Payment cards such as credit cards and debit cards are in widespread use. In some environments, payment cards in the form of magnetic stripe cards prevail in terms of popularity. With mag stripe cards, the payment card account number may be read from the card at the point of sale by a magnetic stripe reader, and then submitted with a transaction authorization request to the account issuer via the payment network.
In other environments, it is more common to use so-called “contactless” payment cards. With contactless payment cards, the payment card account number is stored in an integrated circuit (IC) within the card, and is read by short-range radio communication between the card and the contactless reader component of a point of sale (POS) terminal with enhancements that have occurred to mobile phones, including smartphones, the capability has been added to perform NFC (near field communication) communications to enable so-called “contactless” payment cards to be digitized into these consumer devices. These mobile devices utilize a secure element (SE) to store the payment card account number and associated data, keys and Personal Identification Number (PIN) to enable the consumer to perform a payment transaction using the NFC short-range radio communications provided by the mobile device and the contactless reader component of a POS terminal.
In still other environments, so-called “contact” payment IC cards are placed in point of sale readers that can read the payment card account number from the card IC via direct conductive contacts provided on the face of the card.
As recent events have underlined, security of payment card account numbers can be a significant issue. Large scale data breaches at the merchant level have occurred and have compromised many cardholders' payment card account numbers. Efforts are ongoing to reduce the risk of theft and misuse of payment card account numbers.