ooking for indisputable proof that an authentic and unaltered card was used to initiate the transaction? This product acts as a tool to mitigate chargebacks and also addresses the crooked cardholder scenario in which the cardholder says, "I didn't do it."

Introduction

The Magneprint risk management tool provides issuers, acquirers and merchants with an additional layer of protection against fraud in card-present credit and debit card transactions. The necessary technology to implement this tool is now available, tested and ready for use.

The purpose of this paper is to explain to a technically informed audience the tool, technology and processes behind it and the benefits card issuers, acquirers and merchants will accrue from it. Magneprint is a card security technology that, when properly implemented, will detect skimmed or magnetically altered counterfeit cards. The Magneprint risk management tool, developed by MagTek, Inc., imposes no significant time cost and only a minimal dollar cost on the merchant at the point of transaction, and the necessary infrastructure investment is negligible in the context of the ongoing costs of fraud to issuers and acquirers.

Additionally, its success does not depend on a mass re-issuance of cards, since the cards currently in circulation can be brought into participation automatically over time in the course of their normal use.

Magneprint technology is complementary to chip technology. For the foreseeable future the magnetic stripe will remain as either the primary or fall-back (if and when chip fails) machine-readable technology on financial transaction cards. The chip will protect the chip and will not protect the magnetic stripe. However, Magneprint will protect the magnetic stripe.

Worldwide, reported credit card fraud is a US$4 billion problem, with an unknown but likely significant additional fraud cost related to debit cards that goes unreported. Credit and debit card fraud is everyone's problem.

The costs of fraud are carried initially by issuers and acquirers, which pass them on to merchants in the form of authorization fees and discounts, who pass them on to consumers in the form of higher prices for goods and services. Over time, the adoption of Magneprint technology is expected to lead directly to an annual savings in the range of US$1 billion of card-present credit card fraud that is currently borne by card issuers. In addition, there will be annual savings directly related to the elimination of currently unreported debit card fraud. More data yield better decisions. It's empirically clear that the current authorization system is generally successful in keeping credit card fraud within a predictable, actuarially useful range. But the system is not perfect. As we noted above, approximately US$4 billion worth of fraudulent transactions are cleared per year, the vast majority of which presumably represent false positives that were erroneously passed through by the authorization system. No matter how much information is available, the decision to authorize a given transaction (to indemnify the merchant for that transaction, provided that certain conditions are met) is always a statistical judgment call-a risk management decision. The issuer adjusts his authorization algorithm to take into account all available information that is relevant, and the algorithm produces an authorization decision. The accuracy of that decision, and its effectiveness in filtering out fraud, is directly related to the amount of information available to the algorithm. More data yield better decisions. For example, if the payers' identities and the cards they present were authenticated at the time of transaction, it would, without question, reduce the incidence of fraud. It is in the spirit of 'more data yield better decisions' that the Magneprint risk management tool was developed. Magneprint is a way of providing another useful, reliable piece of data about the likely authenticity of a given credit or debit card. This data point can be used as an input to the card authorization process. The genius of Magneprint. Magneprint uses the inherent properties of magnetic materials to provide the authorization algorithm with a reliable measure of how likely it is that the card presented is the original card issued by the issuer-not a clone, not a copy or not one that has altered data on the magnetic stripe-but the unique original. There currently exists no other cost effective technology capable of providing such statistically reliable, real time authentication of the payment instrument in a credit or debit card transaction. As a result, issuers that take Magneprint into account in their authorization process should see an immediate and material decline in their fraud losses resulting from skimming.

Magneprint Fundamentals

What is Magneprint? This technology was developed to generate a numeric value that could serve as the digital fingerprint of a specific magnetic stripe credit card or debit card. This digital fingerprint, known as a Magneprint, is a value that is determined automatically when a card is read in a Magneprint-enabled card reader. How is the Magneprint value determined? Magneprint technology, based on research conducted by Washington University's Department of Security Technologies, measures the background magnetic particulate distribution on a standard magnetic stripe card and converts that distribution into a 54-byte value that is a simplified representation of that particulate distribution. What needs to change on the current magnetic stripe card? There are no changes required to the manufacturing process of the magnetic stripe, the plastic card manufacturing process or the data encoded on the magnetic stripe. Also, there is no need to re-issue cards. Why is Magneprint useful? Because the particulate distribution is persistent over the useful life of the card, multiple Magneprint values read at different times from the same physical card (assuming the encoded card data have not been changed) will always be equivalent within statistical limits. In contrast, the Magneprint values read from different physical cards, even if encoded with identical card data, will always be different.

This means that the Magneprint serves as a reliable indicator of the identity of a physical card and can be used to prevent the authorization of fraudulent card-present transactions initiated from cloned, skimmed, or altered cards. How is the Magneprint used to screen for fraudulent transactions? When a card-present transaction is submitted from a Magneprint-enabled reader for authorization to a Magneprint-enabled host system of an issuer, the Magneprint of the card read at the transaction point is transmitted along with the card data and other data. The Magneprint risk management tool compares the transaction Magneprint value to a reference Magneprint value already present in the authorization database, calculates the degree of correspondence (the match value) between the two Magneprint values and makes a judgment about the authenticity of the card based on all available transaction information, including the match value.

What technology is required? The Magneprint risk management tool requires a Magneprint-enabled card reader at the point of transaction, an acquirer host enabled to transport the Magneprint values to the issuer, and a Magneprint-enabled system at the issuer's host site.

The Magneprint-enabled components, which can be retrofitted into most existing card authorization systems at a nominal cost, will be available from MagTek and its partners.

Four layers of security: Magneprint technology offers four layers of security. These are increasingly impregnable layers that act as barriers to prevent the compromise of Magneprint technology. The first layer of security is inherent in the complexity of the particulate distribution on a standard magnetic stripe. The Magneprint algorithm leverages the fact that the 3.375 inches of stripe space along each card's encoding area is populated by a persistent random distribution of particles, that are, permanently fixed.

(The changes in the magnetic stripe's physical structure that occur during the lifetime of the card, e.g., by abrasion during normal use, are statistically insignificant.) Furthermore, the likelihood that two different cards will yield identical particle distributions, given the randomness inherent in the process by which magnetic stripes are manufactured, is in the range of one in 900 million. And the hundreds of millions of particles make it statistically and practically impossible for an existing magnetic stripe to be cloned (from the perspective of particle distribution) in a way that yields an equivalent Magneprint value. As a second layer of security, Magneprint technology determines the 54-byte Magneprint value in reference to the positions of the flux reversals of the encoded card data. The data pattern is larger (by orders of magnitude) than the particle pattern. Therefore, if a valid card with a known particle pattern were to be re-encoded with identical data, it would show non-trivial variances in the way the written data pattern microscopically aligns with the physically permanent particle structures of the magnetic stripe on the card. As a result, cards with altered data can be detected with Magneprint technology. The third layer of security is the random variations inherent in each incidence of reading a card. Each read of a card (whether the card is swiped by hand, inserted into a reader or read by some other method) is a microscopically different experience, due to the impossibility of precisely duplicating the reading process, variations in the read head among card readers and so forth. Paradoxically, this means that a transaction Magneprint value that is identical to a previous Magneprint value on file is almost certainly fraudulent. Multiple Magneprint values taken from the same card on successive reads are expected to vary within a statistical range.

The probability of an exact match on all 54 bytes in separate card reads is in the range of one in 100 million. This inherent variability provides a statistically probable, unique transaction number for every card read, assuring that Magneprint is very difficult to compromise. Finally, as a fourth and ultimately impregnable security level, the Magneprint authorization process is protected against fraud by the simple fact that it depends on information that is in plain view.

There is nothing hidden about the particulate structure of the card or the encoded alphanumeric data. This means that there is no secret to the fundamental Magneprint technology that, if cracked, would compromise the system. Determining acceptance criteria: It is important to understand that Magneprint does not guarantee the authenticity of the transaction. It provides the card issuer a data point representing the probability that a given card used for a transaction is authentic. By using this data point, card issuers can establish their acceptance criteria for a level of risk that is financially acceptable. During the Beta Test in 2002, a run of a million transactions with an acceptance threshold set at 0.5 resulted in a false accept rate of zero (that is, all attempts to process fraudulent cards were thwarted) and the resulting false reject rate was only 0.027%.

In comparing a given transaction Magneprint to its reference Magneprint, the scoring algorithm assigns a match value between zero (no match) and one (perfect match).

The Magneprint authorization methodology allows each financial institution to select an acceptance threshold between zero and one for its transactions, or even to specify a threshold that varies according to the characteristics of the transaction (e.g., be more stringent for higher-dollar transactions originating from a fraud prone merchant). As important as it is to reject fraudulent transactions, for many merchants it is just as important to not reject legitimate transactions (i.e., to not generate false rejects). In order to preserve customer goodwill, some issuers might wish to be more forgiving, e.g., set the acceptance threshold at 0.35, which would result in authorizing a very small number of fraudulent transactions, while statistically eliminating the incidence of false rejects and while still maintaining the robustness of Magneprint as a risk management tool. These risk management decisions have been deliberately left in the hands of the issuer, so that each can establish acceptance thresholds that are prudent in the context of its own business and its own customers. Growing the Magneprint-enabled card base: The Magneprint risk management tool depends upon the presence of reference Magneprint data in the authorization database. This allows comparison of the transaction Magneprint data and the reference Magneprint data to authenticate the card. Reference Magneprint data should of course be collected as a matter of course whenever a card's identity is known with certainty, e.g., at the time of issuance. To avoid re-issuance costs, how can reference Magneprint data be gathered reliably on cards already in circulation without imposing an unacceptable convenience on cardholders?

Fortunately, Magneprint technology provides a built-in channel for collecting reference Magneprint data on the fly during the course of normal card use. When a transaction Magneprint is submitted as part of the authorization data set, and if no reference Magneprint exists for that card, this first transaction Magneprint is presumed to be legitimate and recorded in the authorization database with provisional status.

Henceforth, the provisional Magneprint collected at the time of this earlier transaction will be available for use as the reference Magneprint in authorizing future transactions. The authenticity of this provisional Magneprint is not guaranteed because it was collected in circumstances in which the authenticity of the card from which it was provided was not known with 100% certainty.

However, there is a strong statistical probability (inherent in the overwhelming margin by which legitimate transactions outnumber fraud attempts in the transaction pool as a whole) that any such provisional Magneprint will in fact be legitimate, so treating all such provisional Magneprints as authoritative, in the absence of evidence to the contrary, is a statistically rational business decision.

Furthermore, if there are no disputes from the cardholder regarding the transaction that was used to collect the provisional reference then the provisional status can be changed to permanent status.

Conclusion

The Magneprint system as a whole has been exposed to rigorous beta test environments of statistically significant size with quantifiable positive results. Following are some of the most prominent benefits associated with the adoption of the Magneprint risk management tool. Decline in direct skimming. As it begins to be adopted, Magneprint will immediately begin to have an impact on the success of skimming-a method for creating counterfeit cards in which a legitimate string of card data bytes is captured and copied to create another card.

Counterfeit cards created by skimming are easily detected by Magneprint technology. The decline in skimming will lead to a decline in credit and debit card fraud losses. Other benefits. Magneprint technology will increase the confidence and goodwill among both cardholders and merchants. Although difficult to quantify, this benefit is significant. With the increased awareness in identity fraud, consumers are becoming concerned with fraudulent uses of their credit and debit cards. Furthermore, both issuers and acquirers will benefit over time in the form of lower acquisition costs, lower churn levels and increased card activity. All the necessary components of the system (including Magneprint-enabled card readers, encoders and authorization system components) are available from MagTek and its partners. To learn more about Magneprint, visit www.magneprint.com or contact the author by phone at 1-888-624-8352 Ext: 6122 or e-mail him at kiran.gandhi@magtek.com

Kiran Gandhi is Vice President of MagTek, Inc. © 2003 MagTek, Inc.