Programmable magnetic-stripes: in search of a problem

While chip & PIN and contactless payments are the officially-sanctioned next generation technology for card payments, there is also some incremental innovation happening in the magnetic stripe world.

Programmable magnetic stripes are not exactly new, with the first public descriptions dating back to 2010. There are several companies in the space, although Dynamics appears to be the loudest in term of generating PR. While the standard magnetic stripe on a plastic card represents immutable data that does not change over the life of the card (unless of course the owner is into tinkering with mag-stripe writers) the idea of progammable card is that at different times the card represent different data, based on cardholder actions. For example it could be an office door badge one moment, then become a loyalty card at a store the consumer frequents, and eventually a standard payment card for purchases.

There are a number of technological and design hurdles involved in making this work. First the cards need an internal power source to change the magnetic stripe contents. That means a battery with several constrained physical dimensions, as the thickness of the cards is standardized. Different manufactureres promise several years of lifetime with average usage of the card, suggesting this particular challenge is solved. The more interesting design challenge is how the card contents are modified. This is where the competing solutions go their own ways: some are programmed in advance and present the user a button to switch between different virtual cards, others include bluetooth or NFC, relying on an external device such as smart phone to select the right card with a custom application. Each solution has its own trade offs: due to the lack of sensible UI on the card itself, switching with a button is limited to a small number of options. The phone based solutions are more extensible and allow dynamically provisioning new cards over-the-air but they introduce one more moving piece and point of failure. (“I can’t use my card to pay, because it is stuck in public-transit mode and the phone I use to change it back to credit card is out of battery.”)

The bigger problem is lack of a clear value proposition, beyond the physical aggregation or collapsing multiple cards into a single card.  At the end of the day, transactions are still processed a magnetic stripe swipe. The card can have all types of tamper resistant hardware to properly store its contents when not in use, but at the end of the day the secrets are being spilled out when they are encoded on track data. By itself this would not protect against ATM or credit-card fraud, because payment privileges are encoded using fixed data that can be stolen. (Compare this to how contactless payments work, where even in backwards compatible modes a unique CVV3 for each transaction mitigates the risk of replaying track data.)

Even the aggregation aspect could prove to be a difficult sell for reasons completely unrelated to technology. The reason bank cards have such elaborate designs is all parties share a strong interest in branding. The issuing bank wants its own colors on the front, and the network such as MasterCard wants its logo prominently displayed. While programmable cards can vary the contents of the magnetic stripe, the physical appearance of the card is fixed. That is to say, branding opportunities are limited if at all possible, especially for the open-ended model when new virtual cards can be added after the fact to existing cards.


One thought on “Programmable magnetic-stripes: in search of a problem

  1. Through programming magnetic strip it become more easy to store exact and accurate data about any company .Because this device is specially designed to record the exact information about any employee in a company like salary related or working hours related.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s