Well, you’ve come to the right place.
In the U.K., payments with banknotes declined by 50% between 2010 and 2019 to a mere 15% of all transactions, while card payments across Europe have soared from five billion payments per annum to more than 46 billion since the start of the millennium.
We believe the future of spending is not only cashless but increasingly digital.
And it’s very much against this background that we’ve developed Marqeta’s Guide to Payments and Cards, in which you’ll find a wealth of information on how to establish or strengthen your position in a rapidly expanding card market.
You’ll also gain an understanding of the fundamental competitive battlegrounds, such as how to offer a richer core card proposition; deliver faster customer onboarding; make the most of data and insights; and practice the best possible customer service.
Alongside this are insights from brilliant businesses in the vanguard of modern payments products and services innovation, as well as a handy jargon buster, user-friendly explanation of the card ecosystem and a fascinating record of important technological breakthroughs during the postwar era.
Importantly, the document can be read from start to finish, or you can simply dip in and out of relevant sections.
But whatever approach you take, the contents promise to equip readers with the skills and knowledge needed to take advantage of the global migration to non-cash payments, whether that be cards, the emerging subscription economy or embedded finance.
Let’s get started.
Before we dive deeper into the card programme world, you’ll need some useful context to the card and payments landscape. For example, how has the card ecosystem evolved into the trillion dollar industry it is today? And, just as important, what trends will shape the card ecosystem of tomorrow?
When you think about the simplicity, ease and convenience of payment cards , it’s a wonder cash has lasted this long. Now throw in technological advances, innovations from the fintech world, changing shopping habits, and a pandemic, and the future of cash is looking ever bleaker. The truth is, using physical currency to pay for goods and services may become obsolete.
“The total number of non-cash payments in the euro area, comprising all types of payment services[2], increased by 8.1% to 98.0 billion in 2019 compared with the previous year, with a total value of €162.1 trillion. Card payments accounted for 48% of all transactions, while credit transfers accounted for 23% and direct debits for 22%.”
Source: European Central Bank
Now, before we dive into what the future might hold for card payments, let’s look at some notable moments in the evolution of modern-day cards.
Lydia
An example of a truly innovative consumer proposition has to be Lydia – the super-app for your money – as they describe themselves. ‘I’ll Lydia you’ has become a phrase used by millions of French people who use Lydia for payments and reimbursements.
The French fintech scene is full of excellent examples of innovation. France has been so successful at enabling entrepreneurs and innovators to launch and grow their card programmes as part of the wider payments and finance ecosystem
On paper, prepaid, debit and credit card propositions can look strikingly similar as almost all of them use some form of authorisation technology to streamline how a customer accesses funds on a card. In fact, the use cases and characteristics of these similar looking cards are actually a lot more nuanced than you think.
It’s also worth noting that different card networks OR schemes (the central payment networks linked to different types of cards e.g. Visa and Mastercard) have specific product requirements for each type of card. Your card proposition will need to take these requirements into account. Plus, these two card networks each have more nuances depending on whether your proposition is for consumer or commercial use. As technology has evolved, the lines are blurring between product boundaries with a prepaid and debit card often indistinguishable for the cardholder, as the user experience is often similar.
A single or multi-use payment card with money loaded onto it. Used like a debit card to buy things or, where applicable, withdraw cash up to a fixed amount.
Key characteristics
Real-world example
A £100 rebate card is offered by a phone network to consumers purchasing the latest smartphone. The card is loaded in real-time when the cardholder buys a phone, and is no longer usable once they have spent their £100 value.
Monzo
Monzo started out as a prepaid top up card, offering favourable rates for those travelling abroad and progressive in-app features. It meant they could launch a product before obtaining a banking license and allowed them to gain invaluable early adopters and learnings prior to launching their current account programme.
A payment card associated with a linked bank account that allows you to buy online and in shops, with payments taken directly from that account.
Key characteristics
Real-world example
A digital bank issues a new customer a debit card linked to their current account. The debit card is designed with the bank’s custom logo and can be added into a digital wallet. Worth noting that where a customer’s account is directly connected to a debit card these can be more prone to fraud. A credit card offers a level of protection on transactions as well as a layer of abstraction between a current account and card.
Yapeal
Yapeal – Swiss Challenger Bank – an existing Marqeta client and a leader in Switzerland in challenging the existing traditional consumer banking space – Debit (and Vpay) card issued. Read more.
A payment card that lets cardholders spend money on credit – it’s like having a loan for the amount you spend using the card.
Key characteristics
Capital On Tap
Capital on Tap provides credit cards to small businesses in the UK, and have recently launched in Spain and the USA. Their cards are powered by Marqeta.
Physical debit, credit and prepaid cards can all take a virtual form and can be used to make online as well as in-app purchases. You can also make purchases through mobile payment services like Apple Pay, Google Pay and Samsung Pay (See tokenised cards for further information). There are a few characteristics of virtual cards that can make them more attractive than just a standalone physical card proposition.
Key characteristics
Real-world example
A multi-use virtual card is issued to an online retail marketplace who uses it to pay multiple suppliers associated with a large order. The card is loaded with funds only once and is terminated after payments are completed successfully.
Twisto
Twisto Issue a virtual card as an option for their customers to utilise as soon as the customer has passed KYC, enabling them to transact online immediately. Twisto customers have the option to order a physical card to follow, and card details can be transferred from the virtual card to the physical card.
The bedrock of the card ecosystem is the ‘four-party model’. It’s the industry’s accepted framework for processing digital or physical card payments between buyers and sellers. All in a way that’s straightforward, secure, and consistent – from Azerbaijan to Zimbabwe.
If you’re wondering where Marqeta resides, we would fall under the issuer in the card ecosystem in the four party model of Merchant, Cardholder, Issuer bank and Acquirer bank.
But there are other parties involved in ensuring a swift, smooth and seamless transaction flow including the network, which as you’ve probably guessed, connects these parties.
To further highlight where Marqeta sits in this key flow we have included an infographic showing how the other parties in the model interact with each other and Marqeta’s function as issuer processor. We have also included the interactions between parties in the model for authorisation of a transaction, clearing and settlement of transactions, and settlement reporting.
Drilling a bit further, Marqeta’s role as an issuer processor INCLUDES the following key areas:
Raw Settlement Reports
The raw reports that come from merchants via the networks that collate transactions from those merchants your customers have spent at and needs to be verified against the actual authorisations given.
Clearing and Settlement Reports
Clearing – The process of exchanging financial transaction details between an acquirer and an issuer to facilitate posting of a cardholder’s account and reconciliation of a customer’s settlement position.
Settlement – The process by which the network (scheme) facilitates the exchange of funds on behalf of issuers and acquirers.
Authorisation
The transaction authorisations for POS transactions, online and e-commerce transactions, ATM transactions, etc. (Via end-point connections to both Visa and Mastercard.)
Batch Clearing
Transactions for the clearing process are handled in large batches for efficiency rather than handled individually which we process for clients.
Daily Batched Cards
Report sent to the card fulfilment bureau to provide a notification file of physical cards to be printed and sent to your cardholders.
Webhooks
Whenever an event occurs on a card, use near real time notifications to let your end users know.
Gateway JIT (Just in Time) Funding
Marqeta’s version of external authorisation – putting you in full control of every authorisation. Marqeta parses the authorisation message to you, converting ISO to JSON.
API
Programming Interfaces between our applications and yours provides a much easier framework to communicate requests and makes changes much easier to implement in the future. You can look through our Core APIs are here.
Whether your proposition involves digital banking services, SME lending or point-of-sale financing, there are certain essential components your card programme will need before and after it launches. You’ll need the fundamental building blocks to get up and running but you’ll also need the key components that will support the day to day running of your proposition.
“Our developers looked at Marqeta’s platform and said that’s exactly how they would have built a card issuing and payment processing platform if they were building from the ground up. That’s why we chose to work with Marqeta.”
Daniel Capraro, Co-Founder, CPO – YAPEAL
Watch the video
Essential elements to launch your programme:
Network (Scheme) licence
Your programme will need a network (scheme) licence before it can start executing payment transactions using a payment network. Either through your own principal membership of Visa or Mastercard or through a BIN Sponsor or Programme Manager.N.b we refer to network and scheme throughout this guide. The terms are interchangeable. Generally in the UK and Europe we tend to use the term scheme, but globally the norm is to use the term network.
Networks (schemes) include Visa, Mastercard, American Express and Discover.
Usually to issue cards you (or a partner) will require an e-money licence.
Ongoing elements your programme will need to consider the following:
Marketing
Every successful card programme depends on active cardholders. So you may want your programme to attract as many as it can, as soon as it can. This means having a crystal-clear marketing strategy to attract the right people in the demographic you’re targeting. You’ll also need to comply with your card network’s brand requirements – for example, making sure the Visa or Mastercard logo is the right colour and size wherever it appears on your marketing communications. Both networks (schemes) have secured websites containing all these requirements.
At first glance, the world of licensing for card programmes might seem impossibly complex. Don’t let this deter you. It’s mainly due to the variety of licences, the different options for achieving your goals, and the overlap between roles and responsibilities, which depends on how you want to set up your card programme.
The trick is to define the objectives and ambitions for your card proposition and then work back from there. For example, what building blocks do you need to put in place to create your card proposition? How quickly do you need to launch? What in-house expertise or financial resources do you have? Once you’re clear on these kinds of questions, the right path to licensing should begin to reveal itself.
It’s helpful to think about your licensing options through three different, but related, lenses: Time, Financial Resources and In-House Resources and Expertise.
There are two broad types of licence – a network (scheme) licence and a regulatory licence. Which you will need will depend mainly on your business model and the size of your card programme as well as your specific business model at launch.
You may not need to be licensed to launch a card programme if you’re working with a network (scheme) sponsor and a regulated entity. In fact, they’ll do all the work for you and make sure you’re compliant before you launch. This is often the most viable option for smaller-scale card programmes that don’t have the financial resources or expertise to support in-house operations.
Typical requirements:
Mastercard process
Documents required will include Act of Incorporation or Articles of Association, Regulatory license Financial Statements or opening balance sheet; Anti-Money Laundering (AML) policy, processes and controls, Organisational Chart of Compliance Team
ICA/BIN Request form
The Customer Risk Management (CRM) review process
Mastercard guarantees settlement finality of most processed transactions, so they have a risk exposure to Principal Customers, and CRM manages that risk, including obtaining collateral in some cases.
Principal Customers typically provide collateral, if required, before being set live in the network’s (scheme) systems. The CRM review determines whether and how much collateral needs to be provided by an applicant.
CRM published a document summarising the networks’s (scheme) approach to managing settlement-related credit exposure, including the risk standards applicable to customers, the types of collateral accepted, and the criteria applied to issuers of standby letters of credit and guarantees.
Options include a Standby letter of credit (SBLC) and cash collateral
CRM carries out its review of applicants once a complete license application package has been received.
Final step – License is granted and ICA and BIN are assigned
Full Access to Mastercard Connect provisioned
Implementation phase with Customer Implementation Services commences and project opened.
The process to go live often takes around 6 months when ICA/BIN and technical parameters are put into a production environment. (From completion of an initial statement of work to go-live.)
Visa process
Proof of eligibility for a Visa License, in the form of either: A copy of license to operate granted by the relevant regulatory authority showing that it is either:
Compliance/Anti-Money Laundering For all applications
In addition:
Further reading here, which provides more details on the fall-out from the regulated issuer (and BIN sponsor) Wirecard, and several Fintech companies had to migrate away from using the company’s services to support their businesses when Wirecard’s parent company filed for insolvency. Curve are featured here.
Typical requirements:
The first point to make is that you don’t need to be a licenced entity to start a card programme. But you will need to operate under a regulated entity or card network (scheme) principal member that has a license for the card services you want to provide. This entity could be either a BIN Sponsor or a Programme Manager (who is a regulated issuer directly, or uses a regulated issuer’s licence.)
Which route works best for your business generally depends on how many cardholders and employees you have.
NB: A recent example of not getting this quite right are Lanistar. They jumped the gun slightly when announcing they were FCA approved and the FCA were quick to disprove that statement. Many in the industry were also skeptical of how an early stage startup would manage to get regulatory approval so quickly as it looked like they were still quite early in their journey and hadn’t launched yet. It may have just been misunderstanding or miscommunication because they later announced that they would have agent approval under a Principal Member (see later) which was an Authorised Electronic Money Institution who did have FCA approval.
Here is the current status (May 2021) on the FCA financial services register, however in November 2020 they issued this warning that was subsequently removed and this article goes into the reasons why.
Whatever happened behind the scenes, it is fundamentally important to understand (or indeed work with a partner who understands) the requirements of the regulator for card issuance into their geographical area of responsibility.
An end-to-end Programme Manager looks after the day-to-day administration of a card programme. This route allows you to focus on your go-to-market proposition, knowing that everything from onboarding, KYC, AML to fraud and chargebacks is being taken care of. They can manage the commercial or operational relationships with the BIN Sponsor, but as they’re probably a principal member, you wouldn’t need a third-party BIN Sponsor.
The BIN Sponsor route is a quick, easy and compliant way to join a card network (scheme) directly. In effect, you’re allowing an established and regulated principal member to sponsor your product, and therefore access to a card network. If your card programme isn’t your core business, this route avoids the sizeable investment of becoming a principal member, along with the resources overhead and regulatory scrutiny.
Advantages:
The route to becoming a principal member takes longer and is more expensive. You’ll need to become a financial institution (FI) and go through the process of obtaining your payment institution (PI) or e-money institution (EMI) licence. Once a card programme reaches 50,000 card users, this is typically a critical mass to consider becoming a principal member.
Advantages:
A quicker route to get to market whilst still ticking all the regulatory boxes and good for the short-medium term. This also means that you’ll be partnering with a Principal Member who has regulatory approval to provide payment services or e-money activities. A common way of doing this is to partner with an organisation who provides a key part of the card programme like a payments or core banking platform who are a regulated PI or EMI.
Advantages:
Expertise
Launching a card programme requires a specific skill-set, as well as specific knowledge and expertise. So it’s worth asking who in your organisation has this? If no one has, it’s time to bring in specialist help. The networks (schemes) may be able to help and have specifiats teams to offer support, so worth checking with them. There are also many consultancy firms out there who will provide support and guidance. Bear in mind that once live you will need to ensure ongoing compliance with the network (scheme) requirements so consider the right resource for this across your team.
Licensing Strategy
Choose a licensing option that will take you to a defined strategic point:
Partner capabilities
Are your partners innovative, with technology that compliments modern day requirements?
Compliance
Choose a BIN sponsor who offers compliance as part of their service. They’ll help make sure you have everything you need in place when you launch.
Rewire – Brexit and Passporting
Getting a financial services licence is a big decision in any company’s life. Rewire issued a celebratory announcement stating that it has received an Electronic Money Institution Licence (EMI) in the Netherlands. This article tells you more about why they decided to become licensed, and what it means for them going forward. Read more.
Every card transaction involves multiple parties, with each party bearing costs or receiving revenue associated with the part they play. In some cases, different parties share or pass on part of the cost to others in the transaction cycle – for example, when it comes to fraud.
However, whilst looking at the micro costs within the transaction flow is beneficial (refer to a diagram later on maybe in the appendix), it’s macro costs that will be the biggest factor affecting your bottom line once your card programme is live so it’s prudent to understand these early on.
Physical
It costs to design, produce and dispatch a security-compliant physical card. Offset against this though, is the biggest advantage of a modern-day physical card. Each time it’s used, you’re putting your brand in the hand of your cardholders and in the eye of the merchant.
Virtual
Virtual cards eliminate all costs of card production and dispatch. With virtual, cardholders can start spending as soon as they have a virtual card and app. Virtual cards are also more secure as there’s no physical card to clone or lose.
Tokenised Cards
The tokenisation of a card enables card details to be used in a digital wallet. Tokenisation refers to the process of swapping out the credit or debit card details for a unique, randomised number known as a ‘token‘. The relationship between this ‘token’ and your actual card is stored securely which reduces the risk of your actual card details being stolen.
There is a cost per card for tokenising into a digital wallet – typically, from the payment processor.
Issuer
A small fee is paid by the acquirer to the issuer on every card transaction. This interchange revenue covers the credit risk associated with, and handling charges of, a card transaction. This interchange fee is capped in Europe at around 20-30 bps or lower on consumer propositions, but on business propositions it’s more like 150 bps (In some cases 200bps.) Is there an opportunity for your card programme to claim a share of this interchange revenue?
Card network (scheme)
Revenue on a card programme starts with interchange. Every time there’s a transaction, there’s interchange revenue. However, the more parties in the ecosystem, the lower your share of interchange will be, so the more parties you can eliminate from the cycle (ie by doing things in-house) the greater your share of this potential income.
While the whole industry wants to minimise fraud, typically it’s the bank that absorbs the cost of fraud. However, in many ways it’s everyone’s responsibility, so to protect themselves they’ll demand card programme owners comply with their risk policies, as well as carry out things such as KYC and AML checks and looking for suspicious transactions or behavior.
The processor bears the cost of card network compliance and certification, which includes issuing cards, processing transactions, and 3D Secure checking.
A core part of any Fintech proposition is the tech. In addition to resources, there are costs around hosting (whether it’s with a cloud provider or on physical hardware), code repositories and other Development/Operations tools (DevOps for short) to consider.
“If a card programme is launched but nobody hears about it, did it really exist..?”
A card programme isn’t just about being able to take and make payments. That is at the heart of it. But it’s also about ensuring there are procedures for when things go wrong, cards need to be replaced and customers have issues. It’s also ensuring that customers hear about your proposition and understand what it’s all about. Both operations and marketing incur important costs that can determine the success of the programme.
Like most technology builds there’s always the question of ‘build it all yourself’ or ‘buy key components off the shelf’. With the rise of many mature fintechs offering key outsourced services like KYC and data aggregation, this pick and mix approach is becoming much more attractive and allows innovators to focus on building a proposition their customers love. Using third-party tools inevitably incurs a cost whether based on user numbers or fixed costs.
An obvious one but you’ll have a team of folks building, managing and marketing your card proposition likely starting off small and growing over time. At the very least you’ll rely on a team of developers, product experts, operations and marketing professionals to get your proposition to market.
Overnight successes rarely happen in financial services, so be realistic. Building your brand, reputation, and cardholder numbers takes time. The key is to have a strong card proposition, a deep understanding of your prospective cardholders, and a firm grip of the commercials. Get these right and you can be on the path to profitability.
“Good fortune is what happens when opportunity meets with planning” – Thomas Edison
Active not passive
A common mistake when launching a card programme is to focus too heavily on cardholder numbers. Of course, the more the better, but only if they’re active and using your card regularly. Which would you prefer, 1000 cardholders and 25 regular users, or 75 cardholders and 40 regular users?
The anatomy of a winning proposition
In our experience, a successful card proposition has three key things:
In this article written by Steven Carr for User Testing.com there are some excellent tips on customer insight strategy that can help you launch a programme that delights your customers!
Ultimately, every card programme needs to turn a profit to survive and there are different ways to generate revenue. Of course, your route to profitability will depend on your proposition and your commercial model. Put simply, the more outsourced components you need to run your card programme, the fewer sources of income you’ll have and the smaller the margin you’ll make. Here are the most common ways card programmes create revenue.
Other factors affect interchange rates:
Monthly fees
These days, many banks charge a monthly fee for having a current account, so people are used to it although in some markets like the UK, free banking is still the norm. The question is, can you build value into your proposition that cardholders are happy to pay for – for example, concierge services, rewards, or other benefits such as travel or phone insurance? Many challengers have been down this route, and not all successfully.
Cross-selling
As you gain more cardholders, the chances are you can cross-sell other financial services such as insurances, savings and mortgage products, or even other types of cards. But financial services is heavily and increasingly regulated. So the trick is to take advantage of potential revenue opportunities in a compliant yet profitable way.
Referrals
You likely have a proposition that is solving a real world problem (as mentioned before) and a core set of features and available products for customers. As such it won’t necessarily have every single available product available from day one. Initially it might be beneficial to offer other organisations’ products to benefit your customer base but get a referral fee for every customer who uses that partner’s product.
Network Incentives
In some cases the networks (schemes) will consider offering monetary incentives for hitting certain targets like active customers, monthly transactions or international transactions. In cases where targets are reached, the networks may reward the card programme with a bonus payment or discount on fees owed. As part of your evaluation process when selecting the network (scheme) you chose to work with, a keen eye on these incentives will be vital.
Forex income
In the past, income from foreign exchange (FX) transactions provided a decent extra revenue stream for many international card programmes. But in recent years, FX revenue has become a battleground as issuers have added in their own margins, plus other fees and charges. In our view, it’s only when you exceed a fixed monthly minimum that it may start generating any worthwhile revenue, which can be commercially prohibitive if you’re just launching. Alongside competition, further regulatory scrutiny has also been brought on this revenue stream by the European Commission with a requirement to provide transparency and information on FX transactions (known as “CBPR2”).
Many card programmes have interchange as their main revenue stream. But as your card programme grows and gains more customers this doesn’t have to be your sole source of income. As you get product market fit you can look to pull on some of the other revenue generating levers detailed above to get to profitability. Maybe you decide to offer savings pots because that’s the clear customer feedback. You partner with a savings firm to offer a pot with an interest rate and have a referral fee mechanism for every pot created. Or, you notice that a section of customers are also entrepreneurs and would like business features like tax calculators and multiple spending cards for employee expenses. This could be offered as an additional account with a monthly business fee.
Which levers you pull and when will depend on your customer base and what the strategy of the business is.
We think it’s important to be able to set up the parameters of who, where and how cardholders can use their cards, using APIs in real-time. That way you can accommodate rapid change and offer an array of configurations at individual card level. Consider looking for a processor that offers dynamic spend and velocity controls, so you can have power over where a cardholder spends – for example, by country or merchant type (no gaming or alcohol, for example). Or how many times, or how much, cardholders can spend on travel or withdraw from an ATM over a pre-defined time period.
You can layer these controls together. The trick is to set controls that are flexible enough to accommodate cardholder behaviour to ensure a good payment experience, while mitigating fraud in line with your business objectives.
Putting some of these card controls in the hand of the customer is also becoming more commonplace. They may wish to pause e-commerce transactions, ATM or contactless, for example.
A notable case is Monzo including a Gambling Block option as part of their card controls area. The intention being to give those people with gambling problems the option to completely block gambling transactions.
Large financial institutions are also sitting up and taking note of customer demand for more control of their card. Santander, for example, has recently launched several new in app capabilities. View PIN, report a card lost or stolen and PIN not working functions have all been added to the app.
Further information on intelligent and real-time authorisation of transactions can be found in this blog.
Taking part in the authorisation process
Your card programme can benefit if you can automate certain processes, access near real-time data, and have the ability to add functionality to the authorisation process. So let’s look at the transaction components that can give you real control over an authorisation.
Simplifying legacy challenges
Authorising transactions from Visa and Mastercard means working with the ISO 8583 standard messaging format. But integrating this complex messaging standard into your card programme can be a headache for developers and time-consuming. The good news is that some processors will convert ISO 8583 into a much more user-friendly open JSON message format, eliminating the need for your developers to build an integration altogether. This can free up your resources to focus on building a compelling customer proposition.
Managing risk and minimising fraud
Who controls decisioning? As mentioned, some processors allow you to define your own rules on their platform and notify you of any breaches. So on top of any 3D Secure solution, you may need some kind of algorithm-based fraud engine at the front end of the transaction-authentication process to score each transaction for potential fraud. If you know there’s a high propensity of cards being attacked in certain merchants in a particular country for example, you can change the rules around decisioning to help minimise the risk.
Involving you in the authorisation decision
Once a transaction has passed dynamic spend and velocity controls and a fraud-decisioning engine, your processor can authorise on your behalf or, if you prefer, involve you directly in the decision using just-in-time (JIT) gateway functionality (Marqeta’s version of external authorisation.) This gives your card programme the ability to approve or decline a transaction using real-time business logic.
As an existing or prospective card programme owner, how do you bring the real-time experience to life? At Marqeta, there are a number of ways we’re helping to support this, including through the use of webhooks and by allowing three seconds for authorisations. Our blog provides more detail here.
Top tip: How can you use real-time for real action?
Ever used the wrong CV2 code making a purchase online? Challenger bank Starling use their real-time authorization data to help their customers transact by reaching out with in-app notifications. Should you key in the wrong details with a merchant you’ll be told why the transaction was declined and prompted to check your CV2 in the app.
Regardless of whether you already have a license, or whether you’re going to use a BIN Sponsor or Programme Manager, you’ll need to go through the same launch journey.
Typically, this can take around six months, but can be helped or hindered by various factors. For example, your approach to licensing and network membership: will you take the faster route and piggy-back off another entity’s licence or apply for your own? Will you go for principal network (scheme) membership or use a BIN sponsor? And what kind of cards will your programme use – physical or virtual?
We think it’s important to be able to set up the parameters of who, where and how cardholders can use their cards, using APIs in real-time. That way you can accommodate rapid change and offer an array of configurations at individual card level. Consider looking for a processor that offers dynamic spend and velocity controls, so you can have power over where a cardholder spends – for example, by country or merchant type (no gaming or alcohol, for example). Or how many times, or how much, cardholders can spend on travel or withdraw from an ATM over a pre-defined time period.
You can layer these controls together. The trick is to set controls that are flexible enough to accommodate cardholder behaviour to ensure a good payment experience, while mitigating fraud in line with your business objectives.
Putting some of these card controls in the hand of the customer is also becoming more commonplace. They may wish to pause e-commerce transactions, ATM or contactless, for example.
A notable case is Monzo including a Gambling Block option as part of their card controls area. The intention being to give those people with gambling problems the option to completely block gambling transactions.
Large financial institutions are also sitting up and taking note of customer demand for more control of their card. Santander, for example, has recently launched several new in app capabilities. View PIN, report a card lost or stolen and PIN not working functions have all been added to the app.
Fintech accelerator programmes
The payment networks have recognized that new participants want to move quicker and both have undertaken work to streamline their application processes for the new generation of Fintechs.
Visa’s Fast Track accelerator programme includes a partner toolkit to help fintechs grow faster. It also includes a certification programme, which makes it easier for fintechs to connect with certified partners for digital issuance and other key services.
Mastercard has its own equivalent. Mastercard Accelerator covers a wide range of support for fintechs at different-stages. Programmes include Mastercard Start Path, Mastercard Developers, Mastercard Engage, and Fintech Express Europe.
You’ll need to apply to join both Visa and Mastercard networks (schemes.)
Every card programme has four necessary components. The entity hosting the card programme, the issuing bank licensed with the card networks, the processor integrated and certified with the card networks, and a card provider, also certified by the card networks. Together, these components form the required capabilities that allow card programmes to issue cards to their customers.
Martin Magnone, CEO & Co-Founder of Tymit, offers this advice:
Imagine your card programme’s up and running, your commercial model is working, and your brand is building. What happens next? One option might be to expand your card programme internationally to reach new markets.
It’s often a conversation many start-ups overlook as they’re focused first on launching and then on getting established. But it may be worth making sure the partners you’re working with – for example, your BIN Sponsor, payment processor and card bureau – can support any foray into new markets.
Of course, it may not happen, but it may be worth future-proofing your card programme in case the opportunity arises and you need to move quickly to scale somewhere else. With the right partners on board, you may be able to land and expand in a new country or territory in days and weeks, not months and years.
Again, it’s about choosing who to work with carefully. Does your BIN Sponsor have a European licence? Can you produce physical cards in the region you’re expanding in? Does your processor offer frictionless international expansion capabilities, without compromising in other areas such as dynamic spending and velocity controls and fraud prevention and monitoring?
Expansion considerations
Our partner Lendable had this advice:
For a summary of more general and regularly used terms please see below:
3D Secure (3DS)
Created by Visa and MasterCard, 3D Secure also referred to as 3DS is a technical standard that adds a layer of security in online credit and debit card transactions.
Different card networks developed their own 3D Secure transaction products:
Acquirer
The card acquirer is a member of a card network (scheme) that enters into an agreement with a merchant and maintains its account to accept payments. As such, it acts as an intermediary between the merchant and the international payment systems. The card acquirer enables merchants to accept card payments. Also, one of the four in the four-party model.
Agency Banking /Digital Banking / banking light
An agency banking partner is a third-party which carries out certain banking services on behalf of a non-banking entity. They can usually provide BACs, Faster Payments, and Direct Debits that their clients can then in turn provide to their end customers.
AML
Anti-Money Laundering, AML, is the term used to describe the tools and techniques to prevent criminals from depositing their illicit funds into the financial system. AML tools will analyse habits and transactions to spot where money laundering is occurring and further review these risky transactions.
API
APIs are application programming interfaces, a set of instructions and tools that enable software developers to create applications that can interact with another company’s systems. For example, by connecting to a bank’s API, a fintech startup could develop a mobile phone app that moves money in and out from the accounts of a bank’s customers, or simply lets them check their balance.
Authorisation
A key part of the card transaction flow. When a customer attempts to use their card to purchase goods or services, the merchant’s acquirer requests authorisation for the transaction from the customer’s bank or issuer processor. This involves a number of steps including the bank/processor verifying the validity of the payment, checking funds and performing fraud checks on the merchant and transaction itself.
BACS (Bankers’ Automated Clearing System)
One of the traditional UK payments schemes used for bulk, high volume, regular retail payments and with T+2 day settlement.
Bank Identification Number (BIN)
The term bank identification number (BIN) refers to the initial set of four to six numbers that appear on a payment card. This set of numbers identifies the institution that issues the card (regulated issuer) and is key in the process of matching transactions to the issuer of the card.
Basis points (bps)
A common unit of measure for interest rates and other percentages in finance. One basis point is equal to 1/100th of 1%, or 0.01%.
BIN Range
A BIN’s digits or ‘range’ allow issuers to separate a BIN for the country and currency allocation and identifies a company issuing a card or a specific product.
BNPL (Buy Now, Pay Later)
Short term, Point of Sale credit arrangement allowing customers to spread the cost of a single payment across a number of weeks or months.
Card Fulfillment
This term refers to the physical creation and provision of physical cards. The organisation is often referred to as a card fulfilment bureau, and they are responsible for providing the physical cards (with chip profiles defined to coincide with scheme and regulatory requirements based on the card type – credit, debit or prepaid) and sending these to customers. Card design is another key area of focus, again in line with network/scheme requirements.
Examples include Idemia and Tagnitecrest.
Card Network/Card Scheme
The terms network and scheme are interchangeable depending on where in the world you happen to be. The US refer to networks – The UK and Europe tend to refer to a card scheme. The role of a card network (scheme) is to facilitate transactions between merchants and card issuers. To do this, card networks create virtual payment infrastructures and charge merchants interchange fees for processing consumers’ card transactions. The card network pays the acquiring bank and the acquiring processor their respective percentages from the remaining funds. The acquiring bank credits the merchant’s account for cardholder purchases, less a “merchant discount rate.” The issuing bank posts the transaction information to the cardholder’s account.
Card PIN
Personal Identification Number or PIN which is usually 4 digits used to secure a customer’s card to ensure that only they are able make payments using that card at merchants requiring chip and pin
Card Programme
The term that covers all elements encompassing a card product. From licensing to scheme membership, marketing to card launch, operational activities, strategy and profitability.
Card Programme Manager
The entity that manages all the parts of the card programme including strategy, arrangements with vendors and schemes, understanding of the route to profitability, marketing strategy and all of the other key relationships. For card programmes that have underlying accounts and are created with and issuing bank, the programme manager will also understand and map out the structure of the profit centre and the store of value (where actual monies are held in a ledger).
Card Verification Value/Card Verification Code (CVV/CVC & CVV2/CVC2)
A verification value usually on the back of physical cards (and usually displayed on the back of virtual cards as well for consistency). Whilst Card Numbers and Expiry dates are allowed to be stored by merchants to allow a more seamless purchase journey for returning customers, CVC2/CVV2 is unique to the card and used to further verify the customer during a purchase. The key difference between CVV1/CVC1 & CVV2/CVC2 is that the 1st iteration of verification numbers were embedded as part magstripe along with the card number and expiry which meant that fraudsters could steal all the magstripe data and imprint duplicate cards using this complete profile of your card.
Now the more prevalent usage, especially in european countries, is to use Chip and PIN/contactless for in-person transactions and Card Details + CVC2 for online purchases. The addition of a PIN only known to the cardholder therefore acts as an additional layer of security.
NOTE: For VISA/MasterCard CVC2 is 3 digits and for American Express is 4 digits.
Cardholder
Person the card is issued to from the issuer. Also known as the customer and is the person who applied for, funds and makes transactions using the card. Also, one of the four in the four-party model
CHAPS (Clearing House Automated Payment System)
Another of the traditional UK payments schemes used for same day transfers of large, valuable payments with no upper limit. Used for things like house purchases and other large, high value transactions.
Chargeback
Where funds are returned to the payment card and sometimes through a dispute resolution process. The most common chargeback case is where goods are returned and the merchant initiates a chargeback which refunds the customer in the amount originally paid for the goods. Customer initiated chargebacks are often for unrecognised payments (sometimes fraudulent) or for goods or services not received.
Chip and PIN/EMV
Chip and PIN refers to the combination of the EMV Microprocessor Chip embedded within the card and the PIN used to allow the chip to transfer information and transact at merchants. EMV is short for Europay, MasterCard, Visa who were the founders of the EMV technology back in 1994.
Clearing
The process of exchanging financial transaction details between an acquirer and an issuer to facilitate posting of a cardholder’s account and reconciliation of a customer’s settlement position.
Cross-Border Payments
Transactions where the initiation of the transaction and the recipient of that payment are in different countries. These can be between people, companies or financial institutions.
E-Money
Article 2(2) of Directive 2009/110/E : “electronically, including magnetically, stored monetary value as represented by a claim on the issuer which is issued on receipt of funds for the purpose of making payment transaction, and which is accepted by a natural or legal person other than the electronic money issuer”.
Prepaid cards are a good use case example for e-money storage. There is no underlying bank account associated with the card, and when you top up a prepaid card the funds are represented as an amount you have available to spend
E-Money Directive (EMD/EMD2)
The legislation that regulations e-money activities and payment services in the EU to provide more service electronic money services and encourage more competition
E-Money Institute
Financial institutes authorised to provide e-money services (providing they have an e-money licence.
E-Money Licence
A licence required by EMIs which allows them to issue and redeem electronic money.
EMD Agent
An agent of an E-Money Institute. Delegated authority to provide the same services as the partner institute and operating under their E-Money Licence
Faster Payments
A relatively new (since 2008) bank payments scheme which is a 24/7 real time system for low-value payments up to 250k.
Fintech
The aggregation of the words ‘Financial’ & ‘Technology’. The term Fintech broadly covers technology that improves access, automation or delivery of financial services. Things that fall under this broad spectrum include cryptocurrency, digital banks, financial data aggregation, embedded finance, POS lending, data focussed credit agencies and many more…
Four-Party-Model
The online payment network is often called the Four Party model (even though there are more parties involved). The Four Party model covers the entities involved in a transaction. The model includes the Cardholder, Merchant, Issuing bank and Acquiring bank, but forgets the network (scheme).
IBAN
International Bank Account Number used to make and receive payments across countries. It’s usually a combination of the account number and sort code as well as additional characters that make it unique.
Interchange
The percentage of each transaction paid by the Acquiring Bank (who the merchant banks with) to the Issuing bank (who issued the card to the customer). Interchange is paid to the Issuing bank to cover the risks and costs they incur during the card payment process like fraud checks and transaction authorisations.
Issuer
The issuer, or issuing bank, is the cardholder’s bank, which is a regulated entity.
When a consumer makes a purchase with their card for a product or service from a merchant, this information is passed to the acquirer which then references the relevant card scheme and the issuer to collect funds. The issuing bank is the intermediary between cardholders, card schemes, and acquirers. The information sent from the issuer determines whether the payment from the customer is accepted or not. Also, one of the four in the four-party model.
Issuer processor
Marqeta is an issuer processor. The technology layer that sits between the Card network and the Issuing Bank/Banking platform/Card Programme. The issuer processor provides a number of key component capabilities such as Card Issuance, Payment Processing, Authorisation stand in, processing of clearing and settlement files from networks and is the technical gateway into the card payment flow.
Just-in-time funding
Standard functionality of the Marqeta offering that allows you to automatically fund a card in real time during the transaction process. This means that customers don’t have to retain large amounts of cash on the card and can retain a zero balance but still use the card for payments. Cards always have a zero balance until a transaction is authorised and funds move as part of the e-money flow.
KYC
Know Your Client/Customer. A process to ensure businesses identify and verify the identity of their clients, for anti-money laundering (AML) purposes.
Magstripe
The strip of magnetic tape on the back of cards that stores card information and is captured when swiping or dipping at a merchant terminal.
Merchant
The traditional definition of a merchant is a “person or company involved in wholesale trade”. In the card ecosystem the merchant is just the person or organisation where you use your card to transact in either goods or services. Also, one of the four in the four-party model
Merchant Service Charge (MSC)
The charge that the Merchant pays, usually a minimum fee as well as a per transaction percentage charge on debit and credit transactions.
Mobile/ Digital wallet
A mobile or digital wallet is a way to carry your credit card or debit card information in a digital form on your mobile device. Instead of using your physical plastic card to make purchases, you can pay with your smartphone, tablet, or smartwatch. This can be either using cryptocurrency or real money which is often pre-loaded onto a digital account.
In theory, it is safer to use than a physical credit or debit card as the owner does not need to reveal their account number at point of purchase, and even if someone was able to intercept the transmitted encrypted information, they could not re-use it to authorise further payments. Examples include GooglePay, Apple pay and Samsung Pay
Near field communication (NFC)
This is the technology behind digital wallets, tap to pay cards and tapping a debit card vs an Oyster card to pay for the tube. It is a set of communication protocols that enable two electronic devices, one of which is usually a portable device such as a smartphone, to establish communication by bringing them within 4 cm (2 in) of each other.
Neo/Digital Bank
Neobanks are digital banks who operate entirely online and have no physical branches and are often app based. Starling, Monzo and Revolut are notable neo/digital banks in the UK.
Networks/Schemes
A card network sets the terms of card transactions as well as transfers payments between cardholders, merchants, and their respective banks. When a cardholder uses their card to make a purchase they are requesting that their card issuer pay the merchant. But that payment first has to go through a card network (scheme).
The networks pass information between the merchant’s acquiring bank and a card issuer (the financial institution that issued a card on behalf of a network like Mastercard or Visa) to decide whether or not to facilitate the purchase.
Open banking
A term used to refer to the use of open APIs by banks to enable third party software developers to create applications and software using the bank’s data. Open Banking gives customers access to their banking data via third-parties so they can view account information and initiate payments.
PCI-DSS Compliance
Payment Card Industry Data Security Standard is the set of 12 requirements that helps enforce the security of cardholder information and reduce fraud. Adherence to the standard is applicable for any stakeholders in the payment process handling card information and is governed by the Payment Card Industry Security Standards Council.
Physical card
A physical card is typically made of plastic, although metal and wood have seen a recent uptake in demand and contains an electronic chip that is ready by card readers and ATMs. The card often features the company branding as well as the name of the cardholder, PAN, CVV, date of expiry and a signature strip. Some physical cards are contactless enabled.
POS
POS or Point-of-Sale traditionally refers to the physical location the card payment was made. Historically this was at the physical merchant terminal using swipe, chip & PIN or contactless but POS also covers online payment portals at e-commerce sites.
Primary Account Number (PAN)/Card Number
14,15 or 16 digit number on a payment card that’s commonly referred to as the Card Number. This is the number that uniquely identifies the card and is often embossed on physical cards.
Principal Member
A Principal Member is a financial institution that directly participates as an issuing and/or acquiring member of the Mastercard or Visa networks/schemes. The process to apply for principal membership is described in The Licensing Question section.
Processor (acquirer processor, payment processor)
An organisation that provides payment processing services such as Authorisation, Settlement and clearing. They, like the Issuer Processor, will be connected to the networks.
PSD2
Second Payment Services Directive OR Revised Payment Services directive is an EU regulation designed to contribute to a more integrated and efficient European payments market, make payments safer, increase the consumers’ protection and foster innovation and competition while ensuring a level playing field for all players, including new ones. It’s given rise to an Open Banking ecosystem in Europe.
SEPA (Single Euro Payments Area)
An EU payments initiative aiming to make Eurozone payments easy and cheap by creating a single market for EURO denominated payments. A big step in achieving this goal is the creation of 3 SEPA payments schemes: SEPA Direct Debit (SDD), SEPA Credit Transfer (SCT), SEPA Cards Framework (SCF)
Settlement
The process by which the network (scheme) facilitates the exchange of funds on behalf of issuers and acquirers. Clearing is a prerequisite for settlement.
Tokenisation
Tokenisation is the process of turning a meaningful piece of data, such as an account number or card number (PAN) into a random string of characters called a token that has no meaningful value if breached. Tokens serve as reference to the original data, but cannot be used to guess those values. The tokenisation process is used when converting card data for use in digital wallets, such as apple pay.
Transaction Monitoring
The process of regularly monitoring transactions to ensure compliance with anti-money laundering legislation and spot fraudulent activity on a card or account
Underbanked/unbanked
People or businesses that have little or no access to mainstream financial services. The World Bank estimates that there are 2 billion adults worldwide without access to formal financial services.
Unicorn
A privately held company with a valuation of over $1billion. A Fintech Unicorn is just a unicorn in the Fintech industry i.e Starling Bank
Virtual card
A ‘virtual’ version of a physical card. Essentially a digitally stored card number, expiry and CVV that is usually secured on a customers mobile app or online portal. Works the same way as a physical card except it’s unable to be used in Chip and Pin devices but can still be used for contactless payments when tokenised. Beneficial as new card numbers can be used at potentially risky merchants therefore protecting the funds stored on account.
If you would like further insights and inspiration we’d recommend the following links, books, influencers, websites and any associated content that may help you plan your journey into the world of card issuing!
Links to general card and payment information:
PSD2 – Payment Services Directive
PSD2 is a European regulation for electronic payment services. It seeks to make payments more secure in Europe, boosting innovation and helping banking services adapt to new technologies. PSD2 is evidence of the increasing importance Application Programme Interfaces (APIs) are gaining in different financial sectors.
Marqeta powers modern payment solutions for companies, innovating new services and process flows in a digital world.
Our platform, open API, and advanced analytics provide unprecedented control for companies to issue cards, authorise transactions, and manage payment operations with ease. Highly configurable, secure, and reliable, Marqeta built its technology from the ground up to help companies bring products to market faster, design seamless user experiences, streamline purchase flows, and reduce fraud risk.
We enable modern payment solutions for:
Marqeta’s mission is to become the global standard for modern card issuing.
*This publication is intended to be used for informational purposes only. The views and opinions of third parties expressed in this publication are those of the respective third parties and do not necessarily reflect the views or opinions of Marqeta. Links to third party websites do not constitute endorsements and we do not control or have any affiliation with the content of third party websites.