Most credit card readers are able to read the data that is held on the card by swiping it into the machine. The card’s numbers are usually embossed on the front of the card and some older point of sale machines, or PDQs, require this data to be input manually. This means an operative has to enter the 16-digit card number to begin with before the transaction can take place. However, the magnetic strip, sometimes also called a magstrip, on the back of the card also contains this data. Once swiped, the need to enter this data manually is done away with. For retailers, the advantage is that transactions can be sped up, thus affording their customers a good deal more convenience. Remember that speeding up transactions not only benefits the client who happens to be paying, but anyone else who might be in the queue waiting for service. Therefore, the uptake of the type of bank card reader which can read magnetically-held information was foremost among supermarkets, petrol stations and other busy multi-transaction retailers in the UK.
Although a credit or debit card reader needs a customer’s card to be swiped for its magnetic information to be read, fraud can be an issue with lost or stolen cards. Therefore, the UK chose to adopt the additional security measure of Chip and PIN in 2006. Now widespread, this technology duplicates the information that is held on a magstrip, but stores it in a different way. With Chip technology, a credit card terminal does not swipe the card, but has an integrated circuit held within the credit or debit card, which is inserted into it. More secure than a magstripe, the system is then backed up by requiring the card holder to enter their personal identification number, or PIN. Only after this four-digit number has been input can the transaction proceed. In effect, this adds an additional layer of security which means that lost cards cannot be used unless the PIN is given away somehow. Crucially, all of the information held on the magstrip could be read, but this would still not reveal the PIN number.
As mentioned, cards have many numbers on them which can be easily read. However, few people know what they mean. When a credit card reader is accessing data from either a magstrip or a Chip, it is able to discover the long number across the front of the card. The first digit is known as the system number, with the next five relating to the bank, or card issuer. After that, there are eight digits which relate to the user’s account number. The final digit of the sixteen is a check digit. However, the information that can be stored on even a humble magstrip goes way beyond this. Country codes, name information of up to 26 characters, card expiration data and so-called end sentinel data can all be held. In addition, up to 79 characters worth of discretionary data can be stored by the card issuer, if wanted.
Following the swipe of a credit card through a reader, the PDQ will usually dial a stored telephone number via a modem or access a fixed line that is dedicated to the purpose, in the case of larger retailers. Nowadays, the internet can be used for this function, too. For example, SumUp’s innovative app means that a tablet or smartphone can process a card payment, just like a physical PDQ. By whichever means the card is processed, the seller’s merchant provider needs to be contacted. This is a commercial organisation that collects credit authentication requests and provides a guarantee of the payment to the seller. When the merchant provider receives a credit card authentication request, it needs to check the transaction is valid. Part of this process means obtaining the data that has been read by the credit card reader. It will validate the card number, check the expiration date is correct, confirm that the credit card limit is not exceeded and check normal card usage for security purposes. Only after this, is a payment actually processed.
With SumUp, you can quickly and easily accept credit and debit card payments with your smartphone or tablet.