Because the magnetic stripe contains a security code that's not otherwise represented on the card. Including that code in the transaction gets you a better rate, since the physical presence of a card may signal a lower risk of fraud. (2.75% flat for a swipe versus 3.5% and 15ยข for keying in the number, according to Square's site)
The stripe usually just has the cardholder name, the card number, expiration date, and sometimes the CVV. It depends a lot on what tracks are present on the card, what info your bank has included in the "discretionary data" chunk, which track was read by the reader, etc.
If you grab a cheap USB magstripe reader, you'll find that most things (library cards, student IDs, airline tickets, etc) really don't include much of anything that is not already printed on the item.
There are technologies like MagnePrint (http://www.magneprint.com/) that use the signature of the ferrous oxide particles on the card. But it requires your bank and the merchant to use the tech.
"The first code, called CVC1 or CVV1, is encoded on the magnetic stripe of the card and used for transactions in person. The purpose of the CVC1 or CVV1 is to ensure the data stored on the magnetic stripe of the card is valid and was generated by the issuing bank. This value is submitted as part of transactions and is verified by the issuing bank. A limitation of the CVC1 or CVV1 is that if the entire magnetic stripe is copied, rather than generated, the card can be duplicated. See the Skimming section for more details.
The second code, and the most cited, is CVV2 or CVC2. This CSC (also known as a CCID or Credit Card ID) is often asked for by merchants for them to secure card not present transactions occurring over the Internet, by mail, fax or over the phone. In many countries in Western Europe, due to increased attempts at card fraud, it is now mandatory to provide this code when the cardholder is not present in person."
Does it follow from this that manual carbon copy "imprint" machines are not eligible for card present rates?
This may sound dumb, but why not just put this additional security code in a bar code or QR code somewhere on the surface of the card to allow for the equivalent security using a camera to read the card?
I think it's for the same reason the just using the number increases the rate. It allows someone to snap a picture of your card without ever having to touch it. The magnetic strip adds a bit of complexity to getting the data off the card.
I totally don't agree with your assessment of what is simple and reliable. I've had the mag stripe fail on numerous hotel room keys and a few credit cards over the years. A QR code is readable even if somewhat scuffed, etc.
It would seem that with a small investment in a magnetic stripe writer and a plastic mould, any scammer could create cards that could fool an imprint swiper or magnetic stripe reader.
Further, wouldn't a signature make all of the above close to equivalent?
I can't even remember the last time my credit card couldn't be swiped. What do you do to them?
True, but still even easier to duplicate a QR code.
Signatures don't help very much since the fraudster can sign his own fake card. That's why more stores are asking to see drivers licenses which is annoying.
No, it's just that a manual entry makes errors more likely, and is verification that the card is present. Or rather, that some sort of card with the customer's information is present.
Magstripe may be required for "card present" verification; there are different compliance rules for transactions involving just the information from the card (as when you punch the number in manually).
The numbers on cards become a lot harder to read after the coloring wears off of the numbers. Even as a human it can be hard to read them at times depending on the lighting.
Card layouts also vary a lot, even from the same issuers (for example: the Amex PASS).
Reading the mag stripe prevents fraud and therefore is subject to lower fees by CC companies.
Not to mention, having someone take a picture of my credit card would spook me out a little (yes, even if I'm familiar with the product).
To your last point, how is letting someone scan the magnetic stripe less spooky?
Considering that augmented reality app that translates words on signs in real time, I suspect there is far less entropy in the raised numbers on a credit card... though you may be right that the variety of layouts would make it harder than it would at first seem.
Socially however, I'd wager that fewer people would let you take a picture of their card compared to swiping it. People are simply used to having credit cards swiped, they aren't used to having pictures taken of them.
OCR would be grungy whereas the magnetic stripe is the intended direct machine interface. When you attempt to connect a machine to a human interface all sorts of annoying things can happen. Even if it's simple in theory, the amount of errors generally jumps.
True enough, but we're talking about reading around 20 characters that are raised from the plastic and typically printed using the same font on all cards. As far as OCR tasks go, it's pretty simple, and OCR is an established, evolved technology.