Most CC transactions you first get an authorisation, and you get an authorisation number. Later you make a claim and that transfers the money. You cant claim more than the authorisation.
You can also just request a payment without an authorisation.
The bank can decline an authorisation or a request for payment. They dont give a reason. The card holder may be up against their credit limit because its the day before pay day, or the card may be stolen, they may have not done a chip and pin transaction recently and need to do one now to verify the card holder, or other reasons.
So...
When does the system contact the bank? When you tap in to get authorisation? for how much? What happens if the suthorisation is declined. The cardholder has got onto a busy train, and you have no idea who they are.
At the end of the day? But then you just request a payment, not do authorisation and claim, so the payment could fail. What then?
You could do what pay at pump does and authorise £100. But if someone is using the railway for short journeys every day, they could end up with £500 authorised and £50 actual spend. There is no mechanism for removing authorisations. You just have to wait till they expire. 7 - 10 days typically. That caused bad press for pay at pump recently.
What you do is authorise a token £1* (it is possible to authorise £0, which comes up on Monzo as "active card check"). Then you apply for the payment for the full calculated amount at the end of the day, effectively without authorisation. If it bounces, then you bar the card from further use, either permanently, or you allow it to be unbarred a certain number of times if you pay the balance plus an administrative fee.
Most people don't have a stack of physical cards they can keep using in this manner so this is adequate control. It's different from petrol stations, as at those you could keep going around different ones and stealing fuel by using a card with inadequate balance. There is only one railway in this context, and to most people being effectively barred from using it would be a serious issue.
Transit mode (which is what this is) does not revert to Chip & PIN, by the way, so that is not applicable.
I'm going to keep posting it until people get it -
perfection is the enemy of the good. It does not have to be perfect. it just has to result in the railway overall either making more money or at worst not less money than the present paper ticket system, taking into account savings on ticket office staffing and TVM provision and maintenance.
* It could be something other than £1, e.g. the minimum single fare from the station you tapped in at which these days is very unlikely to be as low as that.
And what happens if the cardholder requests a chargeback? How does the railway prove to the bank the service provided was per the contract. What if the bank determines the card was stolen at the time of the transaction? They will chargeback, and the railway don't get their £££.
Lastly, you cant hold a card number and expiry date on a clear database. It has to be held on a separate 'vault' database that is secure. Normally you send the card number to the vault and receive back a 'token'. The card number should only be in working storage, not disk of the main server. So to join the tap in/out events you will need multiple calls to the vault, which takes time.
All this is part of the requirements of being a credit card merchant, and is laid out in the The Payment Card Industry Data Security Standard, known as PCI DSS.
Literally all of these have already been solved by TfL for their current, well established and highly successful PAYG system, so why not put a FoI request in to them and post what they say on here?