Methods

Card payments

Cardflo provides robust processing for all major card payments. Our platform ensures secure, efficient handling of credit and debit card transactions across multiple acquirers.

This capability is fundamental for any merchant, offering reliability and flexibility in managing your primary payment channel with advanced routing and optimisation.

Category
Methods
Capabilities
10
Available on
All plans
Apply now

The overview

Card payments remain the primary method for global digital commerce, functioning through a four-party model involving the cardholder, merchant, acquirer, and issuer. In this ecosystem, the gateway or payment service provider facilitates the transmission of authorisation requests and settlement instructions.

These transactions are governed by card scheme rules and local regulations such as PSD2 in Europe, which mandates Strong Customer Authentication for most electronic payments.

Effective card processing requires managing various components including Merchant Category Codes, Bank Identification Numbers, and specific technical protocols like 3-D Secure. The complexity of these interactions often necessitates sophisticated routing to minimise declines and manage interchange costs.

For merchants, card payments provide a standardise way to collect funds, though the process involves several layers of fees including scheme fees and interchange.

Understanding the distinction between authorisation, where funds are held, and settlement, where funds are transferred, is critical for managing cash flow and operational risk within a business.

How it works

  1. Initial Authorisation Request

    When a cardholder submits details at checkout, the transaction data passes through the gateway to the acquirer. The acquirer submits the request to the card scheme, which routes it to the issuing bank.

    The issuer checks for sufficient funds and verifies security credentials before responding with an approval or decline code.

  2. Authentication and SCA Compliance

    For transactions within the European Economic Area, the cardholder must undergo Strong Customer Authentication. This usually involves 3-D Secure protocols where the issuer requests two-factor verification.

    Success in this stage shifts the liability for certain types of fraud from the merchant to the issuer, reducing chargeback exposure for the business.

  3. Capture and Clearing Process

    Once authorised, the transaction must be captured to initiate the transfer of funds. This typically occurs in batches at the end of the business day.

    The clearing stage involves the exchange of transaction information between the acquirer and issuer via the card network, establishing the final amounts for settlement.

  4. Settlement and Fund Disbursement

    The final stage involves the issuer transferring funds to the acquirer minus interchange fees. The acquirer then deposits the net amount into the merchant account.

    This cycle varies based on the agreed settlement terms, often ranging from daily to weekly, and may include deductions for rolling reserves.

Why it matters

Authorisation Rate Optimisation

Achieving high authorisation rates is essential for maintaining revenue and customer satisfaction. Factors such as MCC selection, accurate AVS data, and smart routing between multiple acquirers can significantly reduce technical declines.

By analysing decline reasons, merchants can implement retry logic for soft declines, ensuring that legitimate transactions are not lost due to transient network issues or temporary bank outages.

Risk and Liability Management

Card payments bring inherent risks including chargebacks and friendly fraud. Utilising advanced tokenisation and 3DS protocols helps protect sensitive data and adheres to PCI-DSS requirements.

Efficient management of these payments involves monitoring dispute ratios and utilising representment processes to recover lost revenue. Proper risk management reduces the likelihood of an acquirer imposing higher fees or terminating the merchant identification number.

Global Reach and Compliance

Accepting international credit and debit cards allows businesses to scale beyond local borders. However, cross-border transactions involve complex FX considerations and varying regional regulations.

Maintaining a robust card payment infrastructure ensures compliance with AML and KYB standards while allowing the merchant to accept diverse card brands and denominations, which is critical for competing in the global digital economy.

Use cases

Global E-commerce Retailers

International retailers use card payments to accept diverse currencies and brands. By utilising global acquirers and network tokenisation, these merchants reduce friction at checkout and lower the risk of data breaches, while optimising for domestic interchange rates where possible.

Subscription Service Providers

Businesses with recurring revenue models rely on Merchant Initiated Transactions. They use account updater services to keep card details current, minimising churn caused by expired cards or technical declines during the automated billing cycle.

Marketplace Platforms

Marketplaces manage complex fund flows between buyers and multiple sellers. Card payments allow for centralised collection, followed by automated split settlements to various participants while ensuring all parties meet necessary KYC and AML requirements.

High Volume Service Sectors

Industries like travel or digital media handle large transaction volumes where even marginal improvements in authorisation rates lead to significant revenue gains. They prioritise low-latency gateways and sophisticated 3DS routing to maximise throughput.

By the numbers

85-95%
Average Authorisation Rate

This range reflects industry averages for established e-commerce merchants. Individual rates vary based on MCC, geographic region, and the implementation of 3DS protocols.

0.2-3.0%
Interchange Cost Variation

Standard industry range for interchange. Domestic consumer debit cards typically sit at the lower end, while international corporate credit cards attract higher fees.

Up to 70%
Fraud Reduction via 3DS

Typical reduction in successful fraudulent transactions observed by merchants who transition from legacy systems to 3-D Secure 2.0 with risk-based authentication.

Ready to route with Card payments?

Talk to our team about a live rollout on your acquiring stack.

Apply now

What you get with Card payments

  • Support for major global card schemes including Visa, Mastercard, American Express, and Discover systems.
  • Integration with multiple acquirers to enable redundancy and intelligent traffic routing for better performance.
  • Full compliance with PCI-DSS standards through secure tokenisation of sensitive primary account numbers.
  • Implementation of 3-D Secure 2.2 to satisfy Strong Customer Authentication requirements under PSD2.
  • Support for both Customer Initiated Transactions and Merchant Initiated Transactions for recurring billing cycles.
  • Real-time access to decline reasons and authorisation codes for detailed transaction analysis and reporting.
  • Automated account updater services to maintain continuity for stored card credentials and subscription renewals.
  • Advanced fraud screening tools to analyse transaction metadata and reduce the frequency of disputes.
  • Support for various transaction types including pre-authorisation, partial captures, and full or partial refunds.
  • Comprehensive settlement reporting to reconcile funds received against specific merchant identification numbers and batches.
See Card payments on your acquiring stack.

A short scoping call, then a written plan for your MIDs.

Apply now

Questions about Card payments

What is the difference between a soft decline and a hard decline in card processing?

A soft decline occurs when the issuing bank approves the transaction but the process cannot be completed due to a temporary issue, such as insufficient funds or a temporary technical glitch. These can often be retried successfully.

A hard decline occurs when the bank or the card scheme permanently rejects the transaction, such as for a lost or stolen card or an invalid account number.

Hard declines should not be retried as they can lead to increased fees or flags from the payment schemes.

How does 3-D Secure 2.0 impact the checkout experience and authorisation rates?

3-D Secure 2. 0 is designed to facilitate a more friction-free authentication process compared to its predecessor.

It allows for a richer exchange of data between the merchant and the issuer, enabling risk-based authentication. If the transaction is deemed low risk, the cardholder may not need to perform additional steps, leading to higher conversion.

Furthermore, successful 3DS authentication provides a liability shift, protecting the merchant against most fraud-related chargebacks, though it does not prevent disputes related to service quality.

What factors influence the interchange fees applied to my card transactions?

Interchange fees are set by the card schemes and paid by the acquirer to the issuer.

The specific rate is influenced by the card type, such as consumer debit versus corporate credit, the geographical location of the merchant and cardholder, the transaction environment like e-commerce versus point of sale, and the Merchant Category Code.

Regulated regions, like the UK and EU, have caps on interchange for consumer cards, whereas corporate and non-EEA cards often attract significantly higher rates.

Why is a Merchant Category Code important for card payment processing?

The Merchant Category Code is a four-digit number assigned to a business by the acquirer based on the type of goods or services provided. It is used by issuers to categorise cardholder spending and to identify high-risk sectors.

The MCC also determines the interchange rates applicable to the transaction. Incorrectly categorised MCCs can lead to higher processing costs, increased decline rates, or even the termination of processing facilities if the business activity does not match the assigned code.

What is the role of an acquirer in the card payment lifecycle?

The acquirer is a financial institution that enables merchants to accept card payments by providing a merchant account. They sit between the merchant and the card schemes, receiving funds from the issuers and settling them to the merchant.

The acquirer assumes the financial risk of the merchant, including the risk of chargebacks and insolvency. As such, they perform KYB and AML checks during onboarding and may require a rolling reserve to mitigate potential losses.

Can tokenisation improve my payment security and compliance posture?

Tokenisation replaces sensitive card data with a non-sensitive equivalent called a token. By using tokens, merchants avoid storing Primary Account Numbers in their local environment, which significantly reduces the scope of PCI-DSS audits.

Network tokens, issued directly by the card schemes, can further enhance security and authorisation rates as they remain valid even if the physical card is replaced, provided the account remains open. This serves to maintain high success rates for recurring transactions.

How can smart routing improve authorisation rates for international payments?

Smart routing involves directing a transaction to the acquirer most likely to approve it based on historical performance, card brand, and geographical location.

For example, routing a domestic card to a local acquirer typically yields higher authorisation rates and lower interchange costs than routing it to an international acquirer.

By dynamically selecting the path for each transaction, merchants can overcome regional outages and optimise for the specific preferences of issuing banks.

Get started

Ready for velocity?

Tell us about your business. We'll match you with the right acquiring partners and the right route, typically inside a week.

Apply now
Apply now