Prerequisite: This article covers the external communication layer of Core Banking. Before diving in, ensure you understand how the internal services are structured — see Part 4 — Banking Microservices Architecture for the foundational service topology and event-driven patterns.
Why are international standards important?
Core Banking does not operate in isolation. It must communicate with:
- Card Networks: Visa, Mastercard, AMEX — to process ATM/POS transactions.
- Domestic Clearing Houses: National interbank settlement systems.
- Cross-Border Payments: SWIFT — connecting over 11,000 financial institutions globally.
All these systems “talk” to each other using two primary message standards: ISO 8583 and ISO 20022.
ISO 8583 — The Standard for Card Transactions
What is it?
ISO 8583 is the international standard for financial transaction card originated messages (ATM withdrawals, POS purchases, card-to-card transfers). Every time you swipe a card at a supermarket, an ISO 8583 message travels from the POS terminal → Acquiring Bank → Visa/Mastercard → Issuing Bank → Core Banking, and back, all in under 2 seconds.
ISO 8583 Message Structure
An ISO 8583 message consists of three parts:
┌─────────────────┬──────────────────────┬──────────────────────┐
│ Message Type │ Bitmap │ Data Elements │
│ Indicator (MTI)│ (64 or 128 bits) │ (Variable fields) │
│ 4 digits │ │ │
└─────────────────┴──────────────────────┴──────────────────────┘
Message Type Indicator (MTI)
| MTI | Meaning |
|---|---|
0100 | Authorization Request |
0110 | Authorization Response |
0200 | Financial Transaction Request |
0210 | Financial Transaction Response |
0400 | Reversal Request |
0800 | Network Management Request (Echo test) |
The Bitmap
The bitmap is a 64-bit (or 128-bit) sequence. Each bit corresponds to a Data Element. If the bit is 1, the field is present in the message; if 0, the field is absent.
Bitmap (hex): F2 30 00 00 00 00 04 00
Binary: 1111 0010 0011 0000 ... 0000 0100 0000 0000
Bit 1 = 1 → Field 2 (Primary Account Number - PAN) is present
Bit 2 = 1 → Field 3 (Processing Code) is present
Bit 3 = 1 → Field 4 (Transaction Amount) is present
Bit 4 = 1 → Field 7 (Transmission Date & Time) is present
...
Critical Data Elements
| Field | Name | Example |
|---|---|---|
| DE 2 | Primary Account Number (PAN) | 4111111111111111 (Card number) |
| DE 3 | Processing Code | 000000 (Purchase), 010000 (Cash withdrawal) |
| DE 4 | Transaction Amount | 000000100000 (1,000,000 VND) |
| DE 7 | Transmission Date & Time | 0506143025 (GMT MMDDhhmmss) |
| DE 11 | System Trace Audit Number | 123456 (Unique sequence number) |
| DE 37 | Retrieval Reference Number | 123456789012 (Trace reference) |
| DE 39 | Response Code | 00 (Approved), 51 (Insufficient Funds) |
| DE 41 | Card Acceptor Terminal ID | ATM/POS Machine ID |
| DE 49 | Currency Code | 704 (VND under ISO 4217) |
Important Response Codes
| Code | Meaning |
|---|---|
00 | Approved |
05 | Do not honor (General decline) |
14 | Invalid card number |
51 | Insufficient funds |
54 | Expired card |
55 | Incorrect PIN |
91 | Issuer or switch is inoperative |
Open Source Libraries for Practice
You can practice parsing and generating ISO 8583 messages using these libraries (no need to buy the official standard document):
- Java: jPOS — The most complete, production-grade ISO 8583 library.
- Go: moov-io/iso8583 — Used by many modern fintechs.
- Python: pyiso8583
ISO 20022 — The Next-Generation Financial Standard
What is it?
ISO 20022 is the global replacement standard for all financial messaging — credit transfers, account reporting, clearing, and settlement. It uses XML/JSON instead of the binary formats of ISO 8583, is vastly richer in data, and supports far more use cases.
From 2022 to 2025, SWIFT is migrating its entire network to ISO 20022, mandating that all connected banks support this standard.
Critical Message Types
| Message | Name | Used For |
|---|---|---|
pain.001 | CustomerCreditTransferInitiation | Initiating a transfer |
pain.002 | CustomerPaymentStatusReport | Payment status update |
camt.053 | BankToCustomerStatement | Account statement |
camt.054 | BankToCustomerDebitCreditNotification | Debit/Credit notification |
pacs.008 | FIToFICustomerCreditTransfer | Interbank transfer |
Example pain.001 Message (Credit Transfer)
<Document xmlns="urn:iso:std:iso:20022:tech:xsd:pain.001.001.09">
<CstmrCdtTrfInitn>
<GrpHdr>
<MsgId>MSG-2026-001</MsgId>
<CreDtTm>2026-05-06T10:00:00</CreDtTm>
<NbOfTxs>1</NbOfTxs>
<CtrlSum>1000000</CtrlSum>
</GrpHdr>
<PmtInf>
<PmtMtd>TRF</PmtMtd>
<DbtrAcct>
<Id><IBAN>VN12345678901234567890</IBAN></Id>
</DbtrAcct>
<CdtTrfTxInf>
<Amt>
<InstdAmt Ccy="VND">1000000</InstdAmt>
</Amt>
<CdtrAcct>
<Id><IBAN>VN09876543210987654321</IBAN></Id>
</CdtrAcct>
<RmtInf>
<Ustrd>May invoice payment</Ustrd>
</RmtInf>
</CdtTrfTxInf>
</PmtInf>
</CstmrCdtTrfInitn>
</Document>
Why is ISO 20022 better than ISO 8583?
| Feature | ISO 8583 | ISO 20022 |
|---|---|---|
| Format | Binary, fixed-length | XML / JSON |
| Semantic Data | Limited | Extremely rich (structured remittance info) |
| Primary Purpose | Card payments | All financial payments & messaging |
| AML/Compliance | Difficult | Easy — contains exhaustive information |
| Future | Legacy | Mandatory global standard |
References & Further Reading
- Official ISO 20022: iso20022.org — Download free message schemas.
- The jPOS Book: jpos.org — Free book on ISO 8583 and building a payment switch.
- Swift Standards: swift.com/standards/iso-20022
Next, we will explore one of the hardest and most important aspects of Core Banking: security, auditing, and compliance. Continue reading Part 6 — Security, Compliance & Audit.