Over the last couple of years, with the World Wide Web
booming leaps and bounds beyond accountability, our lives have kind of been molded
by it. From what used to be a happy stroll for window shopping in the nearest
mall/shopping center over the weekends, has become a regular affair on a 15’’
screen. At times I really feel that world is not that big a place after all,
and if I can shop for anything just sitting at home why shouldn’t I be a couch
potato!! Jokes apart, this blog entry is dedicated to all the online shoppers
to provide them an education on how the magic plastic card pays our expenses in
a matter of split seconds.
Know Your Card:
It is very important that we be aware of the type of Credit
Card is the bank offering us. Essentially, there are mainly three types of
Credit Cards that are issued by banks all across the globe namely: Master Card,
VISA and MAESTRO, of this MAESTRO cards are generally not accepted by most
online shopping programs. So be cautious while getting that glittery card from
your bank. Next, a Credit Card, be it issued by any place in the world, will
always have a unique 16 – digit number. This is you’re a/c number as registered
in your bank. And third and most important aspect which acts as an identifier
to a card is the ‘CVV’ number, which is a 3 – digit number present just below
the magnetic strip of the card. With these facts cleared let’s begin with the
explanation of how exactly your plastic plays your bills online.
The Life Cycle:
The other day my father asked me this question “How exactly
does a website consider a successful payment from our Credit Card?” A very good
question and this is how I explained it.
Once we choose our product of purchase (say on eBay.com) we
proceed to the payment screen where under the section called as Credit Card, we
are required to fill in a few details, namely Full Name (As given on card),
Card Expiry Date, Registered Telephone Number and Registered Email address (all
information are related to the Credit card). Now this is where the fun begins. In
an online shopping scenario ebay.com is considered to be the ‘Merchant’, who, after recording your
Credit Card details, sends two sets of queries to verify the validity of the
card. The first set of query goes to your card’s issuer i.e. your bank, and the
second set of query goes to your card type owner, i.e. either Master Card or
VISA, depending on what type of card you posses. Since the details that you
filled earlier classify as your personal information, the Merchant does not
keep a copy of your details and instead passes it on to a third party, who is a
verified partner of both Merchant and your Bank. These third parties are called
‘Aggregators’.
The Aggregator’s work is a fairly simple one. It basically
relays the replies from one end to the other, thus keeping a complete
transaction history which can be passed on to law authorities (Federal Bank,
Reserve Banks etc) for reference and economic calculations. As I mentioned
earlier, the two sets of queries that were sent by the Merchant return with
replies about the validity of the card to the Aggregator. If found valid by
both parties, i.e. your Bank and your MasterCard/VISA, the next phase of the
transaction gets initiated. This is when we see the page getting redirected to
our bank’s payment page with a warning message on the browser that “Do not
refresh the page or press the Backspace button”. This is done because if the
page is refreshed, or any key is pressed the authenticated message with the
Aggregator gets lost and the transaction fails automatically.
Once on our bank’s page, we find that our card number is
present (first four numbers –XXXX-XXXX- last four numbers), our name, and the
amount we are to be billed for, with additional information required as the CVV
number, expiry date on the card and finally the password that we setup for our
online transaction. Do note that this information that we fill on the bank’s
page is NOT captured by the Aggregator. It’s the sole property of the bank. If
the information entered by you is correct the bank goes ahead and shows you a
flash message that the transaction is successful.
Post this we are redirected back to our Merchant page i.e.,
Ebay.com, which then shows us a confirmation that the product we paid for is
now a prized possession of ours. Note: During the redirect the message “Do not
refresh the page or press the Backspace button” is displayed again. This is
shown as the Aggregator again records the transaction history of the payment
made and any untoward input from our end can still cause the transaction to
fail. So ideally, wait till you receive an acknowledgement from the Merchant
website saying that the purchase is confirmed.
Finally, the Aggregator records all data of the purchase and
individually sends a copy of it to the Merchant, Master Card/ VISA, and your
bank. The data for the Merchant contains your account details as setup on
ebay.com, and the bank from where the payment was received. The type of
purchase and any loyalty points etc are sent to Master Card/VISA. And unfortunately,
your Bank gets the data which allows it to prepare the bill to be sent to you.
Hope this has been fairly informative and enlightening on
how the magic plastic card helps us pay our bills online. The Part – II of this
blog will deal with the security threats that you should be cautious about while
performing an online transaction via your Credit Card.
No comments:
Post a Comment