Card Issuing - Business Insights

Covers key business models, regulations, and practical steps for launching and managing card and IBAN programs.

Introduction to Card Issuing & IBANs


Introduction to Card Issuing & IBANs

VISA or Mastercard?

Sometimes our customers ask if it is better to issue VISA or Mastercard cards. In this article we would like to answer this question. 

Main payment schemes

There are two main payment schemes in the card area that have almost monopolized global card business - VISA and Mastercard. Next to them there are several local schemes, sometimes going global that are also worth thinking of in more sophisticated global projects (like UnionPay China, JCB Japan, EC Karte Germany etc.) but in general in majority of projects you will do the business decision if you prefer to issue VISA or Mastercard cards. 

In one sentence the answer is - usually it does not matter. But if you go into details, depending on the country or type of the program there may be some important differences worth considering.

Key decision points

Below we present some important decision points:

  1. Financial and marketing support - depending on the country and type of program VISA or Mastercard can decide to support your program financially or from some marketing assets. If so, it makes sense to consider this as an important factor in the decision making process. Check with your card issuing partner if there are such possibilities. 
  2. Interchange differences - in some countries (outside of the European Union) there are slight but important differences in Interchange Fees which in the end means that you can earn more from every transaction. Check with your card issuer if such a situation exists on your market. If you are going to offer cards globally, it may also be possible that inter-regional (inter-continental) transactions will be more profitable in one payment scheme. So it is worth checking.
  3. Cost factors - usually fees connected with a card issuing program will be dictated by your card issuer or BIN Sponsor but in some cases a card issuer may have different fees depending on the cost of VISA or Mastercard transaction fees. 
  4. Special local or global card benefits programs - both Mastercard and VISA are developing various loyalty, discount, value added services that can make your program more interesting for users. In Poland, for example, Mastercard is running a very attractive card benefit and loyalty program called "Priceless Specials". It is worth checking as it may be an important value added for your portfolio and users that may be much more important than any financial details.
  5. Brand and acceptance - in 95% of countries there is no visible difference in acceptance and brand between VISA and Mastercard. But in some cases it exists. For example if you are going to issue cards in Hungary - Mastercard is much more popular and customers are used to it. It is worth checking before making a decision.
  6. Educational and consulting support - it can be valuable help. In various projects, countries or regions payment schemes can have services or people that can help you a lot in defining a good value proposition and important details of a card issuing program. This may be very valuable as very often employees of Mastercard and VISA are very professional, have a lot of knowledge and can help you in developing your portfolio. If you have such support, try to use it. 
  7. Shareholding connections - in some cases (like Verestro) one of the payment organizations (in our case - Mastercard) will be a shareholder of your partner. It may be very valuable as you will have in-depth support of the payment scheme and card issuer. It may be useful in various situations, difficult cases connected with rules etc. Make use of such cases, if you can. 

Conclusion

Those are the main differences. It is worth considering. In the majority of cases your partner in card issuing will have some preferences and sometimes there will be no choice. But it is certainly worth considering when deciding which card issuer and payment scheme to choose. 

Thanks for reading.

Introduction to Card Issuing & IBANs

Prepaid, debit or credit cards - the main differences

Before launching a card issuing program, our customers consider which card product to use. In this article we will summarize the key differences and considerations. 

There are three main groups of payment cards: pre-paid, debit and credit cards. Below we summarize the most important differences.

Prepaid cards

Debit cards

This is the biggest group of cards in the world:

Credit cards

These are the main differences between the above mentioned products. In most cases, you should be thinking about debit cards because they give you the same benefits as prepaid ones, and you can convert them into credit cards by giving loans to your customers.

Introduction to Card Issuing & IBANs

Issuing cards in various currencies

Verestro and its partners can issue cards in multiply currencies. Depending on the currency it is easier or more difficult but it is possible to issue cards in multiply currencies. Let me explain how to do it in this article. 

Firstly, let's discuss that to issuing cards in particular currency (let's say CZK) means that user has an account in CZK and when he is paying 100 CZK his account gets debited with 100 CZK. To achieve this situation normally the card issuer needs to implement Settlement Service with Mastercard or VISA in CZK. This means that card issuer will have to send 100 CZK to Mastercard after the transaction so that Mastercard could transfer it to acquiring institution and later to merchant. Once this Settlement Service is enabled everything works well but the problem exists if issuer does not have Settlement Service in particular currency or sometimes such Settlement Service does not even exist and issuer must settle money in USD or EUR. Sometimes it is not worth spending money and time on new Settlement Service implementation as it can cost 25-40k euros. 

In such situation we can implement Internal Settlement with partner in particular currency. It means that users will keep money in CZK, users will be charged 100 CZK if they pay 100 CZK but all money transfers between Verestro payment institutions and our partners will be happening in EUR. There will be some FX risks connected with this approach but they can be covered through a bit higher fees for users. 

There is only one exception to this rule - it is necessary that we can hold money in this new currency in the banks where we hold accounts. It is necessary that accounts are stored in this particular currency to avoid difficult fluctuations. 

Ask us for Internal Settlement if you are interested in card issuing in multiply currencies. 

Introduction to Card Issuing & IBANs

Multicurrency cards - 3 implementation options

Multi-currency topic is an interesting and important concept of card issuing that usually requires some explanation. Because of the very big market of currency conversion and usually very high fees of universal banks connected with international transactions, it became popular to implement multi-currency cards. Actually the first Revolut use case, heavily promoted several years ago, was connected with this topic. So let's go into details. 

There is actually one problem that we want to solve when thinking of implementing multi-currency cards - how to enable the best and most effective card payments in an international environment? There are various approaches to this problem:

Scenario 1 - multi-currency cards and accounts

In this example we offer users multiple payment accounts in various currencies.

  1. The user gets a single payment card connected with all accounts
  2. In case the user pays with currency X, the authorisation system recognises transaction currency and debits account of currency X
  3. In case there is no money on this account, system debits another (default) currency

This example is very often used, but it has a few disadvantages. The first is that the user must perform currency conversion before. It is an action before his/her travel and actually it is an unnecessary action from the logic's perspective. It should be more convenient for the user to have one account and cheap currency conversion during every transaction. But usually consumers like the solution because they can manage this currency problem in advance, see FX rate and can make decisions on how much money to convert. 

Implementation of this scenario is not easy because card issuing companies either need to enable multi-currency functionality with Mastercard / VISA  or to implement multiple settlement accounts with payment organizations and manage conversions accordingly based on transaction currency. There are additional fees that Mastercard and VISA charge for this service which can make this implementation costly.

Scenario 2 - currency conversion on a single account

Another way of solving the currency conversion topic is to think about how to enable the cheapest conversion during a transaction. In this example the user does not have to convert currency before his travel. He just uses his card while traveling. I personally like this approach the most because it is easier for me but in reality many customers prefer scenario 1. 

In this scenario, to have dynamic rates, there is a need for online FX API integration and dynamic management of rates during authorisation. Usually card issuers use static conversion rates offered by Mastercard and VISA but this leads to some additional costs and margins. Ensuring dynamic currency conversion during authorization and proper conversion management may be difficult to achieve. 

Scenario 3 - multiple cards for different currencies

The third way of managing the multi-currency topic today in the virtual card environment is issuing multiple cards to multiple accounts in various currencies. In today's world this is easily achievable as the cost of card issuing went heavily down. It works in the way that users have several cards, connected with various accounts and card visuals, visible in Apple Pay or Google Pay with the currency of a particular card. The user can choose a card which is the most convenient for him/her.

In this scenario we need to offer an inexpensive currency conversion mechanism as the user needs to manage balances on each account separately and perform conversion in advance. 

This is actually the cheapest scenario of implementation.  

While thinking about the multi-currency topic, please consider various scenarios and ways of solving problems. Sometimes the default plan (scenario 1) can be very costly from the transaction processing perspective because of additional fees of payment schemes. 

Thanks for reading.

Introduction to Card Issuing & IBANs

BIN Range or Separate BIN in Card Issuing

Our customers usually ask if it makes sense to issue cards on a separate BIN fully dedicated for a particular project or just use BIN range and share it with other partners. Let me focus on this topic in this short article. 

BIN range

There are not so many disadvantages of dedicating a BIN range for your project. In many cases this decision will be much better. Key reasons:

The only slight disadvantage in such an approach is that there may be a situation when this BIN gets compromised because of some user behavior. It is a very rare situation but it could happen. If you share the BIN with other customers, there is a risk that you will have to change the BIN and cards for customers because of the actions of other customers. We believe that this risk is very small - it has never happened in our history.

Separate BIN

Some people believe that if they have "own" or "dedicated" BIN, the project will be much better. In reality it is not so. It is only more expensive and slower (see above). There is more work and some additional risks connected with the new BIN setup. However, the advantage of a separate BIN is the same as mentioned above - you do not share the BIN with other partners, so in case of BIN compromise, you will know that it happens because of your actions. 

I do not see any additional big differences, disadvantages or benefits of using a separate BIN. 

Thanks for reading. 

Introduction to Card Issuing & IBANs

What steps should be taken to start a card issuing project with Verestro outside the European Economic Area?

What steps should be taken to start a card issuing project with Verestro outside the European Economic Area?

At Verestro, we are focused on simplifying global fintech space by building a multifunctional,  multi-BIN-sponsor, multi-processor, multi-acquiring, multi-bank platform. Our final target is to offer payment and financial services globally in any country in the world. Today we are offering card management, tokenization and payments on 5 continents. We store above 5 mln cards and tokens. In the group we process over 2 bln USD in payment transactions annually.

If you are interested in issuing cards outside of Europe, we can start a project immediately. Normally such a process works in the following way:

1. You contact us and we talk about your plans.

2. You can start integration with our Sandbox immediately using the tech documentation and APIs released in our Developer Zone https://developer.verestro.com/

3. We sign a contract to cover the services.

4. We search for BIN sponsors relevant for markets where you operate unless we have them already integrated and commercially ready.

5. You can issue cards, enable payouts to cards or enable other payments once you finalize your technical integration and we are ready with the chosen BIN sponsor on the particular market.

6. We take care of all operations, settlements. You take care of your go-to-market strategy, frontend, marketing, pricing, etc.

The big advantage of such an approach is that your platform is not dependent on a single BIN sponsor, you can work with multiple partners. You can also migrate the program easily to your own BINs once it grows and you become a direct Principal Member of Mastercard or VISA.

Introduction to Card Issuing & IBANs

What are the legal and payment scheme rules for launching a prepaid card program without KYC?

Recently we have been asked the question: “What are the options for a merchant or cafeteria to launch a card program based on prepaid cards (such as lunch cards and gift cards) that doesn't require a KYC process?”

There are a lot of misleading pieces of data regarding prepaid cards and gift cards. Those issues are mainly caused by differences between the legal environment and Mastercard or VISA rules. In this article we would like to go deeper into this topic and explain what is possible and what is not possible.

Key regulatory and scheme requirements for prepaid card programs

Let’s start with key rules:

1.  PSD2 (legal environment in Europe) and AML law say that payment institutions have to know their customers so full KYC must apply. Sometimes, depending on the country, some limited KYC rules are possible in case a payment institution issues a payment instrument with payment or transaction limits i.e. non-reloadable gift cards. We work in compliance with the Polish law which states that it is possible to issue anonymous cards only in case:

a.  Value of monthly transactions is limited to 150 EUR

b.  Value of such card is limited to 150 EUR

c.  Only POS and eCommerce transactions are allowed

2. Mastercard and VISA rules claim that in case of specific non-reloadable prepaid cards it is possible to issue anonymous cards. It requires special approval for the program.

3. In some specific use cases (expense management, lunch cards) it is possible to perform KYB of the company selling prepaid cards only. In such a case money on account must belong to the company and the company can issue such cards with limited KYC to its employees or users.

Implementing reloadable and non-reloadable gift cards

Taking the above rules into account, we can imagine the following scenarios: 

Scenario 1 – non-reloadable gift cards with limits up to 150 EUR with limited acceptance

It is possible to issue cards for such programs after approval of the payment scheme.

Scenario 2 – reloadable gift cards for the company and its business expenses

It is possible to sell gift cards connected to the business account of the company (after KYB) assuming payments are connected with expenses or specific use cases of this company. 

Please contact us if you want to issue similar programs with simplified KYC rules. We will advise on the best scenario and try to find ways to quickly launch a prepaid card program that meets your business needs.

Business Model & Financial Structure


Business Model & Financial Structure

Ranking of card issuing companies

How to choose a BIN sponsor and card issuing partner?

Choosing a BIN sponsor or card issuer is a difficult decision for many partners. Most of our partners do not come from the payment card business, so they learn by doing. In this chapter, we are going to describe the key decision factors of choosing a card issuer and make a simple ranking that we will be upgrading and updating in the coming months and years, as not all information is available to us immediately. On purpose, we will not compare other companies to us, it would not be fair to include Verestro - our goal is to educate in this article.

There are the following key decision factors in choosing a card issuing partner:

1. REVENUE SHARE - Cards issued for my users bring various revenue streams. Are they shared with me? 

2. COSTS - Obvious point.

3. FUNCTIONALITY & SERVICE - a very important point. Critical in the long run. 

    • Does the partner have mandatory functionalities?
    • Does the partner offer currencies that I need for my users?
    • What are other products that can increase usability or profit that the partner offers?
      • Maybe a loyalty program?
      • Any insurance offers and additional benefits that could be sold to customers?
      • Perhaps invoice scanning and expense management? 
      • Maybe white label solutions?
      • Card reload mechanisms?
      • Payouts to cards?
      • etc.
    • Does the partner offer quick access to a developer zone or a test environment? 
    • Does the partner make their APIs public?

3. SECURITY AND FINANCIAL STABILITY - a critical point. Maybe it should be the first one.

Here's an initial comparison of the best known card issuers in the European Union (grades: low - high):

Name Country Revenue Share Costs Functionality & Service Security & Financial Stability
Treezor.com France Medium High Medium Medium
Swan.io Denmark Medium High Medium Medium
Dipocket.org Lithuania High Medium Low Low
Solarisgroup.com Germany Medium High Medium Medium
Wallester.com Estonia Medium Medium High Medium
Stripe USA Low High High High
Weavr.io Malta Medium Medium Low Medium
Verestro Poland Make your own assessment Make your own assessment Make your own assessment Make your own assessment

Source: Financial Stability results based on 2022 or 2023 results available in Internet; all other data from publicly available sources. Please make your own assessment.

Business Model & Financial Structure

Card issuing - financial details

How can I earn from card issuing? This is a common question that is asked by our customers. Let me explain the key financial areas connected with this business. 

Indirect revenue or cost savings

Usually, the main reason for issuing cards in different segments is indirect revenue or cost savings. The first question that you should ask yourself is connected with your use case. What can a payment card bring to my customers or my business? The answer to this question is different for various business segments and is the most important factor in defining a financial model for such an operation:

There are many use cases and this is the main value for you. You can charge additional fees for this new service offered to your users, or you can limit your operating costs thanks to card issuing. However, there are direct revenue streams and costs associated with issuing cards and I will describe them below:

Direct revenues of card issuing

The following direct revenue is connected with card issuing and card transactions:

  1. Interchange Fee - when your user pays online or offline at any merchant, there is a fee called Interchange Fee that the issuer of cards receives for this transaction. The value of this fee depends on the country, transaction type, card product type, etc. In general, it is between 0,2% (for consumer debit cards issued in Europe) to 1-2% (for various types of cards for transactions done on other continents). Make sure you check with your card issuer or BIN sponsor how they share this fee with you - it is the most important revenue stream.
  2. Currency Conversion Fee - every card transaction done in another currency than currency of a card account results in currency conversion. This action usually enables charging fees. Typically, they are between 0,5% to 8% depending on card product, country, currency, etc.
  3. User fee - card issuers, banks, financial institutions usually charge various user fees for using their payment card. Examples of such fees are: one-time fee for issuing a card, monthly fee per card, annual fee per card.
  4. Transaction fees  - depending on a card product and a type of transaction, card issuers charge users additional transaction fees. A very standard fee is an ATM withdrawal fee - it is almost always valid because there are direct costs of an ATM withdrawal called ATM Service Fee and these costs need to be covered. Sometimes card issuers charge POS or eCOM transaction fees - for example 0,1% fee for every transaction done with a card.
  5. Value added services - a card product enables you to charge additional services, i.e. insurances, VIP support, concierge etc. that increase your revenue streams.
Direct costs of card issuing
  1. One-time fee for card issuing - usually 0,1-1 EUR. This fee is charged at the moment of card issuing. This fee covers costs of payment processors, various costs of operations connected with issuing the first card.
  2. Monthly fee per card - usually you pay 0,1-1 EUR monthly per issued card. This covers both technical, regulatory and financial risk costs of card issuers.
  3. Transaction fees:
    • per transaction (from 0,05-0,3 EUR) - depends on a type of transaction, region of transaction etc.
    • per transaction value (from 0,01%-0,5%) - depends on a transaction value.
  4. ATM service fee - very specific fee which is part of a transaction fee in fact. For every ATM withdrawal, a card issuer needs to pay a fee which is transferred to an ATM operator. Usually, it is in the value of 0,5-3 EUR + 0-1% from the transaction value.
  5. 3DS operations fee - transactions in eCommerce require additional authentication. Such an operation usually results in an additional fee charged by a card issuer (0-0,04 EUR per transaction).
  6. Apple Pay fees - Apple charges additional fees for using Apple Wallet. Those fees are both per card quarterly and per transaction volume - different for POS transactions and inApp transactions. We are not allowed to disclose the level of these fees.
  7. Plastic card related fees - production, personalization and transport of plastic cards is a serious operation that involves various costs. Typically, between 2-5 EUR per card depending on customer location, type of card, etc.

These fees are usually charged by card issuers and BIN sponsors to their partners. They have to charge them because there are various costs that we need to cover (this issue also applies to Verestro and our BIN sponsors). The main card issuing costs are:

  1. Payment scheme fees - Mastercard, VISA or any other payment organization charge a lot of various fees for connecting with them and using their licenses and technology. This is one of the biggest components of costs for card issuers.
  2. Payment processors - this is our (Verestro's) role. To issue cards, you usually need to hire external, certified payment processors. They charge a lot of fees for using their technology. Examples of such processors are :  Verestro :) , Paymentology, Fiserv, First Data, Marqueta etc.
  3.  Card manufacturers and personalisation centers - if you issue or sell plastic cards, you need to produce and personalize these cards. Companies like Austriacard, Thales, Idemia charge fees for such operations.
  4. Regulatory compliance costs - to become a card issuer in any country, you need to have a payment license, get certification, fulfill necessary roles that are not present in another business. This is a serious cost for card issuers.
  5. Security costs - to work with payment cards and process them, you need to fulfill various security requirements. The most important ones are summarized in the Payment Card Industry Data Security Standards. They include not only internal actions but also annual and quarterly audits that you need to perform to be compliant and offer secure operations.

There are other possible revenue streams and costs connected with card issuing, but the ones described above are the most important ones.

Thank you for reading.  

Business Model & Financial Structure

Example of Profit & Loss calculation in card issuing

Calculating profits and losses in card issuing is not easy, especially when various card issuers offer different fee and revenue models. Below I would like to show a few examples. 

Let's imagine we are a fintech wallet with 10.000 users and we would like to issue cards for these users. The first step we need to take is to try to forecast key parameters of product, transaction, revenue and cost assumptions:

  1. Product
    • Product - Debit Business Mastercard card
    • Settlement currency - EUR
  2. Transactions
    • Average number of cards in a year - 10.000
    • Offline POS transactions in Europe: Number of transactions per month - 5 ; Average Transaction Value (ATV) - 30 EUR
    • Online eCom transactions in Europe: Number of transactions per month -  3 ; ATV - 40 EUR
    • ATM transactions in Europe: Number of transactions per month - 2 ; ATV - 100 EUR
    • Share of currency conversion transactions in Europe - 10% (transactions done in Polish zloty, Czech koruna, Romanian Lei, Swedish krona etc.
    • Offline POS transactions outside of Europe: Number of transactions per month - 1 ; Average Transaction Value (ATV) - 60 EUR
    • Online eCom transactions outside of Europe: Number of transactions per month -  1 ; ATV - 60 EUR
    • ATM transactions outside of Europe: Number of transactions per month - 0,1 ; ATV - 100 EUR
    • Share of currency conversion transactions outside of Europe - 100% (transactions done in Polish zloty, Czech koruna, Romanian lei, Swedish krona etc.
    • Share of registered ApplePay cards - 30%
    • Share of ApplePay transactions - 20% for online and 90% for offline contactless
  3. Revenue
    • Interchange fee for business cards (fee from POS and eCommerce transactions; we assume 100% of interchange stays with partner)
      • in Europe - 1.2%
      • outside Europe - 1.5%
    • ATM withdrawal fee - 0.5%
    • POS and eCommerce transaction fee - 0%
    • Currency conversion fee - 2%
    • Monthly fee per card - 1 EUR
  4. Costs
    • One-time fee for an issued card - 0,4 EUR
    • Average monthly fee per card - 0,3 EUR
    • Fee for offline POS transactions in Europe - 0,10 EUR + 0,1%
    • Fee for online eCom transactions in Europe - 0,10 EUR + 0,11%
    • Fee for ATM transactions in Europe - 0,9 EUR + 0,3%
    • Fee for offline POS transactions outside of Europe - 0,3 EUR + 0,45%
    • Fee for online eCom transactions outside of Europe - 0,3 EUR + 0,5%
    • Fee for ATM transactions outside of Europe - 0,3 EUR + 1.2%
    • Currency conversion fee - 0,5%
    • Apple Pay active card quarterly fee - 0,25 EUR

Let's do quick calculations.

image-1716539138898.png

Please treat it as example and make your own calculation. There will be many dependencies connected with segment, type of portfolio, detailed pricing, volume estimations etc.

Taking into account the above assumptions, you could earn 30.933 EUR monthly and 371.192 EUR annually on such a portfolio. Seems high? Interested what cost of investment is needed?  Contact us. 

Thanks for reading.

PS. If you are interested in receiving an Excel file related to these calculations, let us know at sales@verestro.com.

Business Model & Financial Structure

Interchange Fees and Service Fees - rates and rules

Disclaimer. This article shows in some detail the topic of Interchange Fees. It is presented in the best way to make business decisions, but unfortunately this topic is very complex, so it does not cover 100% of information. If you need 100% of information, please check the Mastercard and VISA interchange manuals. Please take into account that this article is written in May 2024, we will try to update information regularly, but make sure you get up-to-date information before making final business decisions.

Introduction

Interchange Fees and Service fees are fees that the issuer of cards gets or pays from/to an acquiring institution to cover cost of payment transaction or payment instrument. Those are fees connected with using Mastercard or VISA cards that are dependent on the decision of payment schemes and they improve or decrease P&L from card issuing activities. In Mastercard manuals they have the following definitions:

This is quite a complicated topic and we will not be able to cover all details in this chapter but let us try to answer 90% of questions coming from this area. There are several factors impacting the level of interchange. The most important are:

Let's start with information about types of interchange from geography point of view. There are 3 important groups of transactions:

The Mastercard EEA subregion where we are located today for purposes of the application of intra-EEA interchange fees includes the following:

The Mastercard Western subregion includes the following: • All EEA subregion countries/territories previously stated • Switzerland, Andorra, Monaco, San Marino, and Holy See (Vatican City State), Antarctica, Greenland, Faroe Islands, Saint Barthelemy, Falkland Islands, Guernsey, Isle of Man, Jersey, Saint Helena, Ascension and Tristan Da Cunha Helena, South Georgia and the South Sandwich Islands

The Mastercard Eastern subregion includes the following: Albania, Armenia, Azerbaijan, Belarus, Bosnia and Herzegovina, Georgia, Israel, Kazakhstan, Kosovo (United Nations Mission in Kosovo), Kyrgyzstan, Macedonia, Moldova, Montenegro, Russian Federation, Serbia, Tajikistan, Turkey, Turkmenistan, Ukraine, and Uzbekistan.


Additional complexity comes from types of cards. There is different interchange for :

Let us simplify this topic by creating a few tables with the most important Interchange Fee examples that we recommend to use for your business calculations.


Consumer standard Mastercard debit cards for cards issued in Poland (Polish BIN)
Domestic transaction

0.2%

some local interchange levels apply for government, bill payment - usually max fee level is defined in those programs.
Intra-EEA transaction 0.2%
Intra-EEA ATM Service Fee 0.5 EUR + 0.12%
Intra-European POS transaction 0.59%
Intra-European full 3DS transaction 1.19%
Intra-European ATM Service Fee 1.3 EUR + 0.2%
Inter-regional transaction POS 1.6%
Inter-regional transaction full 3DS 1.54%
Inter-regional ATM Service Fee 0.3 USD + 0.6%

Consumer Premium Mastercard debit cards for cards issued in Poland (Polish BIN)
Domestic transaction

0.2%

some local interchange levels apply for government, bill payment - usually max fee level is defined in those programs.
Intra-EEA transaction 0.2%
Intra-EEA ATM Service Fee 0.5 EUR + 0.12%
Intra-European Premium POS and 3DS transaction 1.55% for Platinum
Intra-European ATM Service Fee 1.3 EUR + 0.2%
Inter-regional transaction POS and full 3DS 1.85%
Inter-regional ATM Service Fee 0.3 USD + 0.6%

Consumer Super Premium Mastercard debit cards for cards issued in Poland (Polish BIN)
Domestic transaction

0.2%

some local interchange levels apply for government, bill payment - usually max fee level is defined in those programs.
Intra-EEA transaction 0.2%
Intra-EEA ATM Service Fee 0.5 EUR + 0.12%
Intra-European World Elite transaction 1.8%
Intra-European ATM Service Fee 1.3 EUR + 0.2%
Inter-regional transaction POS and full 3DS 1.98%
Inter-regional ATM Service Fee 0.3 USD + 0.6%
Consumer Mastercard credit cards for cards issued in Poland (Polish BIN)
Domestic transaction

0.3%

some local interchange levels apply for government, bill payment - usually max fee level is defined in those programs.
Intra-EEA POS transaction 0.3%
Intra-EEA ATM Service Fee 0.5 EUR + 0.12%
Intra-European POS transaction 0.59% for Platinum
Intra-European full 3DS transaction 1.19%
Intra-European ATM Service Fee 1.3 EUR + 0.2%
Inter-regional transaction POS 1.1-1.6%
Inter-regional full 3DS transaction 1.54%
Inter-regional ATM Service Fee 0.3 USD + 0.6%

Business Mastercard debit cards for cards issued in Poland (Polish BIN)
Domestic transaction

0.2%

some local interchange levels apply for government, bill payment - usually max fee level is defined in those programs.
Intra-EEA POS transaction 1.5% (minus 0.3% if acquirer meets some criteria)
Intra-EEA full 3DS transaction 1.75% (minus 0.3% if acquirer meets some criteria)
Intra-EEA contactless transaction below EUR 25 0.8%
Intra-EEA ATM Service Fee 0.5 EUR + 0.12%
Intra-European POS chip&pin transaction 1.7% (minus 0.3% if acquirer meets some criteria)
Intra-EEA contactless transaction below EUR 25 1.15%
Intra-European full 3DS transaction 1.95% (minus 0.3% if acquirer meets some criteria)
Intra-European ATM Service Fee 1.3 EUR + 0.2%
Inter-regional transaction POS and full 3DS 2.0%

Business Model & Financial Structure

Master balance and collateral in card issuing projects

During the implementation of card issuing projects with Verestro and our partner payment institutions, we receive questions about liquidity management and collateral in card issuing projects. Let me summarize and explain the key dependencies. 

There are two important points that need to be taken into account:

1. Collateral - this is a dedicated amount of money and account which needs to be transferred by our partner to our account to cover costs of payment risks and collateral that we need to pay to Mastercard or VISA. Usually it is between 3-5 days of transaction volume. The collateral is non-refundable until the end of the project and may grow in time together with the volume of transactions. If we do not take collateral, there is a risk that in case of growth, we will have to block the partners' transactions because we will not have enough liquidity at Mastercard or VISA accounts.

2. Master balance - it is an account (in other words cash balance) dedicated to our card issuing partners where our partner stores his own money which covers fees paid to Quicko and/or transaction settlement in case of working with external balance API. There are two possible situations that affect the amount of the master balance:

    • Scenario 1 - In case External balance API is used which means that partner keeps information about user balance and every transaction authorisation is routed to partner for approval. In such a case we have to keep the Master balance of the partner up to the amount of transactions. Every transaction authorisation is verified by the partner but also on our Master balance account. A day later we have to settle money for this transaction with Mastercard so we must have enough cash on Master balance to cover this transaction amount. Every day or any time our partner transfers additional money to the Master balance to make sure that there is enough liquidity to cover costs of transactions of their users. This means that the amount on the Master balance is high enough to cover transactions of users during a day, week etc. 
    • Scenario 2 - In case internal balances are used, we have a situation where all users' money are kept at our payment institution. It means that the partner does not need to provide additional funds to cover transaction volume. In such a case the partner needs to transfer just an adequate amount to cover the amount of transaction and card fees to be paid for card issuing activities. 

In all card issuing projects both collateral and masterbalance exist so please make sure you are aware of differences between those two definitions. 

Thanks for reading. 

Business Model & Financial Structure

Pay with Rewards, Pay with Points

There are multiple use cases where you can use virtual Mastercard payment cards. Let me explain how it works, how you can offer your users a loyalty program or another point-based program to make transactions at any merchant location. 

Let's imagine you provide a loyalty program for your users. You can also have any other point-based offering that enables rewards. You are interested in launching a program in which your users will be able to pay at any merchant location with a Mastercard virtual card. 

In such a case you could use our card issuing services with External Balance API. It would work in the following way:

  1. We launch a business card program for you. We perform Know Your Business verification with you as a company. Every card issued in the program will be in fact a payment card of your company.
  2. You integrate with our Lifecycle API in order to register users and request cards
  3. You integrate with card issuing API to manage cards and with External Balance API to be able to authorize transactions.
  4. We would also integrate your solution with Apple Pay and Google Pay, and the cards would have your visual. Thanks to this, your users could easily use them for any payment.
  5. You have to decide what the value of a single point is. You will receive from our system authorization for 20 EUR and  you will have to approve or decline this transaction.
  6. We will ask you to open an account at our partnering payment institution - you will have a Master balance which will cover direct settlement of payment transactions. You can reload Master balance every day. 
  7. From that moment users will be carrying your payment cards in their Apple Pay and Google Pay wallets and every transaction will be routed to your system for authorization. At the moment of transaction we will use Master balance to cover the transaction cost and you will charge point balance of the user.
  8. Additionally, you could limit merchants where users can make transactions and get an additional fee from the merchant for enabling transactions at a particular merchant. 

In today's payment world, such a project is easily available and not difficult to implement. There is a simplified integration and after several weeks you can go live with a new functionality. 

Thanks for reading.

Business Model & Financial Structure

Guide to IBAN setup process

In this article we would like to focus on IBAN, bank accounts delivery to your customers. This topic is raising a lot of questions and requires attention.

Let's assume that you would like to offer IBANs for your customers. If you are a fintech provider, money transfer organization, lending company, eCom marketplace, it could make a lot of sense as a value added product. In such a case Verestro, together with partnering payment institutions and banks can provide you IBANs via API or inside our SDKs or white label products and your customers will be able to transfer money to and from those bank accounts in the same way they do it in normal mobile or internet banking. 

But what happens in the background? How does it work?

There are a few dimensions that we need to remember about once enabling the IBAN product - technology, money movement, money holding, liquidity management etc. 

Technology

From a technology perspective it is not very difficult. You just go to section IBAN management in our Developer Zone and can find APIs. Please remember that you must create a user first in our database, perform KYC in majority of cases, create a balance or account for this user and once it is done you will use this IBAN API to create an account number (IBAN) for this payment account.

In the background, during project setup and operations, Verestro and our partnering payment institutions create for you a set of IBANs from one or more banks that will be used in case you request IBANs or transfers via API. Once transactions come to this IBAN, technically you are receiving information from our system that the balance of the account changed and you can display this information to the user.

Money Movement

By Money Movement we mean a process of transferring real money from sender to receiver. Because we are using various payment institutions and banks behind our system, it is worth discussing. There are the following steps in this transaction:

  1. Sender sends money to IBAN of your user generated at Verestro platform
  2. Our partnering payment institution or bank receives information about incoming transfer to this IBAN
  3. Verestro platform informs you about the incoming transfer and optionally initiates movement of money to another bank which acts as settlement bank for your transactions. This happens in case IBAN is generated in another payment institution than Settlement Bank
  4. Money gets available on user or your account or for settlements of card transactions at the moment it arrives at Settlement Bank (usually you do not experience any problems as it is at D+1 time)
Money Holding

In all cases money is held by banks cooperating with Verestro so they are secure in the same way as any other banking account in those banks. We cooperate only with strong and reliable banks in various countries (usually based in Poland).

Liquidity Management

In some cases once you are receiving and sending money from and to IBANs, in order to avoid delays of money transfers between various payment institutions and banks, it is necessary to place and manage additional liquidity benefits so that your users could send money faster. We will inform you about such situations during the project depending on the requirements and use case we are going to implement together.

Thank you for reading. 

Business Model & Financial Structure

IBANs, cards, balances - how to manage all of this?

Once you are starting a payment account and/or card issuing project you need to learn key definitions and relations between those various parameters.

Balance ID - this is a real "account" in the Verestro system. This number is connected with User ID and means that the user has an account and balance in our system. The user can keep money on this Balance ID.  Of course, one user can have multiple balances but a single balance can belong to one user only

IBAN - this number is often mixed with Balance ID.  IBAN is a number through which the user can receive money to his balance via wire transfer. IBAN is not a balance ID. Generally it does not make sense to have more than one IBAN for one balance. Normally you issue one IBAN for one balance. Usually a user can have more IBANs and balances if he wants to keep money on separate accounts, in various currencies etc.

Card number - easier to understand, just a card number issued to a particular balance ID (not to IBAN!). A user can have multiple cards connected to one balance ID.

Once preparing to project with Verestro, please learn the above definitions. More info here: https://developer.verestro.com/shelves/card-issuing-ibans

Regulations, Compliance & Risk


Regulations, Compliance & Risk

Regulatory and license impact on card issuing

Legal issues related to regulatory or payment scheme rules often arise in questions we receive from our partners and clients. In this article I would like to summarize key dependencies, limitations and rules that have a very important impact on payment accounts opening, card issuing and also acquiring or money transfer activities. 

When you are launching a payment institution, you have several areas to cover. One of the most important of them is a legal and rules area. Usually this impact can be divided into three main groups of activities: legal requirements, anti-money laundering requirements (which is a specific type of legal requirements) and payment scheme rules. Let me deep dive into each of them.

To operate payment activities, almost in any country you need to get a payment license. There are various types of payment licenses depending on the country, so here I would like to summarize the most important details. In many cases you can hear about EMI (Electronic Money Institution license), Bank (Banking license), Credit Institution, Acquiring Institution etc. These requirements are usually connected with operational activities that the company needs to fulfill to perform payment operations for other entities. They consist of:

It is important to understand details of such requirements and to follow changes of law and rules on a regular basis.

From the business point of view those requirements force us to :

For our partners - just make sure that you follow the rules we inform you about. They are critical for our activity, licenses, so in fact they are securing your business. 

AML and KYC requirements

AML (Anti-Money Laundering) and KYC (Know Your Customers) are part of legal requirements but it is worth presenting them as a separate group because they usually have the biggest impact on operations. The main goal of these rules is to ensure that payment organizations are not used to launder money, support terrorist or illegal activities. They also allow governments to monitor a payment activity area which may be helpful in fighting crime activities. 

Key areas of impact of those requirements can be summarized as follows:

It is interesting that AML and KYC requirements do not block us from issuing cards or opening payment accounts for partners located outside the European Union with our payment companies licensed in the European Union. We are allowed to perform payment activities for Brazil, US, China citizens, as well as the Polish, German or French ones. 

Make sure that you collect user documents and provide them during the user registration to us to fulfill those requirements.

Payment Scheme requirements

Payment Schemes (Mastercard, VISA or others) have separate requirements that must be followed by their partners and licensees. These requirements are similar to the previous ones but not always the same. Key requirements that do have impact on business are:

Problematic areas

Usually problems in a business discussion come in the following areas:

Following regulatory, AML and payment scheme rules is critical for payment companies. We do not have a choice. This is part of the game of card issuing and we must follow requirements. However, it is good that such rules exist. They make our customers' money safer and minimize much bigger risks of running or supporting illegal activities. 

Thanks for reading. 

Regulations, Compliance & Risk

KYC and KYB requirements in card issuing

KYC (Know Your Customer) processes usually raise a lot of questions. In this article, I would like to summarize the most important decision points and requirements. 

KYC regulations are directly connected with Anti-Money Laundering (AML), regulatory and sometimes with payment scheme requirements. In general, every payment or banking institution must be aware who its customers are, should know the source of its customers' funds, and should have information about the ways customers use money held by the payment institution. Regulators require that payment institutions know and monitor this in order to limit the risk of supporting terrorist or illegal actions. 

The main question in every project is: "Who is the owner of the money on account?" We can have 2 situations:

1. CONSUMERS - If the consumer is an owner of the money on account, the KYC process has to happen. Usually it means that the user (consumer - not a company) needs to provide an ID document or passport and selfie, meeting or video call needs to happen to make sure that consumer is a real person signing a contract with a payment institution. There are various additional verification ways that a payment institution may require, but those are the key ones.

2. BUSINESSES - If a company is an owner of money, the KYB (Know Your Business) process has to happen. Usually it means that the user (company owner, manager etc.) not only needs to provide an ID document and make a selfie or a video call, but the payment institution needs to verify beneficiaries (the owners of more than 25% of shares in the company). 

In both cases the payment institution is obliged to check whether the consumer, business manager or business owner is not present on various sanction lists, i.e. OFAC or UN sanction list. 

These rules are critical and in fact all other implications are outcomes of them. In projects connected with launching Payout to Cards, the very first question that we need to answer is :  "Who is the owner of the money on account?" If the consumer is an owner of the account (scenario 1) - the consumer needs to go through the KYC process. If the business is an owner of the money on account (scenario 2), the KYB process will have to happen and there will be no additional KYC.

There may be non-standard situations that will require some analysis. Let me present a few interesting scenarios:

As you can see, there can be different approaches to KYC and KYB requirements, so it is worth reviewing the legal structure and thinking about how to improve the user experience in such projects. 

Thanks for reading. 

Regulations, Compliance & Risk

Know Your Customer – in-house or outsourcing

From time to time, our customers ask us whether it is better to perform Know Your Customer activities in-house or to hire a company to do it for them. In this article we would like to answer this question.

KYC activities are very important. On-boarding your customer is actually the first process that the customer uses, so smooth processes are critical for our future relationship with a particular customer. If the process does not work correctly, the customer can block and all our marketing and acquisition efforts will be useless.  But how to do it right?

You can have 2 general scenarios:

Scenario 1 – build KYC in-house

You can start building this process yourself using your IT team. Actually, it is not so difficult. The process consists of a few obligatory steps that have to be performed by user:

  1. Get user data
  2. Get user photo or video
  3. Get pictures of user’s document or documents
  4. Check sanction lists
  5. Approve / decline / get into interaction

It seems to be easy 😊  but actually it is not so easy. There are some security and legal regulations that need to be fulfilled. There are specific requirements of payment institutions that will have to be fulfilled. You need to collect this knowledge, be ready to update your systems. Additionally, you have to think of automatizing this process on your side so that the user does not wait too long for approval of their application. From a financial perspective it sometimes can be much cheaper than automated KYC. Let’s do a quick calculation. If you hire a person and pay 10 EUR per hour to this person for performing KYC activities you can imagine that such a KYC employee will perform simple consumer KYC actions (verification of data, photos etc.) for one customer during 1 minute. It means that the cost of processing a single application is 10 EUR divided by 60 minutes = 0,16 eur per user!!!

Additionally, if you need to perform regular scanning of sanction lists, avoiding per user costs becomes more critical because there may be requirements that users are scanned against sanction lists once per month… If you have 0,1 eur cost per such scanning it means that you have variable cost of your operations. Very important disadvantage.

Advantages:

Disadvantages:

Scenario 2 – outsource KYC

In this scenario you perform a tender and choose the best KYC provider for you. You can be quick with this process, you will get all technology this partner has but you will have to pay per user and maybe for some development and customizations. You will have an outsourcing company that most likely will have to be officially registered at your regulator as you are outsourcing anti-money laundering processes to this partner. It is definitely an easier process at the beginning of your journey but think about dependencies and cost.

In the long term you may also encounter problems with your partner that some specific requirements or unhappy path for your users does not work correctly. You should not think that you can automatize 100% of your on-boarding processes and you do not need to hire anyone. You must have some manual process, possibility to check application yourself and you must hold data yourself for future use.

From a financial perspective – you will have to pay per user or sometimes recurring fees per verification additionally. This may be a heavy cost for your business model. I think that this long term dependency is the critical disadvantage and you need to be careful.

Advantages:

Disadvantages:

Summary

It is a difficult choice. In our opinion, in the short-term, it may be better to involve a 3rd party. However, in the long term, risk of dependencies, partner stability and variable fees seem important and you need to carefully consider if you do not want to have those capabilities in-house. Please also remember that while implementing 3rd party automatic solutions, you must have a manual process ready to process unusual customers.

Our services in this area are focused on this strategy. We use both 3rd party vendors and an internal system for managing KYC processes for ourselves and for our customers.

Regulations, Compliance & Risk

PCI DSS & other security requirements

Very often customers ask questions connected with security. In this article we would like to summarize key requirements connected with Payment Card Industry Data Security Standards (PCI DSS). There are other rules that we and our partners need to follow (like GDPR for example) but it will be the topic for another article. 

The most important question that needs to be answered before going into details of PCI DSS requirements is - Am I actually processing payment card data? 

Key PCI DSS requirements mentioned below apply only in case that the partner has access to card number (PAN - Primary Account Number), expiry data or other related card data. If the partner does not touch them, if the partner cannot see those numbers there is only one requirement - a simple Self Assessment Questionnaire (SAQ) needs to be fulfilled to confirm that the partner is compliant with PCI DSS requirements. 

It is very important that you choose the correct way of integration with the card issuing platform. If you use our mobile SDKs or white label products, usually you will not have access to card data and will be able to approve your project just after fulfilling SAQ mentioned above. So please consider this way of integration to avoid additional costs and risks of PCI DSS compliance. However, if you connect via API, which is a usual way of integration, you will have to comply with security rules. Please read this section twice. This is the most important - choice of integration method will be decisive if you have to or not go through annual external audits and all hassle connected with PCI DSS. 

Assuming you do process card data, depending on what your role is, different levels will be applied to you. You can be a merchant or a service provider. In simple terms, if you do the work for yourself then you are a merchant if you want to further provide the service (intermediary) you are most likely a service provider. In card issuing projects you will rather be a service provider because you offer cards to your users. Let me give some examples:

Service Provider - wallet, crypto wallet, money transfer organisation offering cards to own users etc.

Merchant - an insurance company that wants to use a card to send money to their users, a lending company that wants to send a card to users, a corporation or SME  giving business payment cards to their employees etc.

Who is according to PCI DSS "Merchant"
PCI DSS, or the Payment Card Industry Data Security Standard, defines a merchant as any entity that accepts payment cards (such as credit cards and debit cards) as a form of payment. The term "merchant" can encompass a wide range of businesses and organizations, including traditional retail stores, e-commerce websites, restaurants, hotels, and service providers that handle cardholder data.

Under PCI DSS, merchants are required to comply with a set of security standards and practices to protect the payment card data they handle. These security measures are designed to ensure the confidentiality and integrity of cardholder data, reduce the risk of data breaches, and protect both customers and the payment card industry as a whole.
PCI DSS compliance requirements can vary depending on the merchant's size and the volume of card transactions they process. Merchants are typically categorized into different levels based on their transaction volume, with higher-volume merchants facing more stringent compliance requirements.

There are 4 levels of compliance and requirements depending on volumes of cards and transactions. 

Level of PCI DSS

Your business does

What you should do

4

·       Less than 20 000 eCommerce transactions per year

·       Less than 1 million other transactions per year

·       Complete an annual Self-Assessment Questionnaire (SAQ)

·       Conduct quarterly network scans by an Approved Scanning Vendor (ASV)

3

·       20 000 – 1 million transactions per year

·       Complete an annual Self-Assessment Questionnaire (SAQ)

·       Conduct quarterly network scans by an Approved Scanning Vendor (ASV)

2

·       1-6 million transactions per year

·       Complete an annual Self-Assessment Questionnaire (SAQ) or ROC conducted by a QSA

·       Conduct quarterly network scans by an Approved Scanning Vendor (ASV)

1

·       6 million + transactions per year

·       Complete an annual internal audit

·       Conduct quarterly network scans by an Approved Scanning Vendor (ASV)


Who is according to PCI DSS "Service Provider"
According to the Payment Card Industry Data Security Standard (PCI DSS), a Service Provider is defined as any business or entity that is not a payment card brand (such as Visa or Mastercard) and is involved in the processing, storage, or transmission of payment card data on behalf of another organization. Service Providers play a crucial role in the payment card ecosystem, as they offer various services to help businesses accept and process card payments more effectively and securely.

Service Providers can include a wide range of businesses, such as:

  1. Payment processors
  2. Payment gateways
  3. Hosting providers
  4. Managed security service providers
  5. Data storage companies
  6. Point-of-sale (POS) system providers
  7. Customer relationship management (CRM) software providers
  8. Software-as-a-Service (SaaS) providers

Service providers are categorized based on the services they provide and their interactions with payment card data. Here are some common classifications of service providers based on PCI DSS:

Level of PCI DSS

Your business does

What you should do

2

·       < 300 000 transactions per year

·       Complete an annual Self-Assessment Questionnaire (SAQ)

·       Conduct quarterly network scans by an Approved Scanning Vendor (ASV)

1 (Verestro has 1 level of PCI DSS)

·       > 300 000 transactions per year

·       Complete annual internal audit conducted by a Qualified Security Assessor (QSA)

·       Conduct quarterly PCI ASV scans

Verestro has the 1st level Service Provider of PCI DSS, which means that we have to go through quarterly PCI ASV scans and an annual external audit performed by certified PCI DSS assessors. In accordance with the principles of PCI DSS, Verestro is obliged to check if the partner is working in compliance with the PCI rules, so we will be checking what the level of transactions and cards in your case is. 

image-1713429427331.jpg


So let's remind our two possible scenarios:

Scenario 1 (The partner does not have any access to unencrypted PAN numbers) -> THIS IS THE BEST AND RECOMMENDED SCENARIO. In this scenario you will most likely use our SDKs and admin panel and full encryption of card data. Verestro will guide which Self-Assessment Questionnaire (SAQ A for merchants) is appropriate and ask a few questions (from SAQ). The document will have to be signed by the partner.

Scenario 2 (The partner can access unencrypted PAN numbers) -> in this scenario:

If the partner plans to achieve 0,3 million transactions/interactions, there are two options:

If you would like to discuss your requirements in more detail and receive more information, please contact us. 

Thanks for reading. 

Regulations, Compliance & Risk

Reverse solicitation – marketing & promotion of card issuing in multiple countries

One of the limitations in global card issuing and account opening activities is connected with licenses and regulations for particular countries. Payment institutions have Mastercard or VISA licenses for particular countries as this is the way Mastercard and VISA systems work. In the European Union it is possible to get a license for the whole region but in other countries and regions you must get a license per country.

This makes the process of card issuing difficult in today’s digital economy because you usually do promotional and marketing activities in multiple countries. You have users from Europe, Asia, Africa, Americas and other continents. It would not be smart to limit your payment services only to users from particular countries.

This is a critical point and you should be discussing this point with your card issuer at the beginning of your cooperation with them. The answer to this problem is not easy or white-black. There are some important considerations that we present below:

  • Multi card issuing and multi card processing – we believe that integrations with multiple card issuers that have licenses in multiple countries is critical for the success of global programs. Verestro works with payment organizations in multiple countries and solves this problem globally. In such cases, those problems disappear.
  • Regulatory compliance – your payment institution must check if it is legally possible to open a payment account and provide payment cards to users from many countries. In case of Quicko (our BIN sponsor) we are allowed to open payment instruments and accounts to users from multiple countries assuming we fulfill AML requirements
  • Mastercard and VISA rules – Mastercard and VISA give licenses for particular countries. It is impossible to get a license for all countries. There are some specific processes to get approval for program in other countries than you have payment scheme license but it is not clear in fact and there are some risks for every program

There are some general rules that you should follow as our partner so let us describe it:

  1. You should be able to prove that the main focus of your marketing actions is in Europe if your card issuer is based in the EU. We may ask some additional questions. Mastercard can have a look at places where transactions are happening etc. Try to focus on Europe.
  2. You should be able to provide proof that even if we are distributing cards to consumers living abroad there is an economic interest of those people in Europe. Maybe they travel to Europe, maybe they have employees in Europe etc.
  3. If you are distributing cards to companies, make sure they have headquarters or offices located and registered in Europe.
  4. The best would be that your users have resident addresses in the European Union that they are registering during card on-boarding. This solves all the problems.
  5. We would like to be aware of your marketing activities in countries outside of Europe. It is important that we are aware, maybe we inform local Mastercard so that they are aware.

Our intention in the long run is to solve this problem by working with multiple partners globally and grow with licenses to other countries together with our customers. Don’t hesitate to contact us if you want to do global card issuing business.

Operations, Customer Journey & Implementation


Operations, Customer Journey & Implementation

Card Lifecycle Management

Once launching card issuing projects, our customers usually forget that it is a long-term activity that requires constant verification and improvements. It is very important that you understand and manage your card holders and use best practices in card lifecycle management. Let me summarize key activities from a timeline perspective. 

Stage 1 - choosing a card issuing partner

Obvious step. Everybody focuses on financials and technical integration. Very few people check value-added services and other products. Almost no one is aware of PCI DSS & other security requirements that will make your life easier on stage 4 and later ones. Another common mistake is that you do not check the financial stability of your card issuing partner as if it is not important for your business and users. 

Stage 2 - implementation

Obviously important. No comments. Check Dev Zone and implement. Make sure your developers read specs carefully. Make sure you understand AML and KYC regulations so that you can comply with rules and the project can be built on strong fundamentals. A common mistake is not to consider Stage 4 - card lifecycle management processes are forgotten.

Stage 3 - launch 

Everybody focuses on this moment, plans campaigns, distributes cards. And usually this is the last implementation step of this new product. It is a mistake. 

Stage 4 - card lifecycle management

Once you are up and running, it is very important that you are able to monitor your portfolio, create reports, organise personalised campaigns and manage your portfolio in a very active way. There are several rules to follow in order to maximise your portfolio's earnings and performance. The most important ones are summarised below:

Card issuing is a long-term activity. Please do not think that you will launch it and everything will work properly. You should be constantly working to attract more users and teach existing users how to use the cards so that they add real value to your business. Good luck!

Thanks for reading.

Operations, Customer Journey & Implementation

How can I reload a payment account or card?

There are many ways of transferring money to payment accounts or cards. In this article we would like to explain how it can be done with Verestro and in other cases. 

Let's start with definitions so that we speak the same language. What is a payment card? What is a payment account? What is an IBAN? It seems simple, but in fact many customers use these words in a different way.

Once we know those 3 definitions, let's look at the ways of transferring money to a Payment Account, which in other words could mean ways of reloading a Payment Card. There are several ways that we can use:

  1. Bank transfer to IBAN - in such a case the user is sending money from an external bank account to our Payment Account, using an IBAN connected with our Payment Account. Usually it is a very easy, fast and effective way of transferring money in case of domestic transfers. It could be a costly way of reloading an account if the customer is abroad. 
  2. Payout to Card - in such a case the user is sending money from another bank or money transfer organisation using a Payment Card number issued by Verestro and our issuing partner. The customer is using Mastercard Moneysend or VISA Direct to transfer money from another account to their Payment Account at Verestro. Usually it is very fast but not cheap way of money transfers.
  3. Card-to-card - card-to-card transfer is used when the user provides at external service another Mastercard or VISA card and transfers money to a card issued at Verestro. In such a case a funding card (a card issued by another bank) is debited and our Payment Card is credited, which means that money will appear on the Payment Account soon. 
  4. Reload by another card via PSP, Google Pay or Apple Pay - in any wallet of our partners we can provide functionality called Paytool which enables charging another card and sending money directly to the user's Payment Account. In this situation a funding card is charged as if it was an eCommerce transaction. The user's Payment Account can be reloaded quickly. 
  5. Reload by partner - in many cases our partners can use their own funds to reload the user's Payment Account. Examples of such situations are lending institutions that issue a card and reload a Payment Account with a loan amount. Similar example could be issuing cards for insurance related claims - in such a situation our partner (insurance company) adds money to the user's card and sends the card to the insured person. Usually such a reload happens via MasterBalance which is an account that we hold for our partners and it contains their money. This account can be used for a reload, as is usually used for transaction processing. 
  6. Reload by crypto assets - in some cases it is possible that our partners send crypto assets and we will convert them in cooperation with our partners into FIAT currencies to reload the user's account.
  7. Openbanking - our partners can use open banking PIS (Payment Initiation) messages to transfer money to the user's Payment Account. We can help with such reload tools using our Paytool product. 

Those are ways of reload we use today. We are happy to work on other ways of money transfers and enable new ones. 

Thanks for reading. 

Operations, Customer Journey & Implementation

Customer service and user claims in card issuing

Once you start issuing cards for your users, you will experience a wide range of various problems and requests coming from your customers. In this article we will summarize the most common issues, so that you can get prepared. 

These include:

  1. Transactions not working
  2. Problems with delivery or activation of plastic cards
  3. Transaction reversals and refund issues
  4. Fraudster activity

Point 1 - Transactions not working

The most common problem after starting card issuing is connected with performance of transactions. Your users will inform you about problems with transaction authorisations or merchants not accepting their card etc. There can be plenty of reasons for such problems. The most important are:

Point 2 - Problems with delivery or activation of plastic cards

Usually, when you decide to use not only virtual, but also plastic cards, you will experience various problems with personalization, delivery or activation of plastic. In different countries there may be various issues with these processes. They are usually connected with logistics or lack of easy activation methods for cards. Some of those issues can be cleaned by us during the project, but for many of them we will not have a good solution. Actually, in today's digital world, we do not recommend issuing plastic cards, but if you need to do so, get ready for such problems. 

Point 3- Transaction reversals and refund issues

White paying with cards, customers will experience situations that they want to resign from a transaction after some time. Sometimes immediately - and in this case reversals will be used. Sometimes after several days - in this case refund will be used. In such situations we should receive an authorization from the merchant or acquirer that credits the transaction. We should be able to deliver this message to you, so that you can increase the user's balance on account. But sometimes this process does not work correctly. If the card issuer does not receive a message from the acquirer or payment scheme, we are unable to give you this information. User's funds may get frozen for 2-4 weeks. It is important that you understand that such things happen.

Point 4 - Fraudster activity

Any new payment activity in the world is attracting the attention of fraudsters or payment mafias. There are people in the world specialised in stealing card data or making transactions with cards while having no money on accounts. This is a very serious risk for you, as they will be testing your systems as well. This is especially visible if you have many "Do not honour" transactions or weak Know Your Customer processes. Be ready for it. Monitor your traffic. Cards will not always work for all payment transactions, some fraud rules will block suspicious activities, but your online monitoring is necessary. 

Those are key points to remember about. Please do not forget about them while launching your card issuing program with us. 

Thanks for reading. 

Operations, Customer Journey & Implementation

Tips to avoid problems when implementing card issuing

So you have a good business case for issuing cards for your customers and you found a perfect vendor who can provide formal and technical services in this area. Right after signing the contract you’re ready to implement. What now?

Now it’s time to make sure that the implementation will be as smooth as possible and you and your team won’t get stuck on some of the common problems that may happen in the project. Of course each vendor has his own approach, but let us explain how to avoid some of them based on Verestro’s experience.

Preparing everything for you takes a moment

Depending on your particular setup we will need 4-8 weeks to prepare everything for you. From dedicated environments so that your customers and their cards will always be safe and secure, to ensuring that you will be able to use the cards in Apple and Google wallets and that your proper logo will appear in the 3DS confirmation screen when customers will be paying online. In the meantime you can focus on understanding all the APIs using Sandbox environment and make sure that your team is ready for the work in front of them – for example by analyzing the documentation carefully. Our services will be available for you one by one, so you don’t need to wait full 8 weeks to start implementation – usually first work on your side starts after 2-3 weeks from the kickoff meeting.

Test and adapt

Everyone is always eager to launch the product to final customers – that’s obvious. But it’s good to plan an extensive testing phase that will limit the potential volume of incidents that may happen once you’re live. A simple successful transaction done in ecommerce and brick and mortar POS is a very good prognosis, but should not be the end of testing phase. Take into account different scenarios and edge cases (like reversals and refunds – or even partial reversals). Take into account that there are many players in the world of payments and that a simple transaction is actually a connection of several backend systems (acquirer, issuer, payment network, additional vendors). The more you test, the less surprises will be there in the end.

Knowledge and understanding is key

Issuing cards and processing transactions is unfortunately not like riding a bike – it’s easy to forget. During the project with Verestro you’ll learn a lot about the world of payments and cards. Make sure this knowledge is gathered on your side and distributed between team members.

Plan your MVP

Rome wasn’t built in a day. Best banks did not simply appear in a moment. Issuing cards is a vast topic that requires a lot of iterations to make sure the basics are solid. It’s always good to start with essentials:

If you’ll start focusing on ‘nice-to-have’ features too early in the process, you may loose sight of more basic processes what may cause delays in the whole project.

Having all of that in mind should make your project more streamlined and effective.

Author: Adrian Durkalec

Operations, Customer Journey & Implementation

How to prepare for a card issuing project?

Do you want to issue cards to your users? In this article we describe what is required on your side to implement virtual or plastic cards in your applications. 

Let's imagine you are a fintech, crypto wallet, lendtech or any other company with a concrete target segment, some or thousands of users and you have a mobile application for your customers. You have decided to go live with card issuance in order to increase revenue and user loyalty. Below we describe the main decisions and steps you need to take to get ready for a card issuing program:

  1. Decide on a card issuing partner - check out other articles we have on this topic in the Knowledge Center. Make sure that the partner has the necessary functionalities, legal requirements and flexibility that you can accept. Check your partner's financial standing. Contact us for more details.  
  2. Analyse and describe your use cases - describe user flows, develop some initial graphs of how key processes will work. Focus on user onboarding, Know Your Customer steps, card generation and activation, card management and transaction flows. Read the Developer Zone requirements during this step to make sure you are ready to integrate without difficult customisations. 
  3. Check the legal environment - try to analyse and understand the regulatory environment. Check if you can fulfill KYC requirements and how you can collect data from users. It is important that you submit a user selfie and document photos to the card issuer during the verification process. If you are working with us, please make sure that you have a European entity or branch in the EU to sign a contract with us for card issuing.
  4. Verify API integration - go to the Developer Zone and analyse APIs or SDKs that you will have to connect to. If you want to avoid PCI DSS audits and associated costs, consider using SDKs. It is highly recommended if you have a large group of users. 
  5. Make P&L analysis - consider the revenues from card issuing and the costs of this product. Make sure you understand unit economics. You can use articles in our Knowledge Center to start this work. Choose an affordable partner - do not think that if something is more expensive, it is better in quality. The card issuing business is a cost-based business where low level unit economics matter, especially cost per card and cost per transaction. Revenue share from interchange fees or currency conversions is even more important than costs. 

If you have checked these points, you are ready to sign a contract. Contact us sooner, let's work together. We can advise you on many of these points to build the best possible program for you. We have extensive experience in more than 30 countries on 5 continents. Make use of this knowledge to get started.

Thanks for reading. 

Operations, Customer Journey & Implementation

Payment schemes

In this document we describe how payment schemes (Mastercard and VISA) work.

Payment card business is a large global market, which was developed in the USA in the first half of XX century and has grown globally. In this document we will describe the main business principles and in the next chapters we will go into more details. We will focus mainly on Mastercard and VISA operations, as these are the largest payment schemes in the world and the main partners we work with. 

Four Party Model

image-1711799598153.png

Let's start with the general relationships between the parties. In the Mastercard and VISA 4-party model (which is actually 5-party model) there are the following players:

1. Cardholder - has a contract with Card Issuer, which is usually a bank, financial institution, payment institution, credit union, etc. Cardholder keeps a card in a plastic or virtual form that he/she gets from Issuer. Cardholder makes a purchase transaction at Merchant or sometimes withdraws money from an ATM. In the case of an ATM transaction, the ATM operator (usually a bank) acts as Merchant in a standard purchase transaction.

2. Merchant - delivers goods to Cardholder, but does not receive cash immediately, but accepts the card transaction, which gives him/her almost 100% confidence that he/she will receive money in a few hours or days.

3. Issuer - Issuer is usually a bank, credit union or any other payment institution that delivers payment cards to cardholders (consumers or businesses). Issuer signs contracts with cardholders. On the other side of business, Issuer has a franchising or licensing contract with VISA and Mastercard and connects to their network using Issuing Processors. Verestro and our partners (for example Quicko) plays the role of Issuer and Issuer Processor in our card issuing or BIN sponsorship projects. During the transaction process, Issuer usually gets authorization, clearing and settlement messages that result in transfer of money from a cardholder account to Acquirer so that Acquirer could settle the transaction with Merchant.

4. Acquirer - Acquirer is usually a bank or payment institution that signs contracts with merchants, settles payment transactions with merchants and has acquiring contracts with a payment scheme. Acquirer usually provides a payment terminal to merchant locations, and makes sure if it works and is ready for transactions.

5. Payment Scheme - Payment Scheme (i.e. Mastercard or VISA) are key for keeping the model running. They develop technical systems that issuers and acquirers are connected to, they process transactions, they develop the market. However, they are also the biggest beneficiaries of the market growth as every new transaction represents revenue for Mastercard and VISA.

Key Processes

There are several processes that take place during card and transaction processing, and here we will briefly describe the most important ones:

There are other important processes associated with payment systems and card transaction processing, but let's stop here and take a short break to understand these critical processes. 

Operations, Customer Journey & Implementation

Card Benefits in card issuing projects

Once you are launching your card program it is important to think about additional benefits that you can deliver for your users or products that can increase the value of your program. In this article we will show a few ideas and examples that you can use to enhance your card issuing project. 

How to strenghten your card issuing program? 

There may be more activities but these are the ones that you can implement relatively quickly in order to offer better service and increase revenue.