1

I'm looking to understand the high-level architecture, topology, protocols and componentry of ATMs and POS systems work with banking institutions worldwide.

I've read several half-way decent articles explaining the architecture to the layperson, including:

However these don't quite go into the level of detail I'm looking for and leave me with more questions than answers!

My understanding is that an ATM or POS system (such as the software at a cash register) will communicate directly with a Host Server or sometimes called a Host Switch that performs lots of different functions:

  • Message routing
  • Edge encryption/decryption
  • Assisting in reconciliation
  • Assisting in settlement
  • Several other functions

Here's where I start to get a little fuzzy. There appear to be 1 and possibly 2 additional hops between this Host Switch and the cardholder's bank:

  1. An EFT Network, sometimes called an Outsource Network Provider; and
  2. An Interbank Network

It's possible they are one in the same, but from the articles I read I can't quite tell them apart. Examples of one of them (again I'm clueless here) are: NYCE, Star, Plus, ELAN and FirstData.

So you authenticate at the ATM and ask to withdraw $100 from your checking account. My understanding of the happy path here is that the ATM connects to its Host Switch and forwards on your request. The Switch forwards this request onto the EFT Network, possibly on to the Interbank Network, and eventually the authenticated request goes to your bank servers, who then debit your account by $100 and forward the response all the way back through the chain to the ATM you're standing in front of. The ATM dispenses your cash.

So first off, if anything I've stated here is a mile off the mark, please begin by correcting me or clarifying! Even if I am correct, can someone help me understand the roles of each of these components (Switch, EFT Network and Interbank Network)?

Assuming I'm more or less correct, then this leaves me with several knowledge gaps:

What protocols for communication are being made between each component here (so, between ATM and Host Switch, between Host Switch and EFT Network, between EFT Network and Interbank Network and between Interbank Network and the Cardholder's Bank)?

Improve this question

1 Answer 1

Reset to default
3

OK here goes for the quick explanation on a very complex subject. Before we start you should be aware that the basic technologies date back to the 1980s where the processing and network technologies available were limited to say the least.

Protocols. ATM and POS messages are formatted according to ISO8583. This is actually a standard for defining messages and each of the major networks VISA, Mastercard and AMEX have slightly different versions.

Its a bitmap protocol the first send word is a bit-map which indicate which of 31 possible fields is present, if bit 31 is set then the following word indicates which of another possible 32 fields are present. Each possible field has a very specific definition which can be a byte, a varchar type variable, length string, an integer etc. The point is you need to parse the previous fields to find out where the next field starts. The format is extremely complex and designed to send as much data as possible in a small message over a slow network.

The network, any bank or whatever can use whatever network tech they like as long as it meets a minimal security requirement. However all communication between financial organisations must go via central switch run bu VISA, Mastercard, AMEX etc. This traffic is over secure triple DES encrypted lines, the encryption is done by sealed hardware provided by the network. Each financial institution will have a unique set of passwords.

So the routing goes something like this:

Customer pays for goods in a shop.

Shop's terminal reads the card and sends request to their bank.

Bank sees the card belongs to another bank and forwards request to VISA over encrypted line.

VISA decrypts message, identifies the bank associated with the card encrypts the message again and sends it to the card issuing bank.

Card issuing bank chacks balance, credit rating etc. and approves transaction by sending an approval acknowledgement back to VISA.

VISA passes approval back to store owners bank (after recording the amounts involved!).

The store's bank send the approval back to the terminal at the store.

The terminal prints a receipt and the goods are handed over.

There is a lot of very specific terminology in any documentation or discussion.

  • BIN Banking Institution -- usually a Bank but could be any regulated financial instition.

    • Merchant Acquirer -- the bank that signed up the store or other business collecting payment via cards.

    • Card Issuer -- the bank that issues the card to one of its customers

    • Customer -- the customer responsible for footing the bill.

    • Card Holder -- the person authorised to use the card. Usually the customer but not necessarily so.

If a bank signed up the store and the card holder, then they can shortcut the process otherwise every thing goes through the central switch.

As well as routing messages around the central switch is reponsable for keeping track of who owes what. At the end of the month every thing is totalled up and each bank involved will settle up the difference between payments approved, and payments received.

Improve this answer
2
  • Thanks @James Anderson (+1) - awesome answer! A few followup questions if you don't mind: (1) in both those ATM-centric links up above there is the concept of a Host Server or Host Switch, can you confirm who this Host Switch is? Are they the bank of the ATM vending company? Are they the bank of the ATM manufacturer? Something else?! And (2) You mentioned monthly settlements but that sounds a lot like reconciliation. Are settlements & recon two different concepts or are they one in the same? Thanks again so much! Commented Jul 11, 2018 at 14:54
  • In practice there will be several "switches" involved. The banks ATM network will usually run a switch with software from ATOS or ACI running on a Tandem fault tolerant machine. The central switches run by VISA, AMEX etc. are usually on IBM z series mainframes running there own software which is either assembly code running on the venerable high performance TPF operating system, or, recently C code running on zOS in the UNIX system services shell. Commented Jul 12, 2018 at 10:14

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.