ISO/IEC 7813

ISO/IEC 7813 is an international standard codified by the International Organization for Standardization and International Electrotechnical Commission that defines properties of financial transaction cards, such as ATM or credit cards.[1]

Scope

The standard defines:

  • physical characteristics, such as size, shape, location of magnetic stripe, etc.
  • magnetic track data structures

Physical characteristics

ISO/IEC 7813 specifies the following physical characteristics of the card, mostly by reference to other standards:

Embossed characters 
by reference to ISO/IEC 7811
Embossing of expiration date 
the format (MM/YY or MM-YY)
Magnetic stripe 
by reference to ISO/IEC 7811
Integrated circuit with contacts 
by reference to ISO/IEC 7816-1
Integrated circuit without contacts 
by reference to ISO/IEC 10536-1, ISO/IEC 14443-1, and ISO/IEC 15693-1

Magnetic tracks

Track 1

The Track 1 structure is specified as:

  • STX : Start sentinel "%"
  • FC : Format code "B" (The format described here. Format "A" is reserved for proprietary use.)
  • PAN : Primary Account Number, up to 19 digits
  • FS : Separator "^"
  • NM : Name, 2 to 26 characters (including separators, where appropriate, between surname, first name etc.)
  • FS : Separator "^"
  • ED : Expiration data, 4 digits or "^"
  • SC : Service code, 3 digits or "^"
  • DD : Discretionary data, balance of characters
  • ETX : End sentinel "?"
  • LRC : Longitudinal redundancy check, calculated according to ISO/IEC 7811-2

The maximum record length is 79 alphanumeric characters.

Examples

%B4815881002861896^YATES/EUGENE JOHN         ^37829821000123456789?

%B4815881002861896^YATES/EUGENE L            ^^^0000000      00998000000?

Track 2

The Track 2 structure is specified as:

  • STX : Start sentinel ";"
  • PAN : Primary Account Number, up to 19 digits, as defined in ISO/IEC 7812-1
  • FS : Separator "="
  • ED : Expiration date, YYMM or "=" if not present
  • SC : Service code, 3 digits or "=" if not present
  • DD : Discretionary data, balance of available digits
  • ETX : End sentinel "?"
  • LRC : Longitudinal redundancy check, calculated according to ISO/IEC 7811-2

The maximum record length is 40 numeric digits (e.g., 5095700000000).

Track 3

Track 3 is virtually unused by the major worldwide networks and often isn't even physically present on the card by virtue of a narrower magnetic stripe.

A notable exception to this is Germany, where Track 3 content was used nationally as the primary source of authorization and clearing information for debit card processing prior to the adoption of the "SECCOS" ICC standards. Track 3 is standardized nationally to contain both the cardholder's bank account number and branch sort code (BLZ).

Programming

Parsing Track 1 and Track 2 can be done with Regular Expressions. Included here is just the Regular Expression for parsing Track 1.

Track 1

^%B([0-9]{1,19})\^([^\^]{2,26})\^([0-9]{4}|\^)([0-9]{3}|\^)([^\?]+)\?$

This Regex will capture all of the important fields into the following groups:

  • Group 1: Primary account number (PAN)
  • Group 2: Name
  • Group 3: Expiration Date
  • Group 4: Service Code
  • Group 5: Discretionary data

References

  1. ^ ISO/IEC 7813:2006 Information technology -- Identification cards -- Financial transaction cards

External links

ISO/IEC 7813:2006

Reference implementations

Credit card

A credit card is a payment card issued to users (cardholders) to enable the cardholder to pay a merchant for goods and services based on the cardholder's promise to the card issuer to pay them for the amounts plus the other agreed charges. The card issuer (usually a bank) creates a revolving account and grants a line of credit to the cardholder, from which the cardholder can borrow money for payment to a merchant or as a cash advance. In other words, credit cards combine payment services with extensions of credit. Complex fee structures in the credit card industry may limit customers' ability to comparison shop, helping to ensure that the industry is not price-competitive and helping to maximize industry profits. Due to concerns about this, many legislatures have regulated credit card fees.A credit card is different from a charge card, which requires the balance to be repaid in full each month. In contrast, credit cards allow the consumers a continuing balance of debt, subject to interest being charged. A credit card also differs from a cash card, which can be used like currency by the owner of the card. A credit card differs from a charge card also in that a credit card typically involves a third-party entity that pays the seller and is reimbursed by the buyer, whereas a charge card simply defers payment by the buyer until a later date.

ISO/IEC 4909

ISO/IEC 4909:2006 establishes specifications for financial transaction cards using track 3 and is intended to permit interchange based on the use of magnetic stripe encoded information. It specifies the data content and physical location of read/write information on track 3 and is to be used in conjunction with the relevant parts of ISO/IEC 7811 and ISO/IEC 7812.

ISO/IEC 4909:2006 recognizes the need for formats of track 3 which can be used independently of, or in conjunction with, track 2 as defined in ISO/IEC 7813. This approach is intended to permit the greatest degree of flexibility within the financial community in facilitating international interchange.

Using track 3 in conjunction with track 2 is a mode of operation in both on-line and off-line interchange environments. This mode of operation requires that the original encoded data on track 2 be read; the data on track 3 be read; and, if update is required, all the data on track 3 be rewritten.

Independent use of track 3 is an alternative mode of operation permitting both on-line interchange and off-line interchange based on mutual agreement between interested parties. It requires reading only of the data on track 3 and, if update is required, the rewriting of all the data on track 3.

ISO 8583

ISO 8583 is an international standard for financial transaction card originated interchange messaging. It is the International Organization for Standardization standard for systems that exchange electronic transactions initiated by cardholders using payment cards.

ISO 8583 defines a message format and a communication flow so that different systems can exchange these transaction requests and responses. The vast majority of transactions made when a customer uses a card to make a payment in a store (EFTPOS) use ISO 8583 at some point in the communication chain, as do transactions made at ATMs. In particular, both the MasterCard and Visa networks base their authorization communications on the ISO 8583 standard, as do many other institutions and networks.

Although ISO 8583 defines a common standard, it is not typically used directly by systems or networks. It defines many standard fields (data elements) which remain the same in all systems or networks, and leaves a few additional fields for passing network-specific details. These fields are used by each network to adapt the standard for its own use with custom fields and custom usages.

List of International Organization for Standardization standards, 5000-7999

This is a list of published International Organization for Standardization (ISO) standards and other deliverables. For a complete and up-to-date list of all the ISO standards, see the ISO catalogue.The standards are protected by copyright and most of them must be purchased. However, about 300 of the standards produced by ISO and IEC's Joint Technical Committee 1 (JTC1) have been made freely and publicly available.

Magnetic stripe card

A magnetic stripe card is a type of card capable of storing data by modifying the magnetism of tiny iron-based magnetic particles on a band of magnetic material on the card. The magnetic stripe, sometimes called swipe card or magstripe, is read by swiping past a magnetic reading head. Magnetic stripe cards are commonly used in credit cards, identity cards, and transportation tickets. They may also contain an RFID tag, a transponder device and/or a microchip mostly used for business premises access control or electronic payment.

Magnetic recording on steel tape and wire was invented in Denmark around 1900 for recording audio. In the 1950s, magnetic recording of digital computer data on plastic tape coated with iron oxide was invented. In 1960, IBM used the magnetic tape idea to develop a reliable way of securing magnetic stripes to plastic cards, under a contract with the US government for a security system. A number of International Organization for Standardization standards, ISO/IEC 7810, ISO/IEC 7811, ISO/IEC 7812, ISO/IEC 7813, ISO 8583, and ISO/IEC 4909, now define the physical properties of the card, including size, flexibility, location of the magstripe, magnetic characteristics, and data formats. They also provide the standards for financial cards, including the allocation of card number ranges to different card issuing institutions.

Payment card

Payment cards are part of a payment system issued by financial institutions, such as a bank, to a customer that enables its owner (the cardholder) to access the funds in the customer's designated bank accounts, or through a credit account and make payments by electronic funds transfer and access automated teller machines (ATMs). Such cards are known by a variety of names including bank cards, ATM cards, MAC (money access cards), client cards, key cards or cash cards.

There are a number of types of payment cards, the most common being credit cards and debit cards. Most commonly, a payment card is electronically linked to an account or accounts belonging to the cardholder. These accounts may be deposit accounts or loan or credit accounts, and the card is a means of authenticating the cardholder. However, stored-value cards store money on the card itself and are not necessarily linked to an account at a financial institution.

It can also be a smart card that contains a unique card number and some security information such as an expiration date or CVVC (CVV) or with a magnetic strip on the back enabling various machines to read and access information. Depending on the issuing bank and the preferences of the client, this may allow the card to be used as an ATM card, enabling transactions at automatic teller machines; or as a debit card, linked to the client's bank account and able to be used for making purchases at the point of sale; or as a credit card attached to a revolving credit line supplied by the bank.

Most payment cards, such as debit and credit cards can also function as ATM cards, although ATM-only cards are also available. Charge and proprietary cards cannot be used as ATM cards. The use of a credit card to withdraw cash at an ATM is treated differently to a POS transaction, usually attracting interest charges from the date of the cash withdrawal. Interbank networks allow the use of ATM cards at ATMs of private operators and financial institutions other than those of the institution that issued the cards.

All ATM machines, at a minimum, will permit cash withdrawals of customers of the machine's owner (if a bank-operated machine) and for cards that are affiliated with any ATM network the machine is also affiliated. They will report the amount of the withdrawal and any fees charged by the machine on the receipt. Most banks and credit unions will permit routine account-related banking transactions at the bank's own ATM, including deposits, checking the balance of an account, and transferring money between accounts. Some may provide additional services, such as selling postage stamps.

For other types of transactions through telephone or online banking, this may be performed with an ATM card without in-person authentication. This includes account balance inquiries, electronic bill payments, or in some cases, online purchases (see Interac Online).

ATM cards can also be used on improvised ATMs such as "mini ATMs", merchants' card terminals that deliver ATM features without any cash drawer. These terminals can also be used as cashless scrip ATMs by cashing the receipts they issue at the merchant's point of sale.

ISO standards by standard number
1–9999
10000–19999
20000+
IEC standards
ISO/IEC standards
Related

This page is based on a Wikipedia article written by authors (here).
Text is available under the CC BY-SA 3.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.