Payments products and solutions for monitoring & troubleshooting - IR

Death of the Credit Card Number

Written by John Dunne – Former Chief Solutions Officer | Aug 4, 2016 2:00:00 PM

I remember when I got my first credit card. It had raised numbers that were meant to be used with a little machine called a manual credit card imprinter. To use the machine, merchants would place the customer's card underneath a piece of carbon paper. A manual slider would then make a click-clack noise as it pressed the raised credit card number into the paper. I haven't seen one of those machines in a long time. They're mostly used as backups just in case the processing system goes down. (You might find them every once in a while under the seat of a taxi.)

Manual credit card imprinters are an example of an old, dying technology that isn't necessary anymore. Because these machines have mostly died off, modern cards are now being issued with numbers that are just printed on instead of being raised. The question then arises: Just like raised numbers aren't needed anymore, will credit card numbers themselves one day become obsolete?

You're probably thinking to yourself, how will we keep track of our credit cards if we don't use numbers anymore? If you're anything like me, you probably travel with three or four credit cards in your wallet. I have one for emergencies only, one for overseas trips, and another for day-to-day use. Imagine if we could assign meaningful names to each card instead of having to use numbers. It's much more convenient to remember 'Everyday Card' as opposed to 'Card ending in 3455'.

Behind the scenes, the bank would still have a number that was meaningful to them. The bank's internal card number (or a tokenized version of it) would be sent to the merchant whenever a transaction takes place. As a cardholder, though, I would never need to know or see those numbers. My institution would be able to provide the credit card information seamlessly thanks to the beauty of online technology.

From a security perspective, meaningful text labels are useless to a malicious party. If anybody was ever to find out this information, they couldn't use it to perform a transaction in someone else's name. Additionally, we wouldn't have to rely on CSC numbers or expiry dates as a way to thwart fraud. Doing away with all of these numbers wouldn't just make things simpler—there would be an added benefit of fraud prevention.

Online purchases wouldn't need to change very much from how they work today. We might have our credit card details saved on a smartphone for easy use. There could also be integration between the banking institution and the web browser so that we can see a list of cards with their meaningful name next to them. After selecting one, the card information would be filled into the website so the transaction could take place.

The only time I ever have to use my credit card numbers anymore is when I'm filling out an online form or dealing with a paper form that I'm sending to my child's school. Now, even paper forms are going away—everyone can use a tool like PayPal to perform party-to-party money transfers. Since we're already using third-party services like PayPal and Apple Pay, why can't we bring a banking institution into the fold as well?

I honestly believe it's within our grasp to implement a system where we no longer have to keep track of credit card numbers. Look at the ecosystem that Apple built with Apple Pay. Users can visually identify a picture of their credit card without having to know its number. Once a card is chosen, a tokenized number is automatically used in the transaction. It's only a matter of time before similar services relegate credit card numbers into obsolescence.

The days of using a click-clacking carbon paper machine are long gone. Will wesee credit card numbers share the same fate?