A system and method for preventing counterfeiting of an identification or transaction card, and for verifying that the user of the card is an authorized user, involves the use of a unique, unalterable serial number and an exclusive OR function to generate a private key protected digital signature. The digital signature is stored on the card together with a card issuer record which contains sufficient information to authenticate the record. User authentication is provided by a personal identification number which is stored on the card. The personal identification number is generated by enciphering the serial number using a password as the key. The same card can be used to store a plurality of card issuer records, each including its own digital signature, and with user authentication for all records provided by a single personal identification number.