Earning Its Stripes

Retailers are using their heads to combat fraud involving the use of counterfeit credit, debit and gift cards. This doesn’t involve mind games nor a tete á tete, but rather employs the special heads that read magnetic stripes when payment cards are swiped through processing terminals.

The proprietary technology, called MagnePrint, was developed by Seal Beach, Calif.-based MagTek. The company manufactures the rotating heads that read the “fingerprint” of the magnetic stripe (or magstripe) of the payment, gift, loyalty or identification card. The fingerprint of each magstripe is unique and identifiable among the 2.7 billion cards currently in use.

The magstripe’s fingerprint is created during the manufacturing process when up to three billion ferrous oxide particles are affixed to the pliable Mylar tape that is attached to the plastic card. In the pre-digital era, magnetic tape was used to record all sorts of data, from music on audio tapes to detailed financial information fed reel-to-reel on refrigerator-sized computer modules. What they had in common were those billions of ferrous oxide particles with randomly oriented north and south magnetic poles that allowed data to be recorded.

When a plastic payment card is manufactured, the number on the front of the card is recorded in the magstripe on the reverse side. MagTek’s technology reads the card’s number and matches it with the “fingerprint” of the magstripe. A counterfeit card created by an identity theft ring would have a magstripe fingerprint that does not match the payment card number.

Easy card authentication
“Our goal is to significantly reduce the merchants’ counterfeit card fraud losses by allowing their point-of-sale devices to simply decline any presented card that is not original,” says Tom Patterson, chief security officer for MagTek and a former advisor to the FBI on cyber security. “Banks win with lower fraud, merchants win with lower chargebacks and consumers win by knowing that their stolen identities won’t be accepted for payment anymore.”

For merchants “saddled with the costs of fraudulent card use,” Patterson notes, “this is a low-cost way to decline cards. If the card is counterfeit, the number and magstripe fingerprint won’t match and the retailer can decline the transaction. This can be done online or via cloud-based computing, with the data being instantly encrypted and containing none of the cardholder’s personal information.”

Tying the whole thing together is Magensa.net, MagTek’s card authentication service, which, in addition to verifying “card present” magstripe card data, delivers multi-factor authentication for secure log-in to any Internet site, as well as website authentication and end-to-end data encryption. The system has been used in non-retail environments for years, Patterson says, and is done in just one swipe. The system can detect a counterfeit card and “allow the merchant to decline the transaction.”

Counterfeit payment card use costs businesses about $4 billion a year, according to Patterson, citing the Secret Service as the source of the figures. In addition, the use of counterfeit cards is growing at about 25 percent a year, with “retailers eating half” of the losses and “the card issuers eating the other half.”

The Secret Service figures may be conservative: Other studies put annual losses from counterfeit card use as high as $90 billion, “including everything from lost merchandise to the cost of retailers fighting with card issuers over the fraud, chargeback and all the ancillary costs involved,” notes Patterson.

In addition to the costs borne by retailers, “another discouraging fact is that a lot of the money leaves the country very quickly because so much payment card fraud is operated by off-shore criminal gangs,” he says.

Retailers have been struggling for years to comply with the PCI data security standards designed to protect consumers’ sensitive personal information from identity thieves and hackers. “So many times … it seems as though the security guys come out with a new product one day, and the next day the bad guys find a way to beat it,” Patterson says. The MagTek technology, he says, is “very elegant,” and was the reason he joined the company following years in the intelligence field and stints with IBM and Deloitte & Touche.