Embodiments of the present invention relate to systems and methods for providing an improved portable consumer device capable of generating dynamic data for authentication purposes.
As methods and devices for engaging in financial transactions have increased in number, problems such as fraud and counterfeiting have also increased in severity. In particular, applications and devices developed to make credit or debit based financial transactions more readily available have also made fraud and counterfeiting easier. In order to protect financial institutions, consumers, and merchants from fraudulent transactions, the industry has developed and introduced many features designed to reduce fraud and counterfeiting in portable consumer devices, such as holograms, special over-layers, and watermarks. Nonetheless, many of these features are proving to be less effective as financial transactions are increasingly conducted in a wireless environment. For example, the introduction of contactless portable consumer devices that utilize RF technology to conduct payment transactions has enabled surreptitious and remote skimming of the information stored on the device for subsequent fraudulent use.
Data skimming is one of the primary sources of fraud in the financial industry and refers to the electronic copying of the data stored on a portable consumer device (e.g., a payment card's magnetic stripe data or data stored in the memory of a contactless device) to create counterfeit devices and/or conduct counterfeit transactions. Skimming is successful because the data stored on the portable consumer device is static and therefore can be perfectly copied.
In order to combat data skimming, systems and methods have been introduced to dynamically generate an authentication value for each financial transaction conducted by the portable consumer device. This authentication value changes for each transaction and therefore significantly reduces the effectiveness of data skimming. Even if the data utilized in a given transaction is skimmed, that data will not be useful in conducting further transactions since the skimmed authentication value is not valid for subsequent transactions.
One example of a portable consumer device capable of providing variable authentication data includes a rewriteable magnetic-stripe card described in Brown U.S. Pat. No. 7,044,394. Brown refers to a re-writing device such as a magnetic write head that may be used to rewrite the data on the magnetic stripe of the card. Brown also refers to a battery within the card for supplying power to the re-writing device. The use of batteries in portable consumer devices is, however, not particularly desirable for many reasons. For example, batteries add cost and limit the lifespan of the device and need to be disposed of in an environmentally friendly manner. Also, if a battery-powered device does not have sufficient power at a given moment, a particular transaction conducted with a portable consumer device may not take place as intended.
In view of the foregoing, the present invention relates to improved systems and methods for providing a portable consumer device capable of handling dynamic authentication data. Embodiments of the invention address these and other embodiments individually and collectively.