By Kiran Gandhi, MagTek, Inc.

Introduction
The Magneprint risk management tool provides issuers, acquirers, and merchants with an additional layer of protection against fraud in card-present credit and debit card transactions. The necessary technology to implement this tool is now available, tested, and ready for use. The purpose of this paper is to explain to a technically informed audience the tool, the technology and processes behind it, and the benefits that will accrue from it to card issuers, acquirers, and merchants.

The Magneprint risk management tool, developed by MagTek, Inc., imposes no significant time cost and only a minimal dollar cost on the merchant at the point of transaction, and the necessary infrastructure investment is negligible in the context of the ongoing costs of fraud to issuers and acquirers. Additionally, its success does not depend on a mass re-issuance of cards, since the cards currently in circulation can be brought into participation automatically over time in the course of their normal use.

Magneprint technology is complimentary to chip technology. For the foreseeable future magnetic stripe will remain as either the primary or a fall-back (if and when chip fails) machine-readable technology on financial transaction cards. The chip will protect the chip and will not protect the magnetic stripe. However, Magneprint will protect the magnetic stripe.

Worldwide, reported credit card fraud is a US$4 billion dollar problem, with an unknown but likely significant additional fraud cost related to debit cards that go unreported. Credit and debit card fraud is everyone's problem. The costs of fraud are carried initially by issuers and acquirers, who pass them on to merchants in the form of authorization fees and discounts, who pass them on to consumers in the form of higher prices for goods and services.

Over time, the adoption of Magneprint technology is expected to lead directly to an annual savings in the range of US$1 billion dollars of card-present credit card fraud that is currently borne by card issuers. In addition, there will be annual savings directly related to the elimination of currently unreported debit card fraud.

More data yields better decisions
It's empirically clear that the current authorization system is generally successful in keeping credit card fraud within a predictable, actuarially useful range. But the system is not perfect. As we noted above, in the range of US$4 billion dollars worth of fraudulent transactions are cleared per year, the vast majority of which presumably represent "false positives" that were erroneously passed through by the authorization system.

No matter how much information is available, the decision to authorize a given transaction (to indemnify the merchant for that transaction, provided that certain conditions are met) is always a statistical judgment call - a risk-management decision. The issuer adjusts his authorization algorithm to take into account all available information that is relevant and the algorithm produces an authorization decision.

The accuracy of that decision, and its effectiveness in filtering out fraud, is directly related to the amount of information available to the algorithm. More data yields better decisions. For example, if the payer's identity and the card he presents were authenticated at the time of transaction, it would without question reduce the incidence of fraud.

It is in the spirit of "more data yields better decisions" that the Magneprint risk management tool was developed. Magneprint is a way of providing another useful, reliable piece of data about the likely authenticity of a given credit or debit card. This data point can be used as an input to the card authorization process.

The genius of Magneprint
Magneprint uses the inherent properties of magnetic materials to provide the authorization algorithm with a reliable measure of how likely it is that the card presented is the original card issued by the issuer - not a clone, not a copy, or not one that has altered data on the magnetic stripe, but the unique original. There currently exists no other cost effective technology capable of providing such statistically reliable, real time authentication of the payment instrument in a credit or debit card transaction. As a result, issuers that take Magneprint into account in their authorization process should see an immediate and material decline in their fraud losses resulting from skimming.

Magneprint fundamentals
What is Magneprint: The technology was developed to generate a numeric value that could serve as the digital fingerprint of the specific magnetic stripe credit card or debit card. This digital fingerprint, known as a Magneprint™, is a value that is determined automatically when a card is read in a Magneprint-enabled card reader.

How the Magneprint value is determined: Magneprint technology, based on research conducted by Washington University's Department of Security Technologies, measures the background magnetic particulate distribution on a standard magnetic-stripe card, and converts that distribution into a 54-byte value that is a simplified representation of that particulate distribution.

What needs to change on the current magnetic stripe card: To use Magneprint, there are no changes required to the manufacturing process of the magnetic stripe, the plastic card manufacturing process, or the data encoded on the magnetic stripe. Also, there is no need to re-issue cards.

Why Magneprint is useful: Because the particulate distribution is persistent over the useful life of the card, multiple Magneprint values read at different times from the same physical card (assuming the encoded card data has not been changed) will always be equivalent within statistical limits. In contrast, the Magneprint values read from different physical cards, even if encoded with identical card data, will always be different. This means that the Magneprint serves as a reliable indicator of the identity of a physical card, and can be used to prevent the authorization of fraudulent card-present transactions initiated from a "cloned", "skimmed", or "altered" cards.

How the Magneprint is used to screen for fraudulent transactions: When a card-present transaction is submitted from a Magneprint enabled reader for authorization to a Magneprint-enabled host system of an issuer, the Magneprint of the card read at the transaction point is transmitted along with the card data and other data. Magneprint risk management tool compares the transaction Magneprint value to a reference Magneprint already present in the authorization database, calculates the degree of correspondence (the match value) between the two Magneprints, and makes a judgment about the authenticity of the card based on all available transaction information, including the match value.

What technology is required: Magneprint risk management tool requires a Magneprint-enabled card reader at the point of transaction, an acquirer host that is enabled to transport the Magneprint values to the issuer, as well as a Magneprint-enabled system at the issuer's host site. The Magneprint-enabled components, which can be retrofitted into most existing card authorization systems at a nominal cost, are available from MagTek and its partners.

Four Layers of Security: The first layer of security is inherent in the complexity of the particulate distribution on a standard magnetic stripe. The Magneprint algorithm leverages the fact that the 3.375 inches of stripe space along each card's encoding area are populated by a persistent random distribution of particles, that is, permanently fixed. (The changes in the magnetic stripe's physical structure that occur during the lifetime of the card, e.g., by abrasion during normal use, are statistically insignificant.) Furthermore, the likelihood that two different cards will yield identical particle distributions, given the randomness inherent in the process by which magnetic stripes are manufactured, is in the range of one in 900 million. And the hundreds of millions of particles make it statistically and practically impossible for an existing magnetic stripe to be cloned (from the perspective of particle distribution) in a way that yields an equivalent Magneprint value.

The second layer of security is the random variations inherent in each incidence of reading a single card provide a second layer of security. Each read of a card (whether the card is swiped by hand, inserted into a reader, or read by some other method) is a microscopically different experience, due to the impossibility of precisely duplicating the reading process, variations in the read head among card readers, and so forth. Paradoxically, this means that a transaction Magneprint value that is identical to the reference Magneprint on file is almost certainly fraudulent. The Magneprint scoring algorithm contains built-in countermeasures against the possibility that a fraud perpetrator might attempt to circumvent Magneprint authorization by simply recording and "replaying" the Magneprint value from a previous transaction. Multiple Magneprint values taken from the same card on successive reads are expected to vary, within a statistical range. (The probability of an exact match on all 54 bytes in separate card reads is in the range of one in 100 million.) The technology is designed to flag for rejection, any submitted value that is identical to the reference Magneprint as this is a statistically unlikely possibility.

As a third level of security, Magneprint technology determines the 54-byte Magneprint value in reference to the positions of the flux reversals of the encoded card data. The data pattern is larger (by orders of magnitude) than the particle pattern; therefore if a valid card with a known particle pattern were to be re-encoded with identical data, it would show non-trivial variances in the way the written data pattern microscopically aligns with the physically permanent particle structures of the magnetic stripe on the card. As a result, cards with "altered data" can also be detected with the Magneprint technology.

Finally, as a fourth and ultimately impregnable security level, the Magneprint authorization process is protected against fraud by the simple fact that it depends on information that is in plain view. There is nothing hidden about the particulate structure of the card, or the encoded alphanumeric data. This means that there is no "secret" to the fundamental Magneprint technology that, if cracked, would compromise the system.

Determining acceptance criteria
It is important to understand that Magneprint does not guarantee the authenticity of the transaction. It provides the card issuer a data point representing the probability that a given card used for a transaction is authentic. By using this data point, card issuer can establish their acceptance criteria for a level of risk that is financially acceptable.

During the Beta Test in 2002, a run of a million transactions with an acceptance threshold set at 0.5 resulted in a "false accept" rate of zero (that is, all attempts to process fraudulent cards were thwarted) and the resulting "false reject" rate was only 0.027 percent.

In comparing a given transaction Magneprint to its reference Magneprint, scoring algorithm assigns a match value between zero (no match) and one (perfect match). The Magneprint authorization methodology allows each financial institution to select an acceptance threshold between zero and one for its transactions, or even to specify a threshold that varies according to the characteristics of the transaction (e.g., be more stringent for higher-dollar transactions originating from a fraud prone merchant).

As important as it is to reject fraudulent transactions, for many merchants it is just as important not to reject legitimate transactions (i.e., not to generate "false rejects"). In order to preserve customer goodwill, some issuers might wish to be more forgiving, e.g., set the acceptance threshold at 0.35, which would result in authorizing a very small number of fraudulent transactions, while statistically eliminating the incidence of "false rejects" and while still maintaining the robustness of Magneprint as a risk management tool. These risk management decisions have been deliberately left in the hands of the issuer, so that each can establish acceptance thresholds that are prudent in the context of its own business and its own customers.

Growing the Magneprint-enabled card base
The Magneprint risk management tool depends upon the presence of a reference Magneprint data in the authorization database. This allows the comparison of transaction Magneprint data and the reference Magneprint data to authenticate the card.

Reference Magneprint data should of course be collected as a matter of course whenever a card's identity is known with certainty, e.g., at the time of issuance. To avoid re-issuance costs, how can reference Magneprint data be gathered reliably on cards already in circulation, without imposing an unacceptable convenience on cardholders?

Fortunately, Magneprint authorization tool provides a built-in channel for collecting reference Magneprint data "on the fly" during the course of normal card use. When a transaction Magneprint is submitted as part of the authorization data set, and if no reference Magneprint exists for that card, this first transaction Magneprint is presumed to be legitimate and recorded in the authorization database with "provisional" status. Henceforth, the provisional Magneprint collected at the time of this earlier transaction will be available for use as the reference Magneprint in authorizing future transactions.

The authenticity of this provisional Magneprint is not guaranteed, because it was collected in circumstances in which the authenticity of the card from which it was provided was not known with 100% certainty. However, there is a strong statistical probability (inherent in the overwhelming margin by which legitimate transactions outnumber fraud attempts in the transaction pool as a whole) that any such "provisional" Magneprint will in fact be legitimate, so treating all such provisional Magneprints as authoritative, in the absence of evidence to the
contrary, is a statistically rational business decision. Furthermore, if there are no disputes from the cardholder regarding the transaction that was used to collect the "provisional" reference then the "provisional" status can be changed to permanent status.

Conclusion
The Magneprint system as a whole has been exposed to rigorous beta test environments of statistically significant size, with quantifiable positive results. Following are some of the most prominent benefits associated with the adoption of the Magneprint risk management tool.

Decline in Direct Skimming. As it begins to be adopted, Magneprint will immediately begin to impact the success of skimming - a method for creating counterfeit cards in which a legitimate string of card data bytes is captured and copied to create another card. Counterfeit cards created by skimming are easily detected by Magneprint technology. The decline in skimming will lead to a decline in credit and debit card fraud losses.

Other Benefits. Magneprint technology will increase the confidence and goodwill among both cardholders and merchants. Although difficult to quantify, this benefit is significant. With the increased awareness in identity fraud, consumers are becoming concerned with fraudulent uses of their credit and debit cards. Furthermore, both issuers and acquirers will benefit over time in the form of lower acquisition costs, lower churn levels, and increased card activity.

All the necessary components of the system (including Magneprint-enabled card readers, encoders, and authorization system components) are available from MagTek and its partners. To learn more about Magneprint visit www.magneprint.com or contact the author by phone or e-mail at 1-888-624-8352 Ext: 6122 or kiran.gandhi@magtek.com.

Copyright © 2003 MagTek, Inc.