between buyers and sellers. All in a way that’s straightforward, secure, and consistent – from Azerbaijan to Zimbabwe.

If you’re wondering where Marqeta resides, we would fall under the issuer in the card ecosystem in the four party model of Merchant, Cardholder, Issuer bank and Acquirer bank.

But there are other parties involved in ensuring a swift, smooth and seamless transaction flow including the network, which as you’ve probably guessed, connects these parties.

To further highlight where Marqeta sits in this key flow we have included an infographic showing how the other parties in the model interact with each other and Marqeta’s function as issuer processor. We have also included the interactions between parties in the model for authorisation of a transaction, clearing and settlement of transactions, and settlement reporting.

Drilling a bit further, Marqeta’s role as an issuer processor INCLUDES the following key areas:

Raw Settlement Reports
The raw reports that come from merchants via the networks that collate transactions from those merchants your customers have spent at and needs to be verified against the actual authorisations given.

Clearing and Settlement Reports
Clearing – The process of exchanging financial transaction details between an acquirer and an issuer to facilitate posting of a cardholder’s account and reconciliation of a customer’s settlement position.
Settlement – The process by which the network (scheme) facilitates the exchange of funds on behalf of issuers and acquirers.

The transaction authorisations for POS transactions, online and e-commerce transactions, ATM transactions, etc. (Via end-point connections to both Visa and Mastercard.)

Batch Clearing
Transactions for the clearing process are handled in large batches for efficiency rather than handled individually which we process for clients.

Daily Batched Cards
Report sent to the card fulfilment bureau to provide a notification file of physical cards to be printed and sent to your cardholders.

Whenever an event occurs on a card, use near real time notifications to let your end users know.

Gateway JIT (Just in Time) Funding
Marqeta’s version of external authorisation – putting you in full control of every authorisation. Marqeta parses the authorisation message to you, converting ISO to JSON.

Programming Interfaces between our applications and yours provides a much easier framework to communicate requests and makes changes much easier to implement in the future. You can look through our Core APIs are here.

Getting started: The key components of building a card programme

Whether your proposition involves digital banking services, SME lending or point-of-sale financing, there are certain essential components your card programme will need before and after it launches. You’ll need the fundamental building blocks to get up and running but you’ll also need the key components that will support the day to day running of your proposition.

“Our developers looked at Marqeta’s platform and said that’s exactly how they would have built a card issuing and payment processing platform if they were building from the ground up. That’s why we chose to work with Marqeta.”

Daniel Capraro, Co-Founder, CPO – YAPEAL
Watch the video

Fundamental building blocks

Essential elements to launch your programme:

Network (Scheme) licence
Your programme will need a network (scheme) licence before it can start executing payment transactions using a payment network. Either through your own principal membership of Visa or Mastercard or through a BIN Sponsor or Programme Manager.N.b we refer to network and scheme throughout this guide. The terms are interchangeable. Generally in the UK and Europe we tend to use the term scheme, but globally the norm is to use the term network.

Networks (schemes) include Visa, Mastercard, American Express and Discover.

Regulatory licence
Enables you to operate in the jurisdictions and countries you want to. Your card proposition dictates what kind of licence you need. Payment services need a payment institution (PI) licence. Payment services and to issue e-money, requires an e-money institution (EMI) licence.

Usually to issue cards you (or a partner) will require an e-money licence.

Payment processor
A platform, like Marqeta, that connects card programme innovators with card networks (schemes) like Visa and Mastercard. A good payment processor has strong relationships with BIN Sponsors and issuers, and provides the core technologies to enable card issuing and transaction processing.
Card bureau/ provider
If your programme offers physical cards, it’s up to a card fulfilment bureau to bring the in-the-hand manifestation of your programme to life. Card bureaus handle everything from design to manufacture, personalisation, despatch and delivery to cardholders.
Programme management
A provider of a turnkey, end to end card programme is referred to as a programme manager. They bring together all of the building blocks described above and provide all essential elements to launch and run a card programme directly. Further information is provided in the licencing section.

Business-as-usual operations

Ongoing elements your programme will need to consider the following:

Every successful card programme depends on active cardholders. So you may want your programme to attract as many as it can, as soon as it can. This means having a crystal-clear marketing strategy to attract the right people in the demographic you’re targeting. You’ll also need to comply with your card network’s brand requirements – for example, making sure the Visa or Mastercard logo is the right colour and size wherever it appears on your marketing communications. Both networks (schemes) have secured websites containing all these requirements.

Cardholder onboarding
Once you’ve enticed people to join your programme, they’ll need to go through an onboarding process. This will include things like know your customer (KYC) checks as part of anti-money laundering (AML) regulations. It’ll also include collecting and validating data from them securely, before deciding what type of products to give them.
Customer service
An essential component in building your card programme’s ongoing reputation and brand. Happy customers spend more, talk about and recommend products to others, and are more loyal to a brand, reducing churn and increasing their customer lifetime value (CLTV).
Dispute management
Your organisation will need to respond to and manage disputes between customers, acquirers and issuers – by phone, by email, or through a website live-chat function. Every dispute management process is slightly different, so you’ll need to follow your issuer’s specific rules and be mindful that there are also geographical regulatory requirements related to fraud handling. If fraud is suspected, (rather than faulty goods, for example) there is also a reporting requirement.
Fraud management
Technically, issuers (the financial institution) are liable for fraudulent transactions, yet have no immediate control (they retain overall control as the regulated entity but this has been delegated day to day to the programme manager) over how cardholders spend, how they’re communicated with, or a programme’s fraud monitoring processes. As such, issuers have their own risk policies and fraud processes you’ll need to comply with, such as monitoring transactions, managing alerts, and acting on any spikes in fraud.
Programme management
As mentioned above, a programme manager brings together the building blocks mentioned in the section above. Very often they will also offer operational day to day activities as described. The offering will usually be an off-the-shelf and often inflexible solution that will meet network (scheme) and regulatory requirements but will not allow for a quick, agile iteration process and you will be reliant on the programme manager’s resources and speed to respond plus the associated costs for all operational activities, as well as any changes required as you launch and scale.

The licensing question

At first glance, the world of licensing for card programmes might seem impossibly complex. Don’t let this deter you. It’s mainly due to the variety of licences, the different options for achieving your goals, and the overlap between roles and responsibilities, which depends on how you want to set up your card programme.

The trick is to define the objectives and ambitions for your card proposition and then work back from there. For example, what building blocks do you need to put in place to create your card proposition? How quickly do you need to launch? What in-house expertise or financial resources do you have? Once you’re clear on these kinds of questions, the right path to licensing should begin to reveal itself.

It’s helpful to think about your licensing options through three different, but related, lenses: Time, Financial Resources and In-House Resources and Expertise.

There are two broad types of licence – a network (scheme) licence and a regulatory licence. Which you will need will depend mainly on your business model and the size of your card programme as well as your specific business model at launch.

Network (Scheme) licence

You may not need to be licensed to launch a card programme if you’re working with a network (scheme) sponsor and a regulated entity. In fact, they’ll do all the work for you and make sure you’re compliant before you launch. This is often the most viable option for smaller-scale card programmes that don’t have the financial resources or expertise to support in-house operations.

Typical requirements:

  • Less in-house technical or operational expertise needed
  • Smaller compliance team
  • Network (scheme) deposit (smaller capital requirement than a regulatory licence)

Mastercard process

  1. Network (scheme) application form completed, with supporting documents
  2. Customer completes the online License Kick-Off Form
  3. Network (scheme) Account Manager organises a call to present the process and set expectations
  4. Network (scheme) advises the customer about their application

Documents required will include Act of Incorporation or Articles of Association, Regulatory license Financial Statements or opening balance sheet; Anti-Money Laundering (AML) policy, processes and controls, Organisational Chart of Compliance Team
ICA/BIN Request form

The Customer Risk Management (CRM) review process
Mastercard guarantees settlement finality of most processed transactions, so they have a risk exposure to Principal Customers, and CRM manages that risk, including obtaining collateral in some cases.

Principal Customers typically provide collateral, if required, before being set live in the network’s (scheme) systems. The CRM review determines whether and how much collateral needs to be provided by an applicant.

CRM published a document summarising the networks’s (scheme) approach to managing settlement-related credit exposure, including the risk standards applicable to customers, the types of collateral accepted, and the criteria applied to issuers of standby letters of credit and guarantees.

Options include a Standby letter of credit (SBLC) and cash collateral
CRM carries out its review of applicants once a complete license application package has been received.

  • Licensing initial review
  • Legal review
  • AML review
  • Customer Risk Management (CRM) review – could include Collateral placement

Final step – License is granted and ICA and BIN are assigned

Full Access to Mastercard Connect provisioned

Implementation phase with Customer Implementation Services commences and project opened.

The process to go live often takes around 6 months when ICA/BIN and technical parameters are put into a production environment. (From completion of an initial statement of work to go-live.)

Visa process
Proof of eligibility for a Visa License, in the form of either: A copy of license to operate granted by the relevant regulatory authority showing that it is either:

  • Organised under commercial banking laws and authorised to accept demand deposits; or
  • A Payment Service Provider from an EU/EEA Member State or from a country where the PaymentServices Directive has been implemented by relevant national legislation.
Business Plan and Financial Information – Visa Business Programme Plan, including:

  • Issuing: nominal amounts of Card Expenditure Volumes for 3 years
  • Balance sheet, Profit & Loss and Cash-Flow statements
  • Latest interim accounts
    Management details:
  • CV‘s of top managers showing professional experience
  • Details on any other entity providing financial support where applicable
  • 3 year financial forecasts including Balance sheet, P&L and Cash-Flow statements
  • Corporate structure
  • Fundraising plans and business model

Compliance/Anti-Money Laundering For all applications

  • A list of individuals holding 10% or more share of the institution and a list of beneficial owners holding 10% or more of these entities.
  • Latest written Anti-Money Laundering / Anti-Terrorist Financing policy and actual procedure documents
  • Independent Audit Report of the institution’s Compliance control framework undertaken either by:
    The institution’s Internal Audit Department, which must be independent from the company’s operational team or an external Third Party Auditor

In addition:

  • Documented evidence of the company’s organisational profile, including:
    • Company overview, business plan, and strategy
    • Organisational structure charts, including FTEs
    • Risk management
    • Fraud management
    • Chargeback handling
    • Outsourcing, including activities outsourced, data handling locations
  • Documented evidence validating Payment Card Industry – Data Security Standard (PCI-DSS) compliance
  • Documented evidence of the company’s Key Performance / Risk Indicators, including
    • Fraud rate, Chargeback rate and Fraud loss write-off
  • A list of available Management Information reports, Fraud detection capability
  • Fraud detection rule & parameter effectiveness
  • Overall effectiveness of the fraud management function
  • Operational process flow diagram for the issuing business, detailing the transaction process and risk management activities
  • Risk management strategy and policy documentation, including
    • New account on-boarding policy
    • Authorisation policy & parameter change management
    • Fraud transaction detection
    • Fraud application detection
    • Fraud and dispute management
    • PIN production / storage / key management
    • Card production, replacement & distribution
    • Chargebacks / disputes
    • Write offs

Further reading here, which provides more details on the fall-out from the regulated issuer (and BIN sponsor) Wirecard, and several Fintech companies had to migrate away from using the company’s services to support their businesses when Wirecard’s parent company filed for insolvency. Curve are featured here.

Regulatory licence

The type of regulatory licence you need to issue cards depends on your card proposition. So if you’re a bank or credit union and want to hold customer funds, you’ll typically need a financial institution (FI) licence. If you want to offer payment services only, a payment institution (PI) license will typically be enough. And if you want to offer payment services and issue e-money, you’ll typically need an e-money institution (EMI) licence.

Typical requirements:

  • A licence application usually takes six months
  • High staffing levels to administer
  • Large capital requirement
  • Extensive in-house expertise and compliance requirement

Choosing the right licensing route for you

The first point to make is that you don’t need to be a licenced entity to start a card programme. But you will need to operate under a regulated entity or card network (scheme) principal member that has a license for the card services you want to provide. This entity could be either a BIN Sponsor or a Programme Manager (who is a regulated issuer directly, or uses a regulated issuer’s licence.)

Which route works best for your business generally depends on how many cardholders and employees you have.

NB: A recent example of not getting this quite right are Lanistar. They jumped the gun slightly when announcing they were FCA approved and the FCA were quick to disprove that statement. Many in the industry were also skeptical of how an early stage startup would manage to get regulatory approval so quickly as it looked like they were still quite early in their journey and hadn’t launched yet. It may have just been misunderstanding or miscommunication because they later announced that they would have agent approval under a Principal Member (see later) which was an Authorised Electronic Money Institution who did have FCA approval.

Here is the current status (May 2021) on the FCA financial services register, however in November 2020 they issued this warning that was subsequently removed and this article goes into the reasons why.

Whatever happened behind the scenes, it is fundamentally important to understand (or indeed work with a partner who understands) the requirements of the regulator for card issuance into their geographical area of responsibility.

Programme Manager

An end-to-end Programme Manager looks after the day-to-day administration of a card programme. This route allows you to focus on your go-to-market proposition, knowing that everything from onboarding, KYC, AML to fraud and chargebacks is being taken care of. They can manage the commercial or operational relationships with the BIN Sponsor, but as they’re probably a principal member, you wouldn’t need a third-party BIN Sponsor.


  • You can use a PM’s BIN Sponsor and processor contracts to go to market faster (typically 3-6 months, rather than 4-9 months)
  • Lower set-up and ongoing monthly costs compared to other routes
  • Access other services you may need, such as contact centres, multi language support, IVR for card activation, due diligence check for your customers, etc.
  • Know-how and experience of launching and running previous card programmes

BIN Sponsor

The BIN Sponsor route is a quick, easy and compliant way to join a card network (scheme) directly. In effect, you’re allowing an established and regulated principal member to sponsor your product, and therefore access to a card network. If your card programme isn’t your core business, this route avoids the sizeable investment of becoming a principal member, along with the resources overhead and regulatory scrutiny.


  • Use BIN Sponsor’s principal membership to access relevant card networks simply
  • Access to technical, regulatory and compliance expertise
  • The right BIN Sponsor will have the UK and European coverage you need
  • Faster route to market than becoming a principal member
  • A stepping-stone to learning the ropes before becoming a principal member

Principal member

The route to becoming a principal member takes longer and is more expensive. You’ll need to become a financial institution (FI) and go through the process of obtaining your payment institution (PI) or e-money institution (EMI) licence. Once a card programme reaches 50,000 card users, this is typically a critical mass to consider becoming a principal member.


  • Complete control over every aspect of your card programme
  • Bigger margins as you’re running everything in-house
  • Closer relationship with card networks to develop new products
  • Faster and easier route to launch new products
  • Additional revenue streams through licensing and BIN sponsorship opportunities

Agent of a Principal Member

A quicker route to get to market whilst still ticking all the regulatory boxes and good for the short-medium term. This also means that you’ll be partnering with a Principal Member who has regulatory approval to provide payment services or e-money activities. A common way of doing this is to partner with an organisation who provides a key part of the card programme like a payments or core banking platform who are a regulated PI or EMI.


  • Quicker route to market
  • Partnering with a recognised market participant
  • A good short-medium term solution until the programme is more mature and you want to bring more services in-house and apply for principal membership

Worth considering

Launching a card programme requires a specific skill-set, as well as specific knowledge and expertise. So it’s worth asking who in your organisation has this? If no one has, it’s time to bring in specialist help. The networks (schemes) may be able to help and have specifiats teams to offer support, so worth checking with them. There are also many consultancy firms out there who will provide support and guidance. Bear in mind that once live you will need to ensure ongoing compliance with the network (scheme) requirements so consider the right resource for this across your team.

Standalone BIN
You may consider a private (stand-alone) BIN from the outset. It will cost more and take more time and effort for both the project phase and for ongoing programme management, but it gives you flexibility and scalability as your programme matures. So, if in future, becoming a principal member makes commercial and operational sense, you can take your BIN with you and avoid the cost and hassle of extricating yourself from a shared one.
Ask the question of your potential partners – do I get a private or shared BIN if I chose to work with you?

Licensing Strategy
Choose a licensing option that will take you to a defined strategic point:

  • If you change issuer, you may have to re-card. (Not doing so requires the permission of both the new and incumbent issuer.) This involves considerable work and can be expensive.
  • Consider principal membership at the outset if your business has the financial and in-house resources to do so. This route will require you to have inhouse card regulation and compliance expertise from both a network (scheme) and regulatory perspective and will inevitably add to the onboarding time.
  • Don’t underestimate your card proposition from a compliance point of view, so ask yourself if a potential issuer’s compliance rules on reporting and risk fit your business model. Also ask yourself if their commercial model fits your business model.

Partner capabilities
Are your partners innovative, with technology that compliments modern day requirements?

  • Do they offer fully open APIs for you to test their technology before committing any further?
  • Are they cloud based, or do they have legacy infrastructure?
  • Are they able to provide customer testimonies that demonstrate their ability to collaborate, enabling you to build and test a card programme before launching and then continually iterating it as you and your customers require?
  • Aside from their technology, do they have the right people in place who will work with you to create a card programme fit for the future and who understand your value proposition?
  • Are you able to launch in new geographies quickly and with little technical lift?

Choose a BIN sponsor who offers compliance as part of their service. They’ll help make sure you have everything you need in place when you launch.

Regional Availability
Choose a BIN sponsor who already operates in the countries you’re entering. They should know what you need, without you spending large sums to work it out for yourself.

Rewire – Brexit and Passporting
Getting a financial services licence is a big decision in any company’s life. Rewire issued a celebratory announcement stating that it has received an Electronic Money Institution Licence (EMI) in the Netherlands. This article tells you more about why they decided to become licensed, and what it means for them going forward. Read more.

Key costs in building your card programme

Every card transaction involves multiple parties, with each party bearing costs or receiving revenue associated with the part they play. In some cases, different parties share or pass on part of the cost to others in the transaction cycle – for example, when it comes to fraud.

However, whilst looking at the micro costs within the transaction flow is beneficial (refer to a diagram later on maybe in the appendix), it’s macro costs that will be the biggest factor affecting your bottom line once your card programme is live so it’s prudent to understand these early on.

Card production

It costs to design, produce and dispatch a security-compliant physical card. Offset against this though, is the biggest advantage of a modern-day physical card. Each time it’s used, you’re putting your brand in the hand of your cardholders and in the eye of the merchant.

Virtual cards eliminate all costs of card production and dispatch. With virtual, cardholders can start spending as soon as they have a virtual card and app. Virtual cards are also more secure as there’s no physical card to clone or lose.

Tokenised Cards
The tokenisation of a card enables card details to be used in a digital wallet. Tokenisation refers to the process of swapping out the credit or debit card details for a unique, randomised number known as a ‘token‘. The relationship between this ‘token’ and your actual card is stored securely which reduces the risk of your actual card details being stolen.

There is a cost per card for tokenising into a digital wallet – typically, from the payment processor.


A small fee is paid by the acquirer to the issuer on every card transaction. This interchange revenue covers the credit risk associated with, and handling charges of, a card transaction. This interchange fee is capped in Europe at around 20-30 bps or lower on consumer propositions, but on business propositions it’s more like 150 bps (In some cases 200bps.) Is there an opportunity for your card programme to claim a share of this interchange revenue?

Card network (scheme)
Revenue on a card programme starts with interchange. Every time there’s a transaction, there’s interchange revenue. However, the more parties in the ecosystem, the lower your share of interchange will be, so the more parties you can eliminate from the cycle (ie by doing things in-house) the greater your share of this potential income.

Fraud monitoring

While the whole industry wants to minimise fraud, typically it’s the bank that absorbs the cost of fraud. However, in many ways it’s everyone’s responsibility, so to protect themselves they’ll demand card programme owners comply with their risk policies, as well as carry out things such as KYC and AML checks and looking for suspicious transactions or behavior.

Processor costs

The processor bears the cost of card network compliance and certification, which includes issuing cards, processing transactions, and 3D Secure checking.


A core part of any Fintech proposition is the tech. In addition to resources, there are costs around hosting (whether it’s with a cloud provider or on physical hardware), code repositories and other Development/Operations tools (DevOps for short) to consider.

Operations and marketing

“If a card programme is launched but nobody hears about it, did it really exist..?”

A card programme isn’t just about being able to take and make payments. That is at the heart of it. But it’s also about ensuring there are procedures for when things go wrong, cards need to be replaced and customers have issues. It’s also ensuring that customers hear about your proposition and understand what it’s all about. Both operations and marketing incur important costs that can determine the success of the programme.

Additional third-party agreements

Like most technology builds there’s always the question of ‘build it all yourself’ or ‘buy key components off the shelf’. With the rise of many mature fintechs offering key outsourced services like KYC and data aggregation, this pick and mix approach is becoming much more attractive and allows innovators to focus on building a proposition their customers love. Using third-party tools inevitably incurs a cost whether based on user numbers or fixed costs.


An obvious one but you’ll have a team of folks building, managing and marketing your card proposition likely starting off small and growing over time. At the very least you’ll rely on a team of developers, product experts, operations and marketing professionals to get your proposition to market.

Other costs

Bad debt
This is down to the money license holder. Like any business, a card programme creating its own payment products has to manage its own risk and subsequently any debt it’s owed or incurs as a result of doing business.

Monetising your card programme

Overnight successes rarely happen in financial services, so be realistic. Building your brand, reputation, and cardholder numbers takes time. The key is to have a strong card proposition, a deep understanding of your prospective cardholders, and a firm grip of the commercials. Get these right and you can be on the path to profitability.

“Good fortune is what happens when opportunity meets with planning” – Thomas Edison

Active not passive
A common mistake when launching a card programme is to focus too heavily on cardholder numbers. Of course, the more the better, but only if they’re active and using your card regularly. Which would you prefer, 1000 cardholders and 25 regular users, or 75 cardholders and 40 regular users?

The anatomy of a winning proposition
In our experience, a successful card proposition has three key things:

  1. It solves a real-world problem – that could be in the way the card works, what it offers, or how it’s used when compared to its competitors – any of these, alone or combined, could create a unique selling proposition (USP) that elevates a card in the eyes of your audience. Functionally, it could make life more convenient for cardholders, or give them a perceived benefit none of its rivals has, such as an enhanced loyalty programme.
    Here’s a great article by Amna Ahsan for Thorgate that highlights five key problems that Fintechs are working to solve. (Think about generalised experiences that are not tailored to your needs as a consumer, costs that your transactions attract when moving funds across borders and not having access to data in real-time as some examples.)
  2. It offers an emotional value – one that goes beyond its basic function as a payment method. This could be, for example, the financial freedom it brings cardholders. The sense of belonging they feel by carrying it, or the ‘kudos’ or exclusivity it bestows on them in other’s eyes. Or even the pleasure that comes from making the very most of any and all benefits a card programme might offer.
    Monzo (was Mondo) did an amazing job of building a community of users who effectively became marketing evangelists for this Fintech! Everyone wanted a hot coral card and were excited about how this challenger bank was going to take on the incumbents! More on them, and others, in this article written by Judit Toth, UX designer at Dock9 here:
  3. It draws the right crowd – developing a strong product requires a deep understanding of the audience you want to attract. Who is your ideal cardholder, and how will your proposition make their life easier, simpler, better, more enjoyable? As the market’s seen time and again, short-term gimmicks to encourage spend will only take you so far. Long-term success is about making your card the top-of-wallet (primary) choice from the outset.

In this article written by Steven Carr for User there are some excellent tips on customer insight strategy that can help you launch a programme that delights your customers!

Route to profitability

Ultimately, every card programme needs to turn a profit to survive and there are different ways to generate revenue. Of course, your route to profitability will depend on your proposition and your commercial model. Put simply, the more outsourced components you need to run your card programme, the fewer sources of income you’ll have and the smaller the margin you’ll make. Here are the most common ways card programmes create revenue.

This is a fee the acquirer pays to the issuer for every credit or debit card transaction. Often confused with the merchant service charge (MSC) which is what retailers pay their acquirer for accepting card payments. It’s a cost redistribution (and a contentious one) that is intended to compensate issuers for the costs and risk of providing the cards. The question is: are you entitled to this interchange or a share of it?

Other factors affect interchange rates:

  • Capped or not?
    Interchange rates for Consumer cards in the EEA are capped under regulation (IFR) by the European Commission. This is as of the time of publishing a maximum of 20bp for Debit/Prepaid and 30bp for credit. Some domestic regulation has capped the Debit rates even lower.
    Note: these quoted rates are rumoured to be changing with the advent of Brexit.
  • Risk
    If not capped by regulation (such as commercial cards or non-EEA locations) then other aspects will influence the interchange rate.
  • This typically comes down to risk and complexity: a higher risk transaction such as e-commerce or signature rather than EMV+PIN would attract a higher interchange rate.
It’s worth mentioning that no modern-day card programmes rely on interchange alone to succeed and look to other ways to generate revenue. Challenger banks looking to break-even are seeking to monetise their consumer card programmes in a way that does not rely on interchange as being a material portion of their total revenues. For corporate programmes interchange remains a revenue generator with rates typically around 1.5% – 1.8%.

Monthly fees
These days, many banks charge a monthly fee for having a current account, so people are used to it although in some markets like the UK, free banking is still the norm. The question is, can you build value into your proposition that cardholders are happy to pay for – for example, concierge services, rewards, or other benefits such as travel or phone insurance? Many challengers have been down this route, and not all successfully.

As you gain more cardholders, the chances are you can cross-sell other financial services such as insurances, savings and mortgage products, or even other types of cards. But financial services is heavily and increasingly regulated. So the trick is to take advantage of potential revenue opportunities in a compliant yet profitable way.

You likely have a proposition that is solving a real world problem (as mentioned before) and a core set of features and available products for customers. As such it won’t necessarily have every single available product available from day one. Initially it might be beneficial to offer other organisations’ products to benefit your customer base but get a referral fee for every customer who uses that partner’s product.

Network Incentives
In some cases the networks (schemes) will consider offering monetary incentives for hitting certain targets like active customers, monthly transactions or international transactions. In cases where targets are reached, the networks may reward the card programme with a bonus payment or discount on fees owed. As part of your evaluation process when selecting the network (scheme) you chose to work with, a keen eye on these incentives will be vital.

Forex income
In the past, income from foreign exchange (FX) transactions provided a decent extra revenue stream for many international card programmes. But in recent years, FX revenue has become a battleground as issuers have added in their own margins, plus other fees and charges. In our view, it’s only when you exceed a fixed monthly minimum that it may start generating any worthwhile revenue, which can be commercially prohibitive if you’re just launching. Alongside competition, further regulatory scrutiny has also been brought on this revenue stream by the European Commission with a requirement to provide transparency and information on FX transactions (known as “CBPR2”).


Marqeta partners with both Swissquote and Payhawk who each attract forex income as part of their card programme offering. They both add a fee at the network side that is then passed through to Marqeta in the transaction message that Marqeta receives from the network (scheme) and we simply pass this on so that Payhawk and Swissquote respectively can charge their customer.

Many card programmes have interchange as their main revenue stream. But as your card programme grows and gains more customers this doesn’t have to be your sole source of income. As you get product market fit you can look to pull on some of the other revenue generating levers detailed above to get to profitability. Maybe you decide to offer savings pots because that’s the clear customer feedback. You partner with a savings firm to offer a pot with an interest rate and have a referral fee mechanism for every pot created. Or, you notice that a section of customers are also entrepreneurs and would like business features like tax calculators and multiple spending cards for employee expenses. This could be offered as an additional account with a monthly business fee.

Which levers you pull and when will depend on your customer base and what the strategy of the business is.

Fraud, decisioning and authorisation

Unfortunately, wherever you find financial services you’ll find some level of fraud or attempted fraud. And it’s the same in the card payments sector – especially when a new card programme goes live.

Fraudsters know this is when a card programme is at its most vulnerable, so it’s essential to get on the front foot to tackle fraud and build it in as a key pillar of your business strategy.

You may want a payment processor that offers real-time access to controls so if you identify fraud you can respond immediately, rather than having to go through your processor. You may also want a payment processor that allows you to get involved in both decisioning and transaction authorisation.

Put simply, you may want to make sure you have the agility and processes to be able to change rule sets immediately – from day one. Consider choosing a partner that enables you to change fraud rules in real time to respond to threats. Also consider whether you want to be part of the authorisation flow of a transaction. This is possible with modern issuer processors like Marqeta, for example. We call it gateway Just In Time (JIT) funding. It is often referred to as external authorisation more broadly. This puts you in full control of the authorisation of every transaction and combined with a fraud tool this can be a very effective way to mitigate fraud. More on this later.

Controlling card usage and spend in real-time

We think it’s important to be able to set up the parameters of who, where and how cardholders can use their cards, using APIs in real-time. That way you can accommodate rapid change and offer an array of configurations at individual card level. Consider looking for a processor that offers dynamic spend and velocity controls, so you can have power over where a cardholder spends – for example, by country or merchant type (no gaming or alcohol, for example). Or how many times, or how much, cardholders can spend on travel or withdraw from an ATM over a pre-defined time period.

You can layer these controls together. The trick is to set controls that are flexible enough to accommodate cardholder behaviour to ensure a good payment experience, while mitigating fraud in line with your business objectives.

Putting some of these card controls in the hand of the customer is also becoming more commonplace. They may wish to pause e-commerce transactions, ATM or contactless, for example.

A notable case is Monzo including a Gambling Block option as part of their card controls area. The intention being to give those people with gambling problems the option to completely block gambling transactions.
Large financial institutions are also sitting up and taking note of customer demand for more control of their card. Santander, for example, has recently launched several new in app capabilities. View PIN, report a card lost or stolen and PIN not working functions have all been added to the app.

Real-time fraud

We think it’s about detecting fraud as it happens rather than ‘reactive identification’ that reviews transactions after they’ve occurred to spot fraudulent activity. Using machine learning and behavioural analytics to predict, prevent and manage fraud and financial crime, the latest solutions cover things ranging from application, card and payment fraud mitigation to merchant monitoring and anti-money laundering. It’s essential all this is up and running before you launch, as day one is when fraudsters will be testing your systems looking for weaknesses to exploit.

Flexible decisioning

Further information on intelligent and real-time authorisation of transactions can be found in this blog.

Taking part in the authorisation process
Your card programme can benefit if you can automate certain processes, access near real-time data, and have the ability to add functionality to the authorisation process. So let’s look at the transaction components that can give you real control over an authorisation.

Simplifying legacy challenges
Authorising transactions from Visa and Mastercard means working with the ISO 8583 standard messaging format. But integrating this complex messaging standard into your card programme can be a headache for developers and time-consuming. The good news is that some processors will convert ISO 8583 into a much more user-friendly open JSON message format, eliminating the need for your developers to build an integration altogether. This can free up your resources to focus on building a compelling customer proposition.

Managing risk and minimising fraud
Who controls decisioning? As mentioned, some processors allow you to define your own rules on their platform and notify you of any breaches. So on top of any 3D Secure solution, you may need some kind of algorithm-based fraud engine at the front end of the transaction-authentication process to score each transaction for potential fraud. If you know there’s a high propensity of cards being attacked in certain merchants in a particular country for example, you can change the rules around decisioning to help minimise the risk.

Involving you in the authorisation decision
Once a transaction has passed dynamic spend and velocity controls and a fraud-decisioning engine, your processor can authorise on your behalf or, if you prefer, involve you directly in the decision using just-in-time (JIT) gateway functionality (Marqeta’s version of external authorisation.) This gives your card programme the ability to approve or decline a transaction using real-time business logic.

The power of real-time

As an existing or prospective card programme owner, how do you bring the real-time experience to life? At Marqeta, there are a number of ways we’re helping to support this, including through the use of webhooks and by allowing three seconds for authorisations. Our blog provides more detail here.

Top tip: How can you use real-time for real action?
Ever used the wrong CV2 code making a purchase online? Challenger bank Starling use their real-time authorization data to help their customers transact by reaching out with in-app notifications. Should you key in the wrong details with a merchant you’ll be told why the transaction was declined and prompted to check your CV2 in the app.


Risk and fraud analytics
Once a transaction decision has been made, it can be useful to update your cardholders. For example, you might want to confirm their purchase (from a fraud mitigation perspective), or tell them why their transaction was declined, or simply help them understand their spending habits. Using real-time information in this way can help you provide the best possible real-time user experience – which we believe to be an essential ingredient in any successful modern card programme. With the increased regulatory requirements from the second Payment Services Directive (PSD2), customers will need to authenticate their transactions much more often so using this real-time information can become more important to provide seamless customer experience.

Lendable uses Marqeta’s proprietary 3DS solution in conjunction with their rules based fraud decisioning for transactions. These rules were intentionally set quite conservatively for initial launch and have been refined over time. In addition to these controls Lendable have a suite of transaction monitoring tools to highlight unusual account behaviour.

Not having data to look at from the start was a challenge. The machine learning tool needed data input in order to work properly, so access to fraud data from the off is incredibly useful and something Marqeta is looking to provide in the short term, via a third party.

Lendable uses a variety of third parties for fraud and AML screening. As with transactions this process has been refined over our launch period. In addition to this further protection gained from fraud from controls on our introducers side.

Launching a card programme

Regardless of whether you already have a license, or whether you’re going to use a BIN Sponsor or Programme Manager, you’ll need to go through the same launch journey.

Typically, this can take around six months, but can be helped or hindered by various factors. For example, your approach to licensing and network membership: will you take the faster route and piggy-back off another entity’s licence or apply for your own? Will you go for principal network (scheme) membership or use a BIN sponsor? And what kind of cards will your programme use – physical or virtual?

High-level launch schedule

We think it’s important to be able to set up the parameters of who, where and how cardholders can use their cards, using APIs in real-time. That way you can accommodate rapid change and offer an array of configurations at individual card level. Consider looking for a processor that offers dynamic spend and velocity controls, so you can have power over where a cardholder spends – for example, by country or merchant type (no gaming or alcohol, for example). Or how many times, or how much, cardholders can spend on travel or withdraw from an ATM over a pre-defined time period.

You can layer these controls together. The trick is to set controls that are flexible enough to accommodate cardholder behaviour to ensure a good payment experience, while mitigating fraud in line with your business objectives.

Putting some of these card controls in the hand of the customer is also becoming more commonplace. They may wish to pause e-commerce transactions, ATM or contactless, for example.

A notable case is Monzo including a Gambling Block option as part of their card controls area. The intention being to give those people with gambling problems the option to completely block gambling transactions.
Large financial institutions are also sitting up and taking note of customer demand for more control of their card. Santander, for example, has recently launched several new in app capabilities. View PIN, report a card lost or stolen and PIN not working functions have all been added to the app.

Fintech accelerator programmes
The payment networks have recognized that new participants want to move quicker and both have undertaken work to streamline their application processes for the new generation of Fintechs.

Visa’s Fast Track accelerator programme includes a partner toolkit to help fintechs grow faster. It also includes a certification programme, which makes it easier for fintechs to connect with certified partners for digital issuance and other key services.

Mastercard has its own equivalent. Mastercard Accelerator covers a wide range of support for fintechs at different-stages. Programmes include Mastercard Start Path, Mastercard Developers, Mastercard Engage, and Fintech Express Europe.

You’ll need to apply to join both Visa and Mastercard networks (schemes.)

Technical onboarding responsibilities

Every card programme has four necessary components. The entity hosting the card programme, the issuing bank licensed with the card networks, the processor integrated and certified with the card networks, and a card provider, also certified by the card networks. Together, these components form the required capabilities that allow card programmes to issue cards to their customers.

Martin Magnone, CEO & Co-Founder of Tymit, offers this advice:

  • Users expect the best from day one. Cardholders are extremely sophisticated and expect access to advanced features and frictionless services from day one. The moment they onboard, they’ll demand advanced payment options, Apple Pay and Google Pay, rich data, aggregation and more.
  • The big fintechs keep raising the bar. The first wave of card-based fintechs, like Monzo and Revolut, built their features over years, but these features are now just the price of admission. Your offer will be constantly compared to theirs, even as they continue raising the bar with release after release.
  • Find a processor that can work quickly. Look carefully at their capabilities and make sure they can provide the features you need quickly and cost-effectively. Check their infrastructure supports continuous innovation, because regularly creating value for customers in new ways is fast becoming business critical.

A World of opportunity

Imagine your card programme’s up and running, your commercial model is working, and your brand is building. What happens next? One option might be to expand your card programme internationally to reach new markets.

It’s often a conversation many start-ups overlook as they’re focused first on launching and then on getting established. But it may be worth making sure the partners you’re working with – for example, your BIN Sponsor, payment processor and card bureau – can support any foray into new markets.

Of course, it may not happen, but it may be worth future-proofing your card programme in case the opportunity arises and you need to move quickly to scale somewhere else. With the right partners on board, you may be able to land and expand in a new country or territory in days and weeks, not months and years.

Again, it’s about choosing who to work with carefully. Does your BIN Sponsor have a European licence? Can you produce physical cards in the region you’re expanding in? Does your processor offer frictionless international expansion capabilities, without compromising in other areas such as dynamic spending and velocity controls and fraud prevention and monitoring?

Expansion considerations

  • Local Switches (technical integration considerations)
  • Redsys in Spain are in theory are not a domestic scheme but are acquirer processors with a massive share of the Spanish market, representing c.90% of the acquiring transactional volume. If you ar elaunching in Spain as part of a European expansion you will need to consider this as part of the overall transacton flow.
  • Carte Bancaire (France) and Bancomat (Italy) are always co-branded, meaning they’re also Visa/Mastercard network enabled. As such, if a domestic transaction is being processed it goes through the domestic scheme rails, if it’s abroad (or if the acquirer is not using those domestic schemes) then the transaction is routed to Visa/Mastercard.
  • All domestic schemes tend to have better acceptance rates in general, as there’s more trust between the parties (issuers, acquirers, issuer processors and merchants) and less suspected fraud.
  • These domestic schemes work pretty much as a membership association, so in terms of entry requirements normally you’d need to be sponsored by a member and have a locally incorporated branch of your company.
  • SHVA is the name given to the ocal switch/metwork in Israel, who dominate Israeli card payments, so much so that Mastercard acquired a stake in them!
  • Further information regarding payment switches and gateways can be found here.
    • As well as local and domestic arrangements for these types of different switches and acquiring arrangements, local regulatory considerations must be well understood. Whilst passporting arrangements cover much of Europe, it’s a myth that domestic, per country regulations do not apply.
      • BAFIN is the german regulatory body
      • AMF is the Franch regulator
      • The FCA is the UK regulator
    • It is vital that when considering launching or expanding into a new geography that you are aware of the domestic nuances of that market, with regulation and compliance being paramount to that knowledge gathering.

Our partner Lendable had this advice:

  • Our key building blocks when considering launching a card programme in a new geography are as follows:
    • Evaluate what needs to be added to the product offering for a launch in a new geography
      Licensing requirements – to be applied for and obtained, or to work with a partner who has the right licensing requirements already in place
    • Commercials – Lendable have an established P&L so how this fits the new market will be considered
    • Evaluate competitive environment – APRs for credit card facilities, Cashback facilities, market dynamics and size of opportunity
    • How Marqeta can support this expansion given our growing global presence

Jargon buster

Both networks provide glossaries which mention network (scheme) specific terminology as well as more general industry terms.

The Mastercard glossary can be found here, and the Visa glossary is here.

For a summary of more general and regularly used terms please see below:

3D Secure (3DS)
Created by Visa and MasterCard, 3D Secure also referred to as 3DS is a technical standard that adds a layer of security in online credit and debit card transactions.

Different card networks developed their own 3D Secure transaction products:

  • MasterCard SecureCode
  • Verified by Visa

The card acquirer is a member of a card network (scheme) that enters into an agreement with a merchant and maintains its account to accept payments. As such, it acts as an intermediary between the merchant and the international payment systems. The card acquirer enables merchants to accept card payments. Also, one of the four in the four-party model.

Agency Banking /Digital Banking / banking light
An agency banking partner is a third-party which carries out certain banking services on behalf of a non-banking entity. They can usually provide BACs, Faster Payments, and Direct Debits that their clients can then in turn provide to their end customers.

Anti-Money Laundering, AML, is the term used to describe the tools and techniques to prevent criminals from depositing their illicit funds into the financial system. AML tools will analyse habits and transactions to spot where money laundering is occurring and further review these risky transactions.

APIs are application programming interfaces, a set of instructions and tools that enable software developers to create applications that can interact with another company’s systems. For example, by connecting to a bank’s API, a fintech startup could develop a mobile phone app that moves money in and out from the accounts of a bank’s customers, or simply lets them check their balance.

A key part of the card transaction flow. When a customer attempts to use their card to purchase goods or services, the merchant’s acquirer requests authorisation for the transaction from the customer’s bank or issuer processor. This involves a number of steps including the bank/processor verifying the validity of the payment, checking funds and performing fraud checks on the merchant and transaction itself.

BACS (Bankers’ Automated Clearing System)
One of the traditional UK payments schemes used for bulk, high volume, regular retail payments and with T+2 day settlement.

Bank Identification Number (BIN)
The term bank identification number (BIN) refers to the initial set of four to six numbers that appear on a payment card. This set of numbers identifies the institution that issues the card (regulated issuer) and is key in the process of matching transactions to the issuer of the card.

Basis points (bps)
A common unit of measure for interest rates and other percentages in finance. One basis point is equal to 1/100th of 1%, or 0.01%.

BIN Range
A BIN’s digits or ‘range’ allow issuers to separate a BIN for the country and currency allocation and identifies a company issuing a card or a specific product.

BNPL (Buy Now, Pay Later)
Short term, Point of Sale credit arrangement allowing customers to spread the cost of a single payment across a number of weeks or months.

Card Fulfillment
This term refers to the physical creation and provision of physical cards. The organisation is often referred to as a card fulfilment bureau, and they are responsible for providing the physical cards (with chip profiles defined to coincide with scheme and regulatory requirements based on the card type – credit, debit or prepaid) and sending these to customers. Card design is another key area of focus, again in line with network/scheme requirements.

Examples include Idemia and Tagnitecrest.

Card Network/Card Scheme
The terms network and scheme are interchangeable depending on where in the world you happen to be. The US refer to networks – The UK and Europe tend to refer to a card scheme. The role of a card network (scheme) is to facilitate transactions between merchants and card issuers. To do this, card networks create virtual payment infrastructures and charge merchants interchange fees for processing consumers’ card transactions. The card network pays the acquiring bank and the acquiring processor their respective percentages from the remaining funds. The acquiring bank credits the merchant’s account for cardholder purchases, less a “merchant discount rate.” The issuing bank posts the transaction information to the cardholder’s account.

Card PIN
Personal Identification Number or PIN which is usually 4 digits used to secure a customer’s card to ensure that only they are able make payments using that card at merchants requiring chip and pin

Card Programme
The term that covers all elements encompassing a card product. From licensing to scheme membership, marketing to card launch, operational activities, strategy and profitability.

Card Programme Manager
The entity that manages all the parts of the card programme including strategy, arrangements with vendors and schemes, understanding of the route to profitability, marketing strategy and all of the other key relationships. For card programmes that have underlying accounts and are created with and issuing bank, the programme manager will also understand and map out the structure of the profit centre and the store of value (where actual monies are held in a ledger).

Card Verification Value/Card Verification Code (CVV/CVC & CVV2/CVC2)
A verification value usually on the back of physical cards (and usually displayed on the back of virtual cards as well for consistency). Whilst Card Numbers and Expiry dates are allowed to be stored by merchants to allow a more seamless purchase journey for returning customers, CVC2/CVV2 is unique to the card and used to further verify the customer during a purchase. The key difference between CVV1/CVC1 & CVV2/CVC2 is that the 1st iteration of verification numbers were embedded as part magstripe along with the card number and expiry which meant that fraudsters could steal all the magstripe data and imprint duplicate cards using this complete profile of your card.

Now the more prevalent usage, especially in european countries, is to use Chip and PIN/contactless for in-person transactions and Card Details + CVC2 for online purchases. The addition of a PIN only known to the cardholder therefore acts as an additional layer of security.

NOTE: For VISA/MasterCard CVC2 is 3 digits and for American Express is 4 digits.

Person the card is issued to from the issuer. Also known as the customer and is the person who applied for, funds and makes transactions using the card. Also, one of the four in the four-party model

CHAPS (Clearing House Automated Payment System)
Another of the traditional UK payments schemes used for same day transfers of large, valuable payments with no upper limit. Used for things like house purchases and other large, high value transactions.

Where funds are returned to the payment card and sometimes through a dispute resolution process. The most common chargeback case is where goods are returned and the merchant initiates a chargeback which refunds the customer in the amount originally paid for the goods. Customer initiated chargebacks are often for unrecognised payments (sometimes fraudulent) or for goods or services not received.

Chip and PIN/EMV
Chip and PIN refers to the combination of the EMV Microprocessor Chip embedded within the card and the PIN used to allow the chip to transfer information and transact at merchants. EMV is short for Europay, MasterCard, Visa who were the founders of the EMV technology back in 1994.

The process of exchanging financial transaction details between an acquirer and an issuer to facilitate posting of a cardholder’s account and reconciliation of a customer’s settlement position.

Cross-Border Payments
Transactions where the initiation of the transaction and the recipient of that payment are in different countries. These can be between people, companies or financial institutions.

Article 2(2) of Directive 2009/110/E : “electronically, including magnetically, stored monetary value as represented by a claim on the issuer which is issued on receipt of funds for the purpose of making payment transaction, and which is accepted by a natural or legal person other than the electronic money issuer”.

Prepaid cards are a good use case example for e-money storage. There is no underlying bank account associated with the card, and when you top up a prepaid card the funds are represented as an amount you have available to spend

E-Money Directive (EMD/EMD2)
The legislation that regulations e-money activities and payment services in the EU to provide more service electronic money services and encourage more competition

E-Money Institute
Financial institutes authorised to provide e-money services (providing they have an e-money licence.

E-Money Licence
A licence required by EMIs which allows them to issue and redeem electronic money.

EMD Agent
An agent of an E-Money Institute. Delegated authority to provide the same services as the partner institute and operating under their E-Money Licence

Faster Payments
A relatively new (since 2008) bank payments scheme which is a 24/7 real time system for low-value payments up to 250k.

The aggregation of the words ‘Financial’ & ‘Technology’. The term Fintech broadly covers technology that improves access, automation or delivery of financial services. Things that fall under this broad spectrum include cryptocurrency, digital banks, financial data aggregation, embedded finance, POS lending, data focussed credit agencies and many more…

The online payment network is often called the Four Party model (even though there are more parties involved). The Four Party model covers the entities involved in a transaction. The model includes the Cardholder, Merchant, Issuing bank and Acquiring bank, but forgets the network (scheme).

International Bank Account Number used to make and receive payments across countries. It’s usually a combination of the account number and sort code as well as additional characters that make it unique.

The percentage of each transaction paid by the Acquiring Bank (who the merchant banks with) to the Issuing bank (who issued the card to the customer). Interchange is paid to the Issuing bank to cover the risks and costs they incur during the card payment process like fraud checks and transaction authorisations.

The issuer, or issuing bank, is the cardholder’s bank, which is a regulated entity.

When a consumer makes a purchase with their card for a product or service from a merchant, this information is passed to the acquirer which then references the relevant card scheme and the issuer to collect funds. The issuing bank is the intermediary between cardholders, card schemes, and acquirers. The information sent from the issuer determines whether the payment from the customer is accepted or not. Also, one of the four in the four-party model.

Issuer processor
Marqeta is an issuer processor. The technology layer that sits between the Card network and the Issuing Bank/Banking platform/Card Programme. The issuer processor provides a number of key component capabilities such as Card Issuance, Payment Processing, Authorisation stand in, processing of clearing and settlement files from networks and is the technical gateway into the card payment flow.

Just-in-time funding
Standard functionality of the Marqeta offering that allows you to automatically fund a card in real time during the transaction process. This means that customers don’t have to retain large amounts of cash on the card and can retain a zero balance but still use the card for payments. Cards always have a zero balance until a transaction is authorised and funds move as part of the e-money flow.

Know Your Client/Customer. A process to ensure businesses identify and verify the identity of their clients, for anti-money laundering (AML) purposes.

The strip of magnetic tape on the back of cards that stores card information and is captured when swiping or dipping at a merchant terminal.

The traditional definition of a merchant is a “person or company involved in wholesale trade”. In the card ecosystem the merchant is just the person or organisation where you use your card to transact in either goods or services. Also, one of the four in the four-party model

Merchant Service Charge (MSC)
The charge that the Merchant pays, usually a minimum fee as well as a per transaction percentage charge on debit and credit transactions.

Mobile/ Digital wallet
A mobile or digital wallet is a way to carry your credit card or debit card information in a digital form on your mobile device. Instead of using your physical plastic card to make purchases, you can pay with your smartphone, tablet, or smartwatch. This can be either using cryptocurrency or real money which is often pre-loaded onto a digital account.

In theory, it is safer to use than a physical credit or debit card as the owner does not need to reveal their account number at point of purchase, and even if someone was able to intercept the transmitted encrypted information, they could not re-use it to authorise further payments. Examples include GooglePay, Apple pay and Samsung Pay

Near field communication (NFC)
This is the technology behind digital wallets, tap to pay cards and tapping a debit card vs an Oyster card to pay for the tube. It is a set of communication protocols that enable two electronic devices, one of which is usually a portable device such as a smartphone, to establish communication by bringing them within 4 cm (2 in) of each other.

Neo/Digital Bank
Neobanks are digital banks who operate entirely online and have no physical branches and are often app based. Starling, Monzo and Revolut are notable neo/digital banks in the UK.

A card network sets the terms of card transactions as well as transfers payments between cardholders, merchants, and their respective banks. When a cardholder uses their card to make a purchase they are requesting that their card issuer pay the merchant. But that payment first has to go through a card network (scheme).

The networks pass information between the merchant’s acquiring bank and a card issuer (the financial institution that issued a card on behalf of a network like Mastercard or Visa) to decide whether or not to facilitate the purchase.

Open banking
A term used to refer to the use of open APIs by banks to enable third party software developers to create applications and software using the bank’s data. Open Banking gives customers access to their banking data via third-parties so they can view account information and initiate payments.

PCI-DSS Compliance
Payment Card Industry Data Security Standard is the set of 12 requirements that helps enforce the security of cardholder information and reduce fraud. Adherence to the standard is applicable for any stakeholders in the payment process handling card information and is governed by the Payment Card Industry Security Standards Council.

Physical card
A physical card is typically made of plastic, although metal and wood have seen a recent uptake in demand and contains an electronic chip that is ready by card readers and ATMs. The card often features the company branding as well as the name of the cardholder, PAN, CVV, date of expiry and a signature strip. Some physical cards are contactless enabled.

POS or Point-of-Sale traditionally refers to the physical location the card payment was made. Historically this was at the physical merchant terminal using swipe, chip & PIN or contactless but POS also covers online payment portals at e-commerce sites.

Primary Account Number (PAN)/Card Number
14,15 or 16 digit number on a payment card that’s commonly referred to as the Card Number. This is the number that uniquely identifies the card and is often embossed on physical cards.

Principal Member
A Principal Member is a financial institution that directly participates as an issuing and/or acquiring member of the Mastercard or Visa networks/schemes. The process to apply for principal membership is described in The Licensing Question section.

Processor (acquirer processor, payment processor)
An organisation that provides payment processing services such as Authorisation, Settlement and clearing. They, like the Issuer Processor, will be connected to the networks.

Second Payment Services Directive OR Revised Payment Services directive is an EU regulation designed to contribute to a more integrated and efficient European payments market, make payments safer, increase the consumers’ protection and foster innovation and competition while ensuring a level playing field for all players, including new ones. It’s given rise to an Open Banking ecosystem in Europe.

SEPA (Single Euro Payments Area)
An EU payments initiative aiming to make Eurozone payments easy and cheap by creating a single market for EURO denominated payments. A big step in achieving this goal is the creation of 3 SEPA payments schemes: SEPA Direct Debit (SDD), SEPA Credit Transfer (SCT), SEPA Cards Framework (SCF)

The process by which the network (scheme) facilitates the exchange of funds on behalf of issuers and acquirers. Clearing is a prerequisite for settlement.

Tokenisation is the process of turning a meaningful piece of data, such as an account number or card number (PAN) into a random string of characters called a token that has no meaningful value if breached. Tokens serve as reference to the original data, but cannot be used to guess those values. The tokenisation process is used when converting card data for use in digital wallets, such as apple pay.

Transaction Monitoring
The process of regularly monitoring transactions to ensure compliance with anti-money laundering legislation and spot fraudulent activity on a card or account

People or businesses that have little or no access to mainstream financial services. The World Bank estimates that there are 2 billion adults worldwide without access to formal financial services.

A privately held company with a valuation of over $1billion. A Fintech Unicorn is just a unicorn in the Fintech industry i.e Starling Bank

Virtual card
A ‘virtual’ version of a physical card. Essentially a digitally stored card number, expiry and CVV that is usually secured on a customers mobile app or online portal. Works the same way as a physical card except it’s unable to be used in Chip and Pin devices but can still be used for contactless payments when tokenised. Beneficial as new card numbers can be used at potentially risky merchants therefore protecting the funds stored on account.

VPay is a Single Euro Payments Area (SEPA) debit card for use in Europe, issued by Visa Europe. It uses the EMV Chip and PIN system and may be co-branded with various national debit card schemes such as the German Girocard or Italy’s PagoBancomat. The VPay card system competes with Mastercard’s Maestro debit card product.

Additional resources

If you would like further insights and inspiration we’d recommend the following links, books, influencers, websites and any associated content that may help you plan your journey into the world of card issuing!

Book recommendations

  • The FINTECH Book‘ explores profitable opportunities by Susanne Chisti and Janos Barberis
  • Breaking Banks‘ profiles fintech’s entrepreneurs by Brett King
  • Banking 4.0’ by Brett King
  • Smarter Banks‘ shows how fintech is used in the real world. Why Money Management Is More Important Than Money Movement to Banks and Credit Unions by Ron Shevlin
  • Digital Bank‘ – Strategies to Launch or Become a Digital Bank by Chris Skinner
  • The Age of Cryptocurrency‘ explores the significance of the blockchain by Paul Vigna and Michael Casey
  • ‘The End of Banking: Money, Credit, and the Digital Revolution’ by Jonathan McMillan
  • ‘The Fourth Industrial Revolution’ by Prof Klaus Schwab
  • ‘The Anatomy of the Swipe: Making Money Move’ by Ahmed Siddiqui

About Marqeta

Marqeta powers modern payment solutions for companies, innovating new services and process flows in a digital world.

Our platform, open API, and advanced analytics provide unprecedented control for companies to issue cards, authorise transactions, and manage payment operations with ease. Highly configurable, secure, and reliable, Marqeta built its technology from the ground up to help companies bring products to market faster, design seamless user experiences, streamline purchase flows, and reduce fraud risk.

We enable modern payment solutions for:

  • Instant card issuing of virtual, tokenised, and physical cards
  • Real-time funding using our exclusive Just-in-Time (JIT) Funding feature
  • In-app provisioning to digital wallets and customisable webhooks
  • PCI compliance tools
  • Actionable data insights, reporting, and advanced analytics tools with our applications

Marqeta’s mission is to become the global standard for modern card issuing.

*This publication is intended to be used for informational purposes only. The views and opinions of third parties expressed in this publication are those of the respective third parties and do not necessarily reflect the views or opinions of Marqeta. Links to third party websites do not constitute endorsements and we do not control or have any affiliation with the content of third party websites.

Contact us

See solutions for your region

🇬🇧   UK & Europe Continue

See solutions for your region

🇺🇸   United States Continue

See solutions for your region

🇦🇺   Australia Continue