Glossary

Card-Present Payment

An in-person transaction where the physical card or device is used at a terminal, offering lower fraud risk and interchange rates.

Key Takeaways

  • A card-present (CP) payment occurs when a physical card or mobile wallet is used at a point-of-sale terminal, enabling the merchant to capture electronic data directly via chip, contactless tap, or magnetic stripe. CP transactions carry significantly lower fraud rates (roughly 0.06% of transaction value) compared to card-not-present transactions (roughly 0.93%).
  • Lower fraud risk translates to lower costs: interchange fees for card-present transactions average around 1.71% in the U.S., compared to roughly 1.91% for card-not-present, because the issuing bank bears less risk when the card is physically verified.
  • The technology is evolving rapidly: EMV chip cards now account for over 96% of U.S. in-person transactions, magnetic stripes are being phased out, and mobile wallets like Apple Pay and Google Pay qualify as card-present because they use NFC at the terminal.

What Is a Card-Present Payment?

A card-present payment is any transaction where the cardholder physically presents their payment card (or a device acting as one) at a merchant's point-of-sale terminal. The terminal reads card data electronically: either by inserting a chip card, tapping a contactless card or phone, or swiping a magnetic stripe. This direct electronic interaction distinguishes card-present payments from card-not-present transactions, where card details are entered manually for online, phone, or mail-order purchases.

The distinction matters because physical presence of the card provides an additional layer of verification. When a terminal reads a chip or processes an NFC tap, the card generates a unique cryptogram for that specific transaction. This dynamic authentication makes it extremely difficult for fraudsters to reuse intercepted data, which is why card-present transactions enjoy lower interchange rates and lower chargeback risk.

How It Works

A card-present transaction flows through the same payment rails as any card payment, but the method of data capture at the terminal determines security, speed, and cost. There are three primary technologies used today.

EMV Chip (Contact)

The cardholder inserts their EMV chip card into the terminal. The terminal and chip exchange data through a multi-step process:

  1. The terminal reads available payment applications on the chip and selects the appropriate one (Visa, Mastercard, etc.)
  2. The chip provides the primary account number (PAN), expiration date, and cardholder verification method (CVM) requirements
  3. The chip generates a unique, one-time cryptogram tied to that specific transaction amount, terminal ID, and timestamp
  4. The terminal sends this data to the acquiring bank for authorization
  5. The issuing bank validates the cryptogram and approves or declines the transaction

The critical security advantage: each transaction produces a unique cryptogram. Even if an attacker intercepts the data, they cannot reuse it for another purchase. This reduced counterfeit fraud by approximately 70% after the U.S. EMV liability shift took effect in 2015.

Contactless (NFC)

Contactless payments use near-field communication (NFC) to transmit card data wirelessly when a card or device is held within a few centimeters of the terminal. The process mirrors EMV chip transactions but without physical insertion:

  1. The cardholder taps or hovers their card near the terminal
  2. NFC activates the chip, and the terminal's EMV contactless kernel initiates communication
  3. The chip generates a dynamic one-time code (just like contact EMV)
  4. Enhanced terminals may execute the Relay Resistance Protocol (RRP), exchanging random numbers and timing data to confirm the card is physically close to the terminal
  5. Authorization proceeds through the card network as normal

Contactless transactions typically complete in under two seconds. Many countries impose per-transaction limits for tap payments without PIN verification: roughly $100 to $250 in the U.S. (issuer-dependent), £100 in the UK, CA$250 in Canada, and €50 in the EU. Transactions above these thresholds require a PIN or biometric confirmation. Mobile wallets with biometric authentication generally have no such limits.

Magnetic Stripe (Legacy)

The oldest method: swiping a card through a reader that captures data from the magnetic stripe on the back. Unlike EMV, the stripe contains static data that never changes between transactions, making it vulnerable to skimming and cloning.

Magnetic stripe is being actively retired. Mastercard will stop issuing cards with magnetic stripes by 2029 and plans to remove them entirely from circulation by 2033. Over 96% of U.S. card-present transactions already use EMV chip technology, making the stripe a fallback for legacy terminals. Merchants still using stripe-only terminals bear fraud liability under the EMV liability shift and often face higher processing fees.

Transaction Flow Example

A simplified card-present authorization flow through the card network:

Customer taps card at terminal
  → Terminal reads chip / NFC data
  → Terminal sends auth request to acquirer
  → Acquirer routes to card network (Visa / Mastercard)
  → Card network forwards to issuing bank
  → Issuer validates cryptogram + checks balance
  → Issuer returns approve / decline
  → Card network relays response to acquirer
  → Terminal displays result (< 2 seconds total)

After authorization, the transaction enters the clearing and settlement cycle, where funds are transferred from the issuing bank to the merchant's account, typically within one to two business days.

Mobile Wallets as Card-Present

Apple Pay, Google Pay, and Samsung Pay qualify as card-present transactions when used at a physical terminal. They use the same NFC technology as contactless cards but add an extra security layer through tokenization. The merchant never receives the actual card number: instead, the wallet transmits a device-specific token and a one-time dynamic security code.

Because mobile wallets require biometric authentication (fingerprint or face recognition) before each transaction, they typically carry even lower fraud rates than physical contactless cards. This additional verification often means no per-transaction spending limit and favorable interchange rates. As of 2025, over 80% of global card payments use contactless EMV technology, with mobile wallet adoption accelerating that trend.

Why Card-Present Rates Are Lower

The roughly 0.20 percentage point gap between card-present and card-not-present interchange rates reflects a fundamental difference in risk. When a card is physically present at the terminal, several fraud signals are available that remote transactions lack:

  • The chip generates a cryptographic proof that the genuine card was used at that specific terminal
  • The cardholder is physically present, reducing the risk of stolen credential abuse
  • EMV terminals verify the card has not been tampered with or counterfeited
  • Contactless transactions confirm physical proximity through NFC range limitations

These security properties mean issuers face fewer fraud losses on card-present transactions. They pass that savings along as lower interchange fees, which flow through the merchant discount rate to reduce costs for the business. For a detailed analysis of how these economics work, see the research on card network economics and merchant payment acceptance costs.

Use Cases

Retail and Hospitality

The vast majority of card-present transactions occur in brick-and-mortar stores, restaurants, and hotels. Point-of-sale terminals handle everything from a coffee shop tap payment to a hotel check-in where the card is dipped for authorization and held on file for incidentals. These businesses benefit most from the lower interchange rates because their transaction volumes are high and margins can be thin.

Unattended Terminals

Vending machines, parking meters, transit systems, and self-checkout kiosks increasingly accept contactless payments. These transactions are classified as card-present because the card is read by a terminal, even though no human clerk is involved. Contactless NFC is especially valuable here because it requires no physical insertion, reducing wear on terminal hardware.

Mobile Point of Sale

Small merchants, food trucks, and service providers use mobile POS devices (like Square or Stripe Terminal) that connect to a smartphone or tablet. These compact readers accept EMV chip and NFC payments, giving sole proprietors access to the same card-present interchange rates as large retailers.

Bitcoin and Lightning at the Point of Sale

While card-present payments dominate in-person commerce, Bitcoin offers an alternative model through the Lightning Network. Instead of card data and interchange fees, a Lightning point-of-sale transaction works like this:

  1. The merchant's terminal generates a Lightning invoice encoded as a QR code
  2. The customer scans the QR code with their Lightning wallet
  3. Payment settles in seconds over the Lightning Network
  4. The merchant receives the funds with no intermediary holding them

Lightning POS payments carry several advantages over traditional card-present transactions: fees are typically well under 1% (compared to 1.5% to 2% for cards), settlement is near instant (no one-to-two-day clearing cycle), and there is no chargeback risk because Bitcoin transactions are cryptographically final. Block Inc. announced plans to enable Bitcoin Lightning payments on all Square terminals, and open-source tools like BTCPay Server make merchant adoption straightforward.

Spark extends this model by enabling fast, low-cost Bitcoin and stablecoin transfers that can integrate with point-of-sale systems. For a deeper look at how merchants can accept Bitcoin in person, see the Bitcoin merchant payments guide.

Risks and Considerations

Fraud Is Shifting, Not Disappearing

EMV chip adoption dramatically reduced in-person counterfeit fraud, but criminals have responded by shifting to card-not-present fraud. CNP fraud losses in the U.S. reached approximately $10 billion in 2024, roughly double the $5 billion in 2019. Card-present security improvements have not eliminated fraud: they have redirected it to channels with weaker protections.

Terminal Security

Physical terminals remain targets for tampering. Skimming devices can be attached to card readers to capture magnetic stripe data, and compromised terminals can intercept PIN entries. Merchants must comply with PCI DSS standards, regularly inspect terminals for tampering, and use point-to-point encryption (P2PE) to protect cardholder data in transit.

Infrastructure Costs

Accepting card-present payments requires hardware (terminals, card readers, NFC-capable devices), software (POS systems, payment integrations), and ongoing compliance costs. Small merchants may find these costs significant relative to their transaction volume, which is one reason lightweight alternatives like Lightning QR code payments and mobile POS devices have gained traction.

Liability Shift

Since October 2015, merchants who process chip card transactions on non-EMV terminals bear liability for any resulting fraud. This liability shift created a strong financial incentive for terminal upgrades but also means merchants who have not upgraded face both higher fraud exposure and higher processing fees.

This glossary entry is for informational purposes only and does not constitute financial or investment advice. Always do your own research before using any protocol or technology.