In the last few years, you might have noticed that more credit and debit cards come with small chips. These are EMV chips, and they provide a safe approach to managing EMV transactions. They are the latest evolution in payment card technology and significantly improved over the traditional magnetic stripe cards people have used for years.
EMV cards are more difficult to duplicate than older magnetic stripe-based ones. An older magstripe card could be easily copied and counterfeited, as the stripe data does not change. However, the data in an EMV card can change with each transaction, making it harder for a person to copy the content.
EMV cards are easy to read; a terminal can identify the chip data and secure a transaction. But how does the transaction process work?
Steps Of An EMV Transaction
These steps focus on ensuring everything accurately travels over a secure network.
- The terminal and card chip will determine the application being utilized.
The EMV transaction application will vary by card scheme or payment network. Visa, MasterCard, American Express, and other card brands use unique networks. The terminal and card chip must read the specific network being managed here.
- The terminal starts reading application data.
The terminal will send a processing command to the card. The terminal will give the card and data pieces the card requests. A unique value is produced to confirm the card’s identity and to ensure the transaction is unique and traceable. Creating distinct values is critical for preventing theft or fraud, as the card’s readable data becomes hard for outside parties to predict.
- The card data is authenticated offline.
Offline confirmation ensures the card isn’t counterfeit. A static data authentication process will review the card data and confirm the card was signed by the issuer. The process ensures the data stays permanent, although it doesn’t prevent card cloning. Cloning may occur in cases where a customer requires a duplicate card for different occasions or backup purposes. However, the process will need confirmation from an issuing bank before it can work.
- The chip and transaction are confirmed.
An EMV certificate will work in this process. The card chip sends a public key to the terminal. The terminal then reviews the key to confirm the chip data. The transfer of data allows the card chip to work as necessary.
- The cardholder will verify one’s identity.
The cardholder still needs to confirm one’s identity in the transaction process. The cardholder can use a cardholder verification method like a signature, a personal identification number code, or another acceptable method. Some newer cards may support biometrics features, such as a customer’s having to provide a fingerprint on the card while in use.
- The reader reviews the floor limit on the card.
The floor limit is the maximum amount of money one can charge on a card before authorization. The reader can use an electronic payment network to confirm this value. The floor limit ensures there’s enough room for the customer’s payment. The transaction may be canceled or declined if the floor limit for the order is too low.
- The terminal will ask for approval.
The terminal requests approval for the transaction sends a message to the card network asking to complete the deal and attempts to go online to complete the move. Sometimes, the terminal won’t access a network and might decline to approve the deal if it can’t reach a suitable signal.
- The card approves the transaction.
The card will approve the transaction based on the data it receives. It will record the retailer data and the value of the transaction. It will also produce a distinct transaction code separate from any other move on the card. The unique code ensures you can trace data as necessary. The system reduces the risk of fraud or theft.
- The payment authorizer will receive a request to complete the transaction.
The payment process will entail a unique report that fits the transaction. It includes details on the unique transaction you wish to complete.
- The transaction is finished as an issuing script goes back to your card.
The issuing script includes data on the transaction. The terminal will not require any further data. The script can also include rules on how the card may be utilized later. The layout can include details on how a card might be safe to use in specific business environments.
What Makes the Process So Useful?
These steps for how an EMV transaction will work are beneficial for many reasons:
- EMV transactions can be processed quickly. EMV technology has been evolving, so these steps can move forward faster.
- The process can work offline if necessary. After regaining an online connection, you can store offline card and transaction data and move it through a network.
- The EMV chip provides a more secure and accurate data verification process than what a signature might provide. While a signature can be easy to forge, an EMV chip is tough to duplicate. The chip produces unique codes for each transaction, ensuring everything reads well.
- EMV data is also easy to encrypt. An outside party won’t be capable of stealing the data like one would get from a magnetic stripe card, whose pattern is easy to read and copy.
Can It Work on Contactless Cards?
The steps listed here can also work on contactless cards. It can work on Apple Pay or Android Pay wallets. It can also work on NFC-based transactions where the user will waive one’s card over a reader.
Your business can start reading EMV cards if you have an appropriate EMV reader. Set one up to help you start working with these cards.
