OPERATION OF CREDIT CARDS

Prepared By

W.N.S. Ranasinghe

DCM/19/01/51

Diploma in Credit Management - 2019

INSTITUTE OF BANKERS OF SRI LANKA

a) What is a Credit Card

A credit card is a payment card issued to users (cardholders) to enable the

cardholder to pay a merchant for goods and services based on the cardholder's promise
to the card issuer to pay them for the amounts plus the other agreed charges. The card
issuer (usually a bank) creates a revolving account and grants a line of credit to the
cardholder, from which the cardholder can borrow money for payment to a merchant or
as a cash advance.

b) History/Origin of Credit Cards

The concept of using a card for purchases was described in 1887 by Edward
Bellamy in his utopian novel Looking Backward. Bellamy used the term credit
cardeleven times in this novel, although this referred to a card for spending
a dividend from the government, rather than borrowing, making it more similar to a
Debit card.

The use of credit cards originated in the United States during the 1920s, when
individual firms, such as oil companies and hotel chains, began issuing them to
customers for purchases made at company outlets. The first universal credit card, which
could be used at a variety of establishments, was introduced by the Diners Club, Inc., in
1950. Another major card of this type, known as a travel and entertainment card, was
established by the American Express Company in 1958. Under this system, the credit
card company charges its cardholders an annual fee and bills them on a periodic basis
usually monthly. Cooperating merchants throughout the world pay a service charge to
the credit card issuer in the range of 4–7 percent of total billings.

In the late 20th century, credit card use began to increase dramatically, with
many customers soon outspending their earnings. Users who were unable to make the
monthly payments on outstanding balances accrued on high-interest cards were
subsequently hit with hefty penalty fees and quickly fell into default. The recession and
rising unemployment that accompanied the global financial crisis of 2008–09 led to a
rise in defaults as consumers were increasingly forced to rely on credit. In April 2009 the
U.S. House of Representatives approved the Credit Card Holders Bill of Rights, which
would provide additional consumer protections and restrict or eliminate credit card
industry practices deemed unfair or abusive. Credit card debt is typically higher in
industrialized countries such as the United States the world s most indebted country the
United Kingdom, and Australia. Nonindustrialized countries and countries with
strict bankruptcy laws such as Germany, however, tend to have relatively low credit card
debt.

1
c) Uses of Credit Cards

The credit card issuer issues a credit card to a customer at the time or after an
account has been approved by the credit provider, which need not be the same entity as
the card issuer. The cardholders can then use it to make purchases at merchants
accepting that card. When a purchase is made, the cardholder agrees to pay the card
issuer. The cardholder indicates consent to pay by signing a receipt with a record of the
card details and indicating the amount to be paid or by entering a personal
identification number(PIN). Also, many merchants now accept verbal authorizations via
telephone and electronic authorization using the Internet, known as a card not present
transaction (CNP).

Electronic verification systems allow merchants to verify in a few seconds that

the card is valid and the cardholder has sufficient credit to cover the purchase, allowing
the verification to happen at time of purchase. The verification is performed using
a credit card payment terminal or point-of-sale (POS) system with a communications
link to the merchant's acquiring bank.For card not present transactions where the card
is not shown (e.g., e-commerce, mail order, and telephone sales), merchants
additionally verify that the customer is in physical possession of the card and is the
authorized user by asking for additional information such as the security code printed
on the back of the card, date of expiry, and billing address.

Each month, the cardholder is sent a statement indicating the purchases made
with the card, any outstanding fees, the total amount owed and the minimum payment
due.Many banks now also offer the option of electronic statements, either in lieu of or
in addition to physical statements, which can be viewed at any time by the cardholder
via the issuer's online banking website. Notification of the availability of a new
statement is generally sent to the cardholder's email address. If the card issuer has
chosen to allow it, the cardholder may have other options for payment besides a
physical check, such as an electronic transfer of funds from a checking account.
Depending on the issuer, the cardholder may also be able to make multiple payments
during a single statement period, possibly enabling him or her to utilize the credit limit
on the card several times.

2
d) Structure of Credit Cards

1. Bank branding: This section identifies your card issuer. Cards typically show your lender’s
name, but they may display a logo for a specific program instead. For example, some cards
are branded with rewards programs or retailer names.

2. Card number: The card number is one of the most important parts of your card. It's a
number that identifies your account with the card issuer, and those are the digits you need
to provide when making purchases online or by phone. It's typically 16 digits, though some
manufacturers use as little as 14 or as many as 19.

3. Cardholder’s name: This is the person authorized to use the card. That person didn’t
necessarily open the account they might simply have permission to spendfrom the account
as an “authorized user.” Only authorized card users can make purchases with a debit or
credit card, and merchants are encouraged to ask for ID before accepting payment with a
card.

4. Smart chips: These tiny metal processors make cards more secure than traditional
magnetic-stripe-only cards. Chips make it harder for thieves to use stolen credit card
numbers. While common (and sometimes a necessity) overseas, banks in the United States
were slow to adopt smart cards. After 2015, banks and retailers got more motivation to add
these security features.

5. Expiration date: You need to replace your card periodically. The move to smarter cards is
just one reason banks issue new cards. Your expiration date is important because vendors
may require it when you make purchases online or over the phone—you need to provide
the correct expiration date for your payment to be approved.

6. Payment network logo: It’s essential to know what type of card you have. Common
examples include MasterCard, Visa, and Discover. When paying online, there’s usually a
drop-down menu that requires you to select which network your card belongs to.

3
1. Magnetic stripe: This black strip contains information about you and your card, and
specialized devices known as card readers gather that information. Every time you swipe
your card at a merchant, you run the magnetic stripe through a card reader to provide your
payment details. Magnetic stripes include your name, card number, expiration date, and
other details.

2. Hologram: Some cards display a hologram, or a mirror-like area showing a three-

dimensional image that seems to move as you change your viewing angle. Holograms are
security features which help merchants identify valid cards (holograms are hard to fake).
Sometimes holograms appear on the front of your card.

3. Bank contact information: If you need to get in touch with your bank, use the contact
information on the back of your card. This is not only convenient it’s also an excellent way
to prevent fraud.

4. Signature panel: Your card must be signed before you can use it, so sign your name in
this area. It’s not easy to fit a signature in that small box, but do your best. Signatures are a
requirement for card issuers, and merchants should also verify that you’ve signed the card.

5. Security codes: Cards are printed with an additional code to help ensure that anybody
using the card number has a legitimate, original card. For payments online or by phone,
merchants typically require more than just the card number and expiration date from the
front of your card.

6. Network logos: Your card might have additional network logos on the back, often in the
lower-right corner.

4
e) Parties to the Credit Cards

Cardholder, Card-issuing bank, Merchant, Acquiring bank, Independent sales

organization, Merchant account, Credit Card association, Transaction network, Affinity
partner, Insurance providers

f) Duties & responsibilities of parties to the credit card

 Cardholder: The holder of the card used to make a purchase; the consumer.

 Card-issuing bank: The financial institution or other organization that issued the credit
card to the cardholder.

 Merchant: The individual or business accepting credit card payments for products or
services sold to the cardholder

 Acquiring bank: The financial institution accepting payment for the products or services
on behalf of the merchant.

 Independent sales organization: Re-sellers (to merchants) of the services of the

acquiring bank.

 Merchant account: This could refer to the acquiring bank or the independent sales
organization, but in general is the organization that the merchant deals with.

 Credit Card association: An association of card-issuing banks such

as Discover, Visa, MasterCard, American Express, etc. that set transaction terms for
merchants, card-issuing banks, and acquiring banks.

 Transaction network: The system that implements the mechanics of the electronic
transactions. May be operated by an independent company, and one company may
operate multiple networks.

 Affinity partner: Some institutions lend their names to an issuer to attract customers
that have a strong relationship with that institution, and get paid a fee or a percentage
of the balance for each card issued using their name. Examples of typical affinity
partners are sports teams, universities, charities, professional organizations, and major
retailers.

 Insurance providers: Insurers underwriting various insurance protections offered as

credit card perks, for example, Car Rental Insurance, Purchase Security, Hotel Burglary
Insurance, Travel Medical Protection etc.

5
g) Advertising & marketing of credit cards

Any institution enters into a contractual relationship with a Cardholder through the
issue of a Credit Card shall ensure that marketing strategies of the Credit Card operations
are designed and undertaken in accordance with the following guidelines.

1. Marketing staff shall disclose their official identity at promotional campaigns before or
during the meeting with prospective and/or existing Customer.

2. Benefits, incentives, rewards or reduction of any charges / fees which are offered by the
Card Issuers in any promotional campaign or any event with regard to Credit Card
operations shall be clearly communicated to the Customers in legible writing (electronically
or document form).

3. The terms and conditions relating to the Credit Card shall be clearly communicated to the
Customers and the same shall be provided in writing in the preferred language of
communication, on request. The terms and conditions shall be displayed in the Card
Issuers‟ web sites

4. Card Issuers shall disclose their Code of Conduct/Institutional Policy on Credit Card
operations to the Customers throughout the marketing process and the same shall be
published in Card Issuers‟ official websites.

5. Marketing personnel of Card Issuers shall provide complete information on features,

benefits and drawbacks to the Customers and shall not make false claims on any features /
benefits which Card Issuers do not offer.

h) Application, appraisal & Approval procedures to issue credit cards

1. Credit Card shall be issued only to an individual who has following eligibilities

 a citizen or a resident of Sri Lanka who is above 18 years of age on the date of the
application and has independent financial means

 a non-resident provided that he has a Non Resident Foreign Currency Account/Resident

Foreign Currency Account/Resident Non National Foreign Currency Account or Off
Shore Banking Unit Account and all dues of the Credit Card are settled in foreign
currency through such accounts.

2. Credit Card shall be issued by a Card Issuer on receipt of duly filled and signed application
form from a prospective Customer, supported with necessary documents. Pre-approved
cards shall be activated only after receiving of Customer‟ s signed acceptance. Unsolicited
cards shall not be issued.

3. Card Issuer shall take utmost care in ascertaining credit worthiness of Customers. Credit
risks shall be assessed independently, before issuing a Credit Card, taking all 3 reasonable

6
steps and using reliable modes to assess the creditworthiness of the Customer. Card Issuer
shall obtain information available at the Credit Information Bureau (CRIB) to ascertain the
creditworthiness of the Customer.

4. The prevailing credit limit may be increased temporarily subject to a maximum time limit
of 6 months on the request of the Customer, based on the nature of the requirement.
However, Card Issuer should be satisfied with the Customer‟ s ability to settle all the
liabilities incurred on such extended facility.

i) Transaction steps in credit card

Authorization: The cardholder presents the card as payment to the merchant and the
merchant submits the transaction to the acquirer (acquiring bank). The acquirer verifies the
credit card number, the transaction type and the amount with the issuer (card-issuing bank)
and reserves that amount of the cardholder's credit limit for the merchant. An authorization
will generate an approval code, which the merchant stores with the transaction.

Batching: Authorized transactions are stored in "batches", which are sent to the acquirer.
Batches are typically submitted once per day at the end of the business day. If a transaction
is not submitted in the batch, the authorization will stay valid for a period determined by
the issuer, after which the held amount will be returned to the cardholder's available credit
(see authorization hold). Some transactions may be submitted in the batch without prior
authorizations; these are either transactions falling under the merchant's floor limit or ones
where the authorization was unsuccessful but the merchant still attempts to force the
transaction through.

Clearing and Settlement: The acquirer sends the batch transactions through the credit card
association, which debits the issuers for payment and credits the acquirer. Essentially, the
issuer pays the acquirer for the transaction.

Funding: Once the acquirer has been paid, the acquirer pays the merchant. The merchant
receives the amount totaling the funds in the batch minus either the "discount rate", "mid-
qualified rate", or "non-qualified rate" which are tiers of fees the merchant pays the
acquirer for processing the transactions.

Chargebacks: A chargeback is an event in which money in a merchant account is held due to

a dispute relating to the transaction. Chargebacks are typically initiated by the cardholder.
In the event of a chargeback, the issuer returns the transaction to the acquirer for
resolution. The acquirer then forwards the chargeback to the merchant, who must either
accept the chargeback or contest it.

7
j) Cost & Revenues to the parties to the credit card

1. Cost to the cardholder

 Charges that result in exceeding the credit limit on the card

 Exchange rate loading fees

 Late or overdue payments

 Membership fees (annual or monthly), sometimes a percentage of the credit limit.

 Returned cheque fees or payment processing fees

2. Cost to the merchant

 Authorization Fee

 Transaction Fee

 Assessment Fees

 Monthly or Annual Fee

 Payment Gateway Fee

3. Revenues to the Card issuing bank, Acquiring bank & Credit card association

 Interest Income

 Commission Income

 Annual Fees Income

 Interchange Fees Income

k) Advantages & Disadvantages to the parties to the credi cards

Advantages

Purchasing Power: Credit Cards enable users to make big ticket purchases they might not
otherwise be able to afford.

Rewards: Many cards offer rewards programs that will accrue points, discounts, or other
benefits like frequent flyer miles.

Convenience: Credit cards reduce the need to carry cash. Most retailers accept credit cards
and they are pretty much required for online purchases.Use during an emergency: There
are times when money is the simple solution to an emergency. If you get hit with an
unexpected expense, credit cards can be the quick and easy solution you need.

8
Disadvantages

Overspending: Credit cards can make life easier, but they can also make overspending
easier as well. With a credit card, you’re spending money you don’t necessarily have yet. If
you’re not careful, this can quickly lead to unexpected debt.

Fraud: Credit cards (and other electronic forms of payment) carry unique dangers. Credit
cards can be stolen, their numbers can be copied, and they can be used to steal your money
and identity.

Limited usage: you might be restricted in how and where you can use your credit card. For
example, many will charge you for withdrawing cash or using the card abroad unless stated
otherwise in the credit agreement

l) Security problems associated with credit cards & solutions

The PCI DSS is a security standard issued by The PCI SSC (Payment Card Industry
Security Standards Council). This data security standard is used to acquire banks to impose
the security measures on the merchants. One obvious fact is that the credit companies are
more inclined towards making profit and therefore they only follow some steps that can
reduce the fraudulence cases and would not expend too much of money on the security
purpose in order to completely prevent it. Internet fraud may occur when the unencrypted
card data is send to the merchant through emails due to lack of security of the website.
Sometimes, even encrypted data can be cracked and the merchant or a rogue employee of
the merchant can use the details. Controlled Payment Numbers is one of the ways credit
card fraud can be decreased.

Further, a card company may provide you with a PIN and a Chip and make some
controls regarding the location and the numerical changes. They can make a card accessible
only in a specific location like in the home country of the cardholder. Real card details
printed on the card can also be disabled to be used on-line and thus if a person tries to do
so, the transaction will be declined. Moreover, they can be provided with some virtual card
numbers for internet transactions. In both the cases, an alert system can be created where
the user can be informed of a fraud activity tried with their account. These security
measures can keep your credit card safe both internet-virtual and well as in the real world.

m) Credit cars & ATM

Many credit cards can also be used in an ATM to withdraw money against the credit
limit extended to the card, but many card issuers charge interest on cash advances before
they do so on purchases. The interest on cash advances is commonly charged from the date
the withdrawal is made, rather than the monthly billing date. Many card issuers levy a
commission for cash withdrawals, even if the ATM belongs to the same bank as the card
issuer.

9
n) Different types of credit cards

1. Domestic/International Cards

Business Credit Cards, Cashback cards, Classic Credit Cards, Lifestyle Cards,
Premium/Signature Credit Cards, Travel Credit Cards

2. Basic/Gold/Platinum Cards

Basic Cards : Common features include interest-free days on purchases and no liability fraud
guarantees. Standard credit cards have the lowest minimum credit limit and lowest
minimum income requirements. You’ll also find many cards with cost-saving features such
as Rs.0 annual fees.

Gold Cards : More competitive promotional balance transfer or purchase rate offers
alongside gold extras such as insurance and rewards.

Platinum Cards : Platinum reward cards usually offer a higher number of points per $1 when
compared to standard or gold options. Other popular features include comprehensive travel
insurance, purchase insurance coverage, airport lounge passes and concierge services.

3. Secured Cards

A secured credit card is a type of credit card secured by a deposit account owned by
the cardholder. Typically, the cardholder must deposit between 100% and 200% of the total
amount of credit desired. The cardholder of a secured credit card is still expected to make
regular payments, as with a regular credit card, but should they default on a payment, the
card issuer has the option of recovering the cost of the purchases paid to the merchants out
of the deposit.

4. Pre-paid Cards

A "prepaid credit card" is not a true credit card,[24] since no credit is offered by the
card issuer: the cardholder spends money which has been "stored" via a prior deposit by
the cardholder or someone else, such as a parent or employer.

o) Laws & regulations governing credit card operation in Sri lanka

1) Card Issuer shall have sound and prudent management, administrative, accounting and
control procedures to minimize financial and non-financial risks to which the Card Issuer
may be exposed.

2) Card Issuer shall conduct risk analysis and feasibility study on new products/services. In
addition, when there is a change of relevant circumstances, Card Issuer shall perform a
review on the risk profile of existing products/services to assess risks relating to security and
continuity of the product/service.

10
3) Card Issuer shall design technical systems for Credit Card processing with sufficient
capacity to continue ongoing operations, which shall be monitored periodically and
upgraded when the Card Issuer considers reasonably necessary.

4) Card Issuer shall have sufficient clearing and settlement arrangements to enable efficient,
reliable and secured operation of the Credit Card system.

5) Card Issuer shall ensure to perform an annual self-assessment of the Card Issuers
compliance with the Regulations, Guidelines and Code of Conduct. Internal auditors,
internal compliance officer or appointed independent assessor shall perform this self-
assessment as part of their on-going functions.

p) Cenral bank of Sri lanka & Credit card opration

Central Bank of Sri Lanka (CBSL) through the Payment and Settlement Systems Act
No. 28 of 2005 is entrusted with a legislative mandate to implement the national payment
system policy and oversee the payment and settlement systems in the country to ensure
safety, efficiency, competitiveness and stability.Having considered the timely requirement
of improving the electronic payment mechanisms and at the same time ensuring customer
protection, the CBSL took steps to execute the Service Providers of Payment Cards
Regulations No. 1 of 2009 on 31 July, 2009.

q) Popular Credit Card brands in Sri Lanka

1. HSBC Platinum Cash back Card-VISA

2. Sampath Bank Platinum Card-VISA

3. Sampath Bank Master Card Gold Card

4. Commercial Bank Classic Card-VISA

5. HNB Visa Gold Card

6. HNB Master Card Regular

7. BOC Master Gold Card

8. Seylan Bank Platinum Card-VISA

9. NDB Gold Credit Card-VISA

10. Sampath Bank Visa Classic Card

11
r) Frauds associated with credit card operation

Credit card fraud is a wide-ranging term for theft and fraud committed using or
involving a payment card, such as acredit card or debit card, as a fraudulent source of funds
in a transaction. The purpose may be to obtain goods without paying, or to obtain
unauthorized funds from an account. Credit card fraud is also an adjunct to identity theft.

1. Stolen Cards

When a credit card is lost or stolen, it may be used for illegal purchases until the
holder notifies the issuing bank and the bank puts a block on the account. Most banks have
free 24-hour telephone numbers to encourage prompt reporting.

2. Application Fraud

Application fraud takes place when a person uses stolen or fake documents to open
an account in another person's name. Criminals may steal documents such as utility bills
and bank statements to build up useful personal information. Alternatively, they may create
fake documents. With this information, they could open a credit card account or Ioan
account in the victim's name, and then fully draw it.

3. BIN Attack

Credit cards are produced in BIN (Bank Identification Number) ranges. Where an
issuer does not use random generation of the card number, it is possible for an attacker to
obtain one good card number and generate valid card numbers. But the probability for such
an action remains very low and because of the presence of the Valid date / Expire date and
the CVV.

4. Phishing

Scammers may use a variety of schemes to lure victims into giving them their card
information through tricks such as websites pretending to be of a bank or payment system.
Telephone phishing can also be employed, in which a call center is set up to pretend to be
associated with a banking organization.

References

Wikipedia - https://en.wikipedia.org/wiki/Credit_card

CBSL Web Site - https://www.cbsl.gov.lk/sites/

12