Credit Cards FAQ

Credit Card Authentication

Several techniques are used for authenticating a credit
card. Merchants who make few transactions usually carry out a voice-authentication
with the help of a touch tone phone. EDC or Electronic data capture in magstripe-card
terminals is another technique in which card is swiped through a reader. For
internet transactions through credit cards Virtual terminals are used.
Credit Card -- How Authentication Is Done


How Authentication works

When a credit card is swiped through a card reader Electronic Data Capture software
at the location of sale point dials a number through modem. This number is already
stored in the dialer which connects to an acquirer.


Role of Acquirer

The function of an acquirer, being a neutral organization, is to collects such
authentications requests coming from POS and provides them the validity and
guarantee of payment. When an authentication request comes to this organization,
its basic work is to checks any information present in the card's magstripe.
This information includes;

  • The Merchants ID
  • Card number validity
  • Credit cards expiry date

  • Credit limit
  • Use of Card

Another method of authenticating credit cards is by the use of an encrypted pin
number associated with your credit card. In such systems when you make a purchase you
enter the pin number through keypad.


The required pin is not embossed on the card like the credit card number. This pin code can be stored in two ways.

  • Pin can be stored in the bank's computer in encrypted form
  • Pin can be stored in the card itself in an encrypted format

This type of cryptography is known as one-way cryptography designed so that if someone has access to the bank's files he cannot steal your pin. The cipher can be calculated easily if the banks key and customer pin is known but to get plain text pin from cipher is not computationally feasible even after knowing the key of the credit card.



Same is the case of ATM cards. The communication between bank and ATM is encrypted to prevent theft. What thieves did was they tapped into phones lines and recorded the signals sent to the ATM to authorize the cash withdraw and after some time fed the same signal to steal the money.



If this doesn't seem secure enough then use smart cards that use an even secure authentication method for credit cards.

up