paint-brush
Heard You are Into Modern Card Issuing and the Open APIby@MichaelB
1,438 reads
1,438 reads

Heard You are Into Modern Card Issuing and the Open API

by MichaelOctober 5th, 2021
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

This article provides an introduction to the modern payment card issuing process and how Marqeta’s open API works at the heart of it. It will help both software developers new to payment card systems and experienced technical professionals who may need a refresher. Since 2010, there has been an explosion of innovation in distributed, fault-tolerant application development. The industry has a lot of moving pieces, but a basic understanding of its key players is helpful. A basic card transaction involves two parties, the cardholder and the merchant.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail

Coin Mentioned

Mention Thumbnail
featured image - Heard You are Into Modern Card Issuing and the Open API
Michael HackerNoon profile picture


Modern payment card issuing processes can deliver many different types of cards in a fast, efficient, and secure way.


By using open API platforms, card issuers can create customized card products and easily process hundreds of thousands of transactions.


By integrating with major card processing networks around the world, modern card issuing systems allow businesses to create payment solutions that:


  • Use a resilient and secure infrastructure on a global level.

  • Fit their customers’ needs.

  • Bring flexibility and ease of customization.

  • Scale rapidly.

  • Provide quick and easy marketability.


This article provides an introduction to the modern payment card issuing process and how Marqeta’s open API works at the heart of it. It will help both software developers new to payment card systems and experienced technical professionals who may need a refresher.


Let’s start with a brief history lesson.

How Did We Get Here?


Credit card terminals were first introduced in the late ’70s. While the electronic payment platforms brought new innovations to the retail industry at the time, the decades that followed saw muted technological development in the card issuing and processing space.


Since this was all pre-internet, a huge network of telecommunications and data management platforms were put into place to ensure electronic payment services were available worldwide.


With the widespread use of the internet, early adopters of eCommerce businesses like Amazon and eBay began to attract a massive number of regular customers.


This began the trend of businesses using electronic payment services. However, relatively smaller businesses still weren’t ready or able to adopt the technology...


… until this last decade.


Since 2010, there has been an explosion of innovation in distributed, fault-tolerant application development. Businesses began moving to a digital-first approach and using electronic payment services. Advancements in products like debit cards and e-wallets now allow easier access to electronic payment services.


On top of this, innovative businesses began looking for ways to issue their own cards, setting up custom payment programs while bypassing traditional card-issuing banks altogether.


For example, on-demand delivery companies like Uber and DoorDash use custom-issued cards for all of their delivery staff to use at restaurants and groceries, in order to streamline the payment flow. This boom has led to the rise of the modern payment card issuing business.

Payment Card Transactions: The Key Players

The electronic payment processing industry has a lot of moving pieces, but a basic understanding of its key players is helpful.

Cardholders and Merchants

A basic card transaction involves two parties—the cardholder and the merchant—transacting funds via a payment scheme. Simply put, the cardholder (also commonly known as the _consumer** **_or payer) uses a payment card to pay for a product or service.


The merchant (or payee) sells the product or service to receive the payment. However, to ensure that the cardholder can pay and the merchant can receive, more parties are involved in the transaction.


When the cardholder presents a card for payment, the merchant requests authorization for a payment transaction on that card. To accept these types of payments, the merchant must open a merchant account with a payment processor to settle the funds. By offering this efficient means of payment, the merchant can cater to a wider array of customers.

The Payment Processor

Payment processors are financial institutions that provide merchants the means to accept electronic payments. A payment processor facilitates the transaction between a merchant and the card network.


Using the appropriate card network, the processor captures the transaction information and forwards it to the cardholder’s issuing bank (also known as the issuer) for approval. When the transaction is approved by the issuer, the payment processor also settles the funds with the merchant along with all the related fees.

The Card Network

To facilitate the flow of transaction information between a processor and the issuer, a card network (for example, Visa or Mastercard) is involved.


These global institutions provide the underlying infrastructure, communications, standards, and processes to facilitate financial transactions across geographic boundaries by passing information and funds between processors and issuers.


In return, they charge the payment processors and issuers with a license or card scheme fee. These networks also set the standards that processors and issuers must follow for communication, dispute resolution, and other processes.

The Issuer

Finally, we have the _issuer—_a financial institution (most commonly a bank) that provides cardholders with payment cards and determines the spending limit on those cards.


They also manage payment authentication and information about the cardholder. For a payment to be successful, the issuer is responsible for checking that:


  • The transaction is valid

  • The card belongs to a valid and trusted cardholder

  • The cardholder has enough funds (or credit) to make this payment


In some cases, the card issuer and the payment processor can be the same institution. In these cases, the merchant isn’t charged any fees for the transaction between the issuer and the processor.

The Rise of Digital Payment Solutions

Traditionally, legacy card issuers offer one-size-fits-all products, many of which simply don’t fit the needs of certain customers. In particular, modern startups and digital-first businesses may be looking for features such as in-app payments and cryptocurrency transactions.


These businesses need a highly flexible yet robust payment solution—custom payment card products and associated payment methods—which they aren’t finding in legacy card issuers.


This need is fueled by the daily movement of millions of dollars worth of eCommerce transactions, which has been brought about by many factors, including:


  • The ease of building financial transaction-based applications

  • The ubiquity of mobile phones

  • The widespread use of social media platforms for buying and selling


Innovations like mobile point-of-sale systems are making it much easier for smaller players to enter the electronic payment industry. The number of digital payment users is increasing rapidly. Add to this changing customer preferences and their need to close transactions faster.


Put all of this together, and you can see why there’s a growing appetite among businesses and software developers for digital-first solutions in the payment industry.


Applications built with digital payment solutions have provided new ways to pay for goods and services, giving businesses a critical edge over their competitors.


Pioneered by startups like Uber, custom cards now allow businesses to have their own configurable payment cards and a simpler way to manage payment programs and even roll out their own rewards systems.


These new custom payment systems are made possible because of the open API.

The Open API Innovation

For decades, financial institutions have used ISO 8583, the international standard for facilitating the flow of transaction information around the globe.


Over the years, the standard has undergone numerous changes to support newer technology, but there are still many limitations and barriers to entry.


Businesses and developers began searching for a resilient solution without the burden of decades-old monolithic processes. This led to Marqeta’s creation of the open API for the payment card. In short, this API provides:


  • A granular breakdown of ISO 8583 processes for handling card transaction steps, abstracting away the monolithic and opaque approach.


  • The ability to handle all facets of digital finance, including funding, security, transaction processing, and notifications.


  • Programmable, flexible, and performant interfaces.

What Does an Open API Mean for Payment Card Developers?

ISO 8583 requires developers to strictly adhere to the entire transaction process flow. Marqeta’s API breaks down this monolithic payment flow into many well-defined and modular services, allowing developers more control over building custom applications while still meeting ISO 8583 obligations.


This granular approach also lets developers add features or notification hooks between payment process steps for a better handshake.

JSON Messaging

One major advancement that comes with this API is the use of key-value pairs formatted as JSON (a versatile data interchange standard). This is in contrast to ISO 8583 messaging, which uses opaque and esoteric codes.


Legacy payment processing systems, which had to translate these codes, ended up with time-consuming and error-prone processes. Legacy system developers often have to build separate integrations for different card networks depending on the network’s unique message formats. Since the JSON messaging standard uses labels instead of codes, all of these problems disappear with the use of Marqeta’s API.


For example, an ISO 8583 message would be an opaque string that looks like this:


010038C45934242420000042420000000330000037384992827492002827162889q839049f-839C01840f108


In contrast, the Marqeta platform translates this to developer-friendly JSON like this:


{​
  "token": "7bce6b80-d41e-439a-a51f-3654bf586fde",
  "user_token": "ad664734-1203-4a06-9c9c-27407a6909a6",
  "card_token": "71994a77-ca7b-47b0-a5ac-867fb2fd7e4f",
  "type": "authorization",
  "amount": 100.0,
  "network": "VISA",
   ...
}

Metadata and Transaction Matching

Another change that the API introduces is the ability to add metadata to messages. This makes it easier to reconcile transactions with order management systems. When an order ID can be added to a transaction message, then the result is transaction matching.


Matching authorization messages at the time of sale to subsequent events of the same transaction (such as clearing records, reversals, refunds, voids, and so on) means businesses can release holds on cardholder funds with confidence.

Publicly Available Documentation

Open APIs come with publicly available documentation.


The documentation allows new developers to start building card applications with ease, and it allows experienced professionals to identify potential vulnerabilities. This in turn promotes rapid innovation and improvement through feedback.

Development Sandbox

Marqeta’s API is available for testing and simulation within a sandbox, allowing developers to explore its features. Developers can quickly build, test, and provision cards for testing without involving a card-issuing vendor.


They have full control and flexibility in customizing their users’ card experiences. This control over customization means more fine-tuned products.

Built-in Compliance

Users of the API don’t have to think about implementing practices for PCI-DSS compliance. All PCI-compliant security practices are already handled by Marqeta.


Developers can immediately display their cards in apps and enable PIN activation without the need for obtaining their own PCI certification.

Global Scalability

An open API also allows payment developers to scale their payment card programs at a global level. A modern card issuing platform is designed for a build-once, deploy-anywhere approach; it doesn’t need to integrate with each local card network separately.


Also, the API’s back-end typically runs on cloud infrastructures that can automatically scale as usage grows. Developers no longer need to worry about redundancy or provisioning extra resources.

Digital Wallets

Digital wallet tokenization is another important part of modern card issuing with Marqeta’s open APIs.


The API integrates with digital wallet providers like Apple Pay or Google Pay (and global card networks like Mastercard and Visa), allowing API consumers to issue virtual cards or create digital wallets instantly.


The platform also provides encrypted and tokenized card data for digital wallet integration.

Event Notification

Lastly, the API comes with built-in webhooks for event notifications. This helps with event logging, transaction record maintenance, and the building of a rich end-user experience.

Final Words

The ability to develop and issue customizable and flexible card products without sacrificing security and scalability means financial businesses can now gain an edge over their competitors.


This modern card issuing process comes in a simple and efficient package to foster rapid development and faster time to market.


Marqeta’s Core API offers developers an easy-to-use platform for rapid-launching card products and their iterative development.


The API takes care of PCI compliance, tokenization, and integration from the very beginning. It also ensures flexibility through an almost endless list of customizations available for all aspects of a card program.


More importantly, the API provides developers with a trusted payment processing environment with industry-standard security, real-time notifications, and pre-built reports and visualizations.


Lastly, with Marqeta’s Core API, modern card developers build their product only once, and then they can deploy it anywhere in the world without needing to integrate with local card networks. The API is built on a resilient cloud infrastructure that ensures business continuity.


Electronic payments with payment cards began 50 years ago. After 40 years of relative technological quiet in the space, we’ve seen an explosion of innovation in the digital payment space in the last decade.


With that, we’ve seen the birth of modern card issuing—Marqeta’s open API—that enables today’s developers to build custom card issuing and payment programs for tomorrow’s digital-first industry leaders.


Also published here.