Hi, Aniket here 👋🏻 and welcome to my System Design Newsletter 😊!

Today, let's dive into the mechanics of what happens behind the scenes when someone swipes their Credit Card at a merchant's Point of Sale (POS) terminal. The transaction process can be broken down into two key flows:

1. Authorization Flow – the initial step that determines whether the transaction is approved or declined in real-time.

2. Settlement Flow – the End of Day (EOD) process where the funds are transferred from the cardholder’s bank to the merchant’s account.

   

Authorization Flow

1. After conducting thorough due diligence, the Issuer Bank issues credit cards to customers. This is a complex process in itself, deserving a separate post!

2. Transaction is initiated when a customer swipes their card at a merchant’s POS terminal — often from fintechs like Paytm or Pinelabs.

3. The POS machine has its own OS, which securely transmits tokenized card details, the txn amount, and encrypted merchant info to the Acquiring Bank.

4. The Acquiring Bank processes card payments for businesses and forwards the transaction to the relevant card network (or card scheme). In this example, HDFC Bank issued the credit card, and VISA serves as the card network.

5. VISA performs Anti-Fraud (AF) and Anti-Money Laundering (AML) checks and forwards secure transactions to the Issuer Bank which is responsible for:

   1. Checking card rules (active/inactive, card limits, domestic/international) and performing AML/AF checks.

   2. Debiting amount from credit card and doing accounting (Checkout Accounting in payment systems) of amount/revenue/tax.

   3. Notify the customer via SMS about the transaction's success or failure and relay the response back to VISA.

6. VISA sends the response to the Acquirer, which then relays it to the POS terminal. The POS displays a success or failure message and generates a transaction receipt.

Settlement flow

1. At the end of the day, the POS machine’s software sends all transaction data to the Acquiring Bank for reconciliation. This can be done via bulk APIs or by uploading files to a file server. Check out Reconciliation system to learn about designing a recon system.

2. After reconciling transactions, the Acquiring Bank sends the batch file to VISA, which then forwards it to the Issuer Bank.

3. The Issuer Bank performs the final reconciliation and follows these steps:

   1. Successful Reconciliation: The actual funds are transferred from the Issuer Bank to the Acquiring Bank.

   2. Failed Reconciliation: The amount is refunded to the customer’s credit card.

4. Finally, the funds are settled into the merchant’s bank account after deducting all applicable fees.
   

Important points to consider

1. Customer’s Credit Card Debiting: The customer’s credit card is debited immediately at the time of the transaction.

2. Merchant’s Account Crediting: The merchant’s bank account is credited at EOD.

3. Revenue Share and Fees: Different parties involved receive various revenue shares (fixed or percentage), which are deducted at different stages of the process. (For details, see our upcoming post on revenue sharing.)

4. Refund Scenarios: The amount must be refunded to the customer’s credit card in the following cases:

   • Pending Transactions: If a transaction is pending due to network issues during authorization, any debited amount will be refunded.

   • Reconciliation Failure: If reconciliation for a transaction fails, a refund must be processed.

5. AML and Anti-Fraud Checks: AML and AF checks are specialized and must be conducted at each step: by the acquirer, card network, and issuer.