The utility of a portable consumer device is extended by allowing account holders the ability to gain entry into access-controlled venues (e.g., baseball or soccer game, cinema, public transit) using a portable consumer device that is associated with an account that was used to purchase the admission or tickets to the event at the access-controlled venue. Techniques disclosed allow cardholder authentication in a non-payment setting that enables cardholders access to a location or a specific event. A first validation cryptogram is generated in the purchase cycle and is stored. A second validation cryptogram is generated in the validation cycle at the venue. If the second validation cryptogram matches the first validation cryptogram, the consumer is granted access. Validation cryptograms may be based on input data that is specific to the payment card holder (e.g., primary account number), specific to the ticket selling merchant (e.g., merchant identifier), specific to the event (e.g., event identifier, date/time, location, etc.), and/or specific to the transaction (e.g., authorization code from a payment network). Based on the input data, validation cryptograms may be generated using encryption, hashing, a combination of encryption and hashing, and/or other operations on the input data.