Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It’s a combination of both sides. It’s something like this:

For EMV the terminal and the card generate a request, and send it to the payment processor/bank.

They say yes/no and send back some stuff needed to complete the transaction. At this point there would be a hold on your card.

The terminal and card verify that and finish things, preparing proof of the final transaction.

That’s sent to the processor again who confirms the transaction took place. This is when the money is taken and the hold disappears.

Final proof from the processor is sent back to the terminal so the system knows everything went through. Now you get your receipt.



The nitty gritty of everyday things like this can be so interesting sometimes


I learned a lot of neat stuff about this process and other things around it as a side benefit of some of the tasks I was given at a job.

It was fun to learn, and to see how they solved some of the problems that would come up that you might not think about.

Of course the side effect is you also learn just how insecure older CC tech was. I think almost everyone sort of notice that at this point, but once you start learning the details… it’s bad. Basically electronically writing down CC numbers like they might have in the ‘60s, assuming people are good and trustworthy.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: