1. Field of the Invention
The present invention relates to magnetic track payment cards compatible with existing point-of-sale card readers, and more particularly to payment cards that can receive account security data optically from user smartphones and laptops and use it to magnetically output ISO-7813 track data.
2. Description of Related Art
Conventional credit cards, debit cards, and other payment cards use a single account number that is open for all to see (and duplicate). Any fraudster that has been handed the magnetic interface card, read it, or otherwise managed to record the account number had little trouble in running charges up against the account. So merchants and banks started requiring identification, billing addresses, expiration dates, holograms, signature panels, and now security codes before completing a transaction. But loose enforcement of these measures has not really put much of an obstacle in the fraudsters' paths.
Use-once account numbers are an excellent way to control these types of fraud, but the use-once number needs to be magnetically readable by a legacy card reader or presented on a user display. These both require the inclusion of active electronics in the magnetic interface cards that raises the unit costs of the magnetic interface cards themselves and that often depend on batteries for their continued operation.
The technology required to put dynamic electromagnetic stripes on payment cards is very challenging. It would be desirable to have all the bits in every magnetic data track be programmable by the magnetic interface card itself so the use-once account numbers could be freely updated. Current magnetic device technology is further not up to the challenge of the high bit recording densities needed on track-1 of the typical payment card at a cost acceptable to the card issuers and payment associations.
User account data is recorded on the electromagnetic stripes of conventional payment cards using industry-standard formats and encoding like ISO-7810, ISO-7811(−1:6), and ISO-7813, available from American National Standards Institute (NYC, N.Y.). Such standards specify the physical characteristics of the magnetic interface cards, how to do the embossing, the electromagnetic stripe media characteristics for low-coercivity, the permissible locations for any embossed characters, the location of data tracks 1-3, any high-coercivity electromagnetic stripe media characteristics, etc.
A typical Track-1, as defined by the International Air Transport Association (IATA), as being seventy-nine alphanumeric 7-bit characters recorded at 210-bits-per-inch (bpi) with 7-bit encoding, Track-2, as defined by the American Bankers Association (ABA), is forty numeric characters at 75-bpi with 5-bit encoding, and Track-3 (ISO-4909) is typically one hundred and seven numeric characters at 210-bpi with 5-bit encoding. Each track includes starting and ending sentinels, and a longitudinal redundancy check character (LRC). The Track-1 format can include user primary account information, user name, expiration date, service code, and discretionary data. Conventional payment card magnetic tracks conform to the ISO/IEC Standards 7810, 7811-1-6, and 7813, and other formats.
The ISO 7810/7816 specifications and ABA/IATA stripe data fields describe a “discretionary field”, and “other data field” that can be used exclusively for the issuing bank. The discretionary fields can be used for status bits and other operators.
Authentication factors are pieces of information that can be used to authenticate or verify the identity of a cardholder. Two-factor authentication employs two different authentication factors to increase the level of security beyond what is possible with only one of the constituents. For example, one kind of authentication factor can be what-you-have, such as electromagnetic stripe credit card or the SIM card typical to many mobile devices and personal trusted device (PTD). The second authentication factor can be what-you-know, such as the PIN code that you enter at an ATM machine. Using more than one authentication factor is sometimes called “strong authentication” or “multi-factor authentication,” and generally requires the inclusion of at least one of a who-you-are or what-you-have authentication factor.
What is needed is a payment card that can magnetically provide use-once account numbers to legacy card readers. Especially payment cards that can receive card data updates from a PTD, in effect allowing the PTD to access ubiquitous magnetic-swipe point-of-sale (POS) terminals without actually having to modify the terminals themselves.