A credit card is a small plastic card issued to users as a system of payment. It allows its holder to buy goods and services based on the holder's promise to pay for these goods and services. The issuer of the card creates a revolving account and grants a line of credit to the consumer (or the user) from which the user can borrow money for payment to a merchant or as a cash advance to the user.
A credit card is different from a charge card: a charge card requires the balance to be paid in full each month. In contrast, credit cards allow the consumers a continuing balance of debt, subject to interest being charged. A credit card also differs from a cash card, which can be used like currency by the owner of the card. Most credit cards are issued by banks or credit unions, and are the shape and size specified by the ISO/IEC 7810 standard as ID-1. This is defined as 85.60 × 53.98 mm (3.370 × 2.125 in) (3 3/8 × 2 1/8 in) in size.
Credit cards are issued by a credit card issuer, such as a bank or credit union, after an account has been approved by the credit provider, after which cardholders can use it to make purchases at merchants accepting that card. Merchants often advertise which cards they accept by displaying acceptance marks – generally derived from logos – or may communicate this orally, as in "Credit cards are fine" (implicitly meaning "major brands"), "We take (brands X, Y, and Z)", or "We don't take credit cards".
When a purchase is made, the credit card user agrees to pay the card issuer. The cardholder indicates consent to pay by signing a receipt with a record of the card details and indicating the amount to be paid or by entering a personal identification number (PIN). Also, many merchants now accept verbal authorizations via telephone and electronic authorization using the Internet, known as a card not present transaction (CNP).
Electronic verification systems allow merchants to verify in a few seconds that the card is valid and the credit card customer has sufficient credit to cover the purchase, allowing the verification to happen at time of purchase. The verification is performed using a credit card payment terminal or point-of-sale (POS) system with a communications link to the merchant's acquiring bank. Data from the card is obtained from a magnetic stripe or chip on the card; the latter system is called Chip and PIN in the United Kingdom and Ireland, and is implemented as an EMV card.
For card not present transactions where the card is not shown (e.g., e-commerce, mail order, and telephone sales), merchants additionally verify that the customer is in physical possession of the card and is the authorized user by asking for additional information such as the security code printed on the back of the card, date of expiry, and billing address.
Each month, the credit card user is sent a statement indicating the purchases undertaken with the card, any outstanding fees, and the total amount owed. After receiving the statement, the cardholder may dispute any charges that he or she thinks are incorrect (see 15 U.S.C. § 1643, which limits cardholder liability for unauthorized use of a credit card to $50, and the Fair Credit Billing Act for details of the US regulations). Otherwise, the cardholder must pay a defined minimum proportion of the bill by a due date, or may choose to pay a higher amount up to the entire amount owed. The credit issuer charges interest on the amount owed if the balance is not paid in full (typically at a much higher rate than most other forms of debt). In addition, if the credit card user fails to make at least the minimum payment by the due date, the issuer may impose a "late fee" and/or other penalties on the user. To help mitigate this, some financial institutions can arrange for automatic payments to be deducted from the user's bank accounts, thus avoiding such penalties altogether as long as the cardholder has sufficient funds.
Credit card advertising regulations include the Schumer box disclosure requirements. A large fraction of junk mail consists of credit card offers created from lists provided by the major credit reporting agencies. In the United States, the three major US credit bureaus (Equifax, TransUnion and Experian) allow consumers to opt out from related credit card solicitation offers via its Opt Out Pre Screen program.
Credit card issuers usually waive interest charges if the balance is paid in full each month, but typically will charge full interest on the entire outstanding balance from the date of each purchase if the total balance is not paid.
For example, if a user had a $1,000 transaction and repaid it in full within this grace period, there would be no interest charged. If, however, even $1.00 of the total amount remained unpaid, interest would be charged on the $1,000 from the date of purchase until the payment is received. The precise manner in which interest is charged is usually detailed in a cardholder agreement which may be summarized on the back of the monthly statement. The general calculation formula most financial institutions use to determine the amount of interest to be charged is APR/100 x ADB/365 x number of days revolved. Take the annual percentage rate (APR) and divide by 100 then multiply to the amount of the average daily balance (ADB) divided by 365 and then take this total and multiply by the total number of days the amount revolved before payment was made on the account. Financial institutions refer to interest charged back to the original time of the transaction and up to the time a payment was made, if not in full, as RRFC or residual retail finance charge. Thus after an amount has revolved and a payment has been made, the user of the card will still receive interest charges on their statement after paying the next statement in full (in fact the statement may only have a charge for interest that collected up until the date the full balance was paid, i.e. when the balance stopped revolving).
The credit card may simply serve as a form of revolving credit, or it may become a complicated financial instrument with multiple balance segments each at a different interest rate, possibly with a single umbrella credit limit, or with separate credit limits applicable to the various balance segments. Usually this compartmentalization is the result of special incentive offers from the issuing bank, to encourage balance transfers from cards of other issuers. In the event that several interest rates apply to various balance segments, payment allocation is generally at the discretion of the issuing bank, and payments will therefore usually be allocated towards the lowest rate balances until paid in full before any money is paid towards higher rate balances. Interest rates can vary considerably from card to card, and the interest rate on a particular card may jump dramatically if the card user is late with a payment on that card or any other credit instrument, or even if the issuing bank decides to raise its revenue.
The main benefit to each customer is convenience. Compared to debit cards and cheques, a credit card allows small short-term loans to be quickly made to a customer who need not calculate a balance remaining before every transaction, provided the total charges do not exceed the maximum credit line for the card. Credit cards also provide more fraud protection than debit cards. In the UK for example, the bank is jointly liable with the merchant for purchases of defective products over £100.
Many credit cards offer rewards and benefits packages, such as offering enhanced product warranties at no cost, free loss/damage coverage on new purchases, and points which may be redeemed for cash, products, or airline tickets. Additionally, carrying a credit card may be a convenience to some customers as it eliminates the need to carry any cash for most purposes.
A secured credit card is a type of credit card secured by a deposit account owned by the cardholder. Typically, the cardholder must deposit between 100% and 200% of the total amount of credit desired. Thus if the cardholder puts down $1000, they will be given credit in the range of $500–$1000. In some cases, credit card issuers will offer incentives even on their secured card portfolios. In these cases, the deposit required may be significantly less than the required credit limit, and can be as low as 10% of the desired credit limit. This deposit is held in a special savings account. Credit card issuers offer this because they have noticed that delinquencies were notably reduced when the customer perceives something to lose if the balance is not repaid.
The cardholder of a secured credit card is still expected to make regular payments, as with a regular credit card, but should they default on a payment, the card issuer has the option of recovering the cost of the purchases paid to the merchants out of the deposit. The advantage of the secured card for an individual with negative or no credit history is that most companies report regularly to the major credit bureaus. This allows for building of positive credit history.
Although the deposit is in the hands of the credit card issuer as security in the event of default by the consumer, the deposit will not be debited simply for missing one or two payments. Usually the deposit is only used as an offset when the account is closed, either at the request of the customer or due to severe delinquency (150 to 180 days). This means that an account which is less than 150 days delinquent will continue to accrue interest and fees, and could result in a balance which is much higher than the actual credit limit on the card. In these cases the total debt may far exceed the original deposit and the cardholder not only forfeits their deposit but is left with an additional debt.
Most of these conditions are usually described in a cardholder agreement which the cardholder signs when their account is opened.
Secured credit cards are an option to allow a person with a poor credit history or no credit history to have a credit card which might not otherwise be available. They are often offered as a means of rebuilding one's credit. Fees and service charges for secured credit cards often exceed those charged for ordinary non-secured credit cards, however, for people in certain situations, (for example, after charging off on other credit cards, or people with a long history of delinquency on various forms of debt), secured cards are almost always more expensive then unsecured credit cards.
Credit card security relies on the physical security of the plastic card as well as the privacy of the credit card number. Therefore, whenever a person other than the card owner has access to the card or its number, security is potentially compromised. Once, merchants would often accept credit card numbers without additional verification for mail order purchases. It's now common practice to only ship to confirmed addresses as a security measure to minimise fraudulent purchases. Some merchants will accept a credit card number for in-store purchases, whereupon access to the number allows easy fraud, but many require the card itself to be present, and require a signature. A lost or stolen card can be cancelled, and if this is done quickly, will greatly limit the fraud that can take place in this way. European banks can require a cardholder's security PIN be entered for in-person purchases with the card.
The goal of the credit card companies is not to eliminate fraud, but to "reduce it to manageable levels". This implies that high-cost low-return fraud prevention measures will not be used if their cost exceeds the potential gains from fraud reduction - as would be expected from organisations whose goal is profit maximisation.
Internet fraud may be by claiming a chargeback which is not justified ("friendly fraud"), or carried out by the use of credit card information which can be stolen in many ways, the simplest being copying information from retailers, either online or offline. Despite efforts to improve security for remote purchases using credit cards, security breaches are usually the result of poor practice by merchants. For example, a website that safely uses SSL to encrypt card data from a client may then email the data, unencrypted, from the webserver to the merchant; or the merchant may store unencrypted details in a way that allows them to be accessed over the Internet or by a rogue employee; unencrypted card details are always a security risk. Even encryption data may be cracked.
Controlled Payment Numbers which are used by various banks such as Citibank (Virtual Account Numbers), Discover (Secure Online Account Numbers, Bank of America (Shop Safe), 5 banks using eCarte Bleue and CMB's Virtualis in France, and Swedbank of Sweden's eKort product are another option for protecting against credit card fraud. These are generally one-time use numbers that front one's actual account (debit/credit) number, and are generated as one shops on-line. They can be valid for a relatively short time, for the actual amount of the purchase, or for a price limit set by the user. Their use can be limited to one merchant. If the number given to the merchant is compromised, it will be rejected if an attempt is made to use it again.
A similar system of controls can be used on physical cards. Technology provides the option for banks to support many other controls too that can be turned on and off and varied by the credit card owner in real time as circumstances change (i.e., they can change temporal, numerical, geographical and many other parameters on their primary and subsidiary cards). Apart from the obvious benefits of such controls: from a security perspective this means that a customer can have a Chip and PIN card secured for the real world, and limited for use in the home country. In this eventuality a thief stealing the details will be prevented from using these overseas in non chip and pin (EMV) countries. Similarly the real card can be restricted from use on-line so that stolen details will be declined if this tried. Then when card users shop online they can use virtual account numbers. In both circumstances an alert system can be built in notifying a user that a fraudulent attempt has been made which breaches their parameters, and can provide data on this in real time. This is the optimal method of security for credit cards, as it provides very high levels of security, control and awareness in the real and virtual world.
Additionally, there are security features present on the physical card itself in order to prevent counterfeiting. For example, most modern credit cards have a watermark that will fluoresce under ultraviolet light. A Visa card has a letter V superimposed over the regular Visa logo and a Mastercard has the letters MC across the front of the card. Older Visa cards have a bald eagle or dove across the front. In the aforementioned cases, the security features are only visible under ultraviolet light and are invisible in normal light.
The Federal Bureau of Investigation and U.S. Postal Inspection Service are responsible for prosecuting criminals who engage in credit card fraud in the United States, but they do not have the resources to pursue all criminals. In general, federal officials only prosecute cases exceeding US$5,000. Three improvements to card security have been introduced to the more common credit card networks but none has proven to help reduce credit card fraud so far. First, the on-line verification system used by merchants is being enhanced to require a 4 digit Personal Identification Number (PIN) known only to the card holder. Second, the cards themselves are being replaced with similar-looking tamper-resistant smart cards which are intended to make forgery more difficult. The majority of smart card (IC card) based credit cards comply with the EMV (Europay MasterCard Visa) standard. Third, an additional 3 or 4 digit Card Security Code (CSC) is now present on the back of most cards, for use in card not present transactions. Stakeholders at all levels in electronic payment have recognized the need to develop consistent global standards for security that account for and integrate both current and emerging security technologies. They have begun to address these needs through organizations such as PCI DSS and the Secure POS Vendor Alliance.
Code 10 calls are made when merchants are suspicious about accepting a credit card.
The operator then asks the merchant a series of YES or NO questions to find out whether the merchant is suspicious of the card or the cardholder. The merchant may be asked to retain the card if it is safe to do so.
Many credit cards can also be used in an ATM to withdraw money against the credit limit extended to the card, but many card issuers charge interest on cash advances before they do so on purchases. The interest on cash advances is commonly charged from the date the withdrawal is made, rather than the monthly billing date. Many card issuers levy a commission for cash withdrawals, even if the ATM belongs to the same bank as the card issuer. Merchants do not offer cashback on credit card transactions because they would pay a percentage commission of the additional cash amount to their bank or merchant services provider, thereby making it uneconomical.
Many credit card companies will also, when applying payments to a card, do so at the end of a billing cycle, and apply those payments to everything before cash advances. For this reason, many consumers have large cash balances, which have no grace period and incur interest at a rate that is (usually) higher than the purchase rate, and will carry those balance for years, even if they pay off their statement balance each month.
Credit cards are a risky way for entrepreneurs to acquire capital for their start ups when more conventional financing is unavailable. It's widely reported that Len Bosack and Sandy Lerner used personal credit cards to start Cisco Systems. It is rumoured that Larry Page and Sergey Brin's start up of Google was financed by credit cards to buy the necessary computers and office equipment, more specifically "a terabyte of hard disks". Similarly, filmmaker Robert Townsend financed part of Hollywood Shuffle using credit cards. Director Kevin Smith funded Clerks in part by maxing out several credit cards. Actor Richard Hatch also financed his production of Battlestar Galactica: The Second Coming partly through his credit cards. Famed hedge fund manager Bruce Kovner began his career (and, later on, his firm Caxton Associates) in financial markets by borrowing from his credit card. UK entrepreneur James Caan (as seen on Dragon's Den) financed his first business using several credit cards.