Individuals and businesses typically may hold a variety of financial accounts with a variety of different entities. For example, such financial accounts may include credit accounts, such as credit card accounts, and deposit accounts, such as savings and checking accounts, and the like. Such accounts may be maintained by the owners thereof with a variety of financial institutions, such as banks, savings and loans, credit unions, and other banking entities, as well as with brokerage firms, retail establishments, and the like. The owners of such accounts often may be able to access the accounts via the use of a card, such as a credit card, for accessing a credit account, or a debit card, for accessing a deposit account, such as a savings or checking account. Such cards may be used by the account owner, e.g., to make purchases, by physically presenting the card at a point of purchase. For some transactions, such as mail orders, telephone orders, or orders made over the Internet, the card does not have to be physically present. For such transactions, the credit card number, which typically is physically printed on the card as well as electronically encoded in a magnetic strip on the card that may be read by an appropriate card reader, may be provided to a merchant via mail, over the telephone, and/or via a computer network, e.g., the Internet.
No matter how the card or card number is presented, the processing of a transaction using the card number typically is performed electronically. The card number is provided electronically to a card processing system, which may or may not be operated by the financial institution or other entity that holds the account being accessed. The card processing system verifies that the card number corresponds to an active account, that the card itself is valid for accessing the account, that account limits have not been exceeded, etc. If the pre-established conditions for accessing the account using the card are satisfied, electronic approval is provided by the processing system to indicate that the card transaction may proceed.
A variety of security measures may be employed to ensure that a card used for accessing an underlying financial account is used only by the account owner or someone authorized by the account owner. For example, for some card transactions, such as a cash withdrawal or draw on the account from an automatic teller machine (ATM), or at some retail outlets, the individual presenting the card will be required to provide a personal identification number (PIN) that is not printed or otherwise provided on the card itself. An individual presenting a card for a transaction may be required to provide a signature on the transaction receipt. This signature is compared to a signature on the card by a person conducting the transaction to verify that the card owner and person presenting the card are the same individual. Some credit cards and debit cards may have a photograph of the card owner thereon, which also can be used to verify that the person presenting the card is the card owner. Some credit card transactions, particularly credit card transactions performed online over the internet, may require the card user to provide a card verification value (CVV) or card verification code (CVC) as an additional security measure. The CVV/CVC are numeric codes constructed by a cryptographic process based on card data, such as the card number, the expiration date, etc., that are written to the magnetic stripe of the card as well as printed on the back of the card. Merchants and others who accept credit cards, debit cards, and the like for payment employ these and other methods to prevent use of such cards by those who are not authorized to do so.
Despite the security measures mentioned above, when a financial account card, such as a credit card or debit card, is lost or stolen there is still significant risk that the card may be used and, therefore, the underlying financial account accessed, by an unauthorized person. Thus, financial account card issuers strongly recommend that, if a card is lost, stolen, or otherwise misplaced, the card owner immediately contact the card issuer. Card issuers conveniently provide a toll-free customer service telephone number that may be called at any time by a card holder in the event that a card is lost, stolen, or misplaced. Upon calling the customer service number the card owner will be asked to provide the card number or account number for the card that was lost or stolen or misplaced. This number will be entered into the card processing system electronically, and the card will automatically be cancelled or disabled. That is, no further transactions using the cancelled card number will be allowed by the card processing system. If any attempt is made to use the card number or a card bearing the card number after the card is cancelled in this manner, the card processing system will reject the transaction, providing an indication that the card is no longer valid or has been cancelled. Typically, upon canceling a financial account card in this manner, the credit card processing system will automatically initiate a process to issue to the card owner a new replacement card bearing a new card number, such that the card owner may be able to access the underlying financial account using the new card number.
A misplaced credit or debit card can cause a card owner considerable anxiety. A missing card may be in the hands of someone who may try to use the card or card number to access the owner's financial accounts. Thus, it is quite reasonable to want to cancel a financial account card as soon as it turns up missing. However, canceling a credit or debit card can be inconvenient. Once the card is cancelled, the card owner must do without the card, and may not have access to the underlying account, until a new card is received. This could take several days or even longer. Furthermore, the card owner may have established future automatic and/or recurring charges to be made to the card number. Once a financial account card is cancelled, the old card number is no longer valid, and any such pre-established charges to the cancelled card number will be rejected. Thus, the card owner may have to contact various merchants or others to change the card number to be used when the new card and card number is received. All of these inconveniences are made more frustrating when the supposedly lost or stolen card is found by the card owner. Under current systems and practices, once the card is cancelled it cannot be reactivated. Thus, finding the lost card that has been cancelled may give the card owner some peace of mind, in knowing that the card was not in the wrong hands for any period of time, but otherwise is not very helpful. Since the old card number has been cancelled, and, under current practice, cannot be revived, the found card is of no value and can only be destroyed.
Even if a financial account card owner knows where their card is, even if the card is securely in their possession, there is some risk that an unscrupulous person will be able to use the card number to access the underlying financial account without permission. It is possible that such a person may obtain the card number in some illegitimate way, and some merchants or transactions may not require the use of additional security measures, such as the use of PIN's and the like, to process a card transaction using the card number. With some, a card transaction may be authorized if the person presenting the card can present basic information about the card or the legitimate card owner, such as the expiration date of the card and/or underlying account, or the legitimate card owner's mother's maiden name along with the card number, etc. Such information might be obtained from a variety of legitimate and illegitimate sources. Thus, a victim of identity theft is at risk of having their credit or debit card account accessed without their permission even if the credit or debit card is not lost or stolen.
What is desired, therefore, is an effective system and method whereby a card owner is able to lock or prevent use of a financial account card, such as a credit card or a debit card, as desired, and to reactivate or unlock the card, repeatedly as desired. Such a system and method, therefore, provides the card owner with the flexibility both to secure access to the underlying card account when desired, e.g., when the location of the card is uncertain, as well as to avoid the frustration and inconvenience of unnecessarily having had to cancel the card outright when the card is later found. Such a system and method also provides an additional degree of security in allowing a card owner to lock access to a card account during periods when the card is not in use by the card owner, even if the card location is known and secure, thereby to secure the account from unauthorized transactions during the locked periods by those who may obtain the card number and other card owner identifying information even though they do not possess the card itself.