Magnetic stripe card spoofer

This instructable demonstrates how to use an electromagnet, a simple amplifier circuit, and a personal music player to induce signals into a magnetic stripe card reader, causing it to think that you have swiped a card through it.

This instructable assumes that you have basic knowledge of electronics and a cursory understanding of C++.

NOTE: This device is useless unless you already know the contents of a particular magnetic stripe card that you want to emulate. Thus, you can't use this device to do Something You're Not Supposed To Do unless you've already done something naughty to obtain the data from a magnetic stripe card you're not supposed to have.

Don't do naughty things. Your mother wouldn't like it.

Remove these ads by Signing Up

Step 1: How it works

Before going any further, read the document I've attached to this step, "A Day in the Life of a Flux Reversal" by Count Zero. This document is pretty much the bible on how magnetic stripes work, and you need to understand how data is encoded on to them and the basic formatting of the tracks on a given magnetic stripe card. I'm going to go get a cup of coffee; have it read by the time I get back.

.......

Finished? Good.

As you will have learned from your reading, data is encoded on to magnetic stripes by means of magnetic flux reversal in the segments on the stripe. When the card is swiped past the card reader, the changing magnetic field of the passing flux reversals induce a current in the reader element, which is then decoded into binary bits, and the original data stored on the magnetic stripe is reconstructed.

So, in order to emulate a particular magnetic stripe, all we need to do is find a way to recreate the pattern of the way its magnetic field changes as it's being swiped past the reader. How are we going to do this? With an electromagnet!

As you may already know, an electromagnet is basically just a solenoid (coil of wire). When an electric current is passed through the coil, a magnetic field is created. By turning the electromagnet on and off rapidly, we can replicate the changing magnetic field of a magnetic stripe swipe.

The final piece of this puzzle is how to control the electromagnet. Well, we're trying to recreate a particular waveform of current through the solenoid in order to create a particular waveform of magnetism. What's a common way of storing waveforms and converting them to electric current? Sound files! So, all we have to do is encode the highs and lows representing the desired flux reversal pattern into a .wav file and play it back on an iPod or similar music player through the solenoid.

Music players designed to play sound through headphones do not produce enough current to drive the electromagnet in this project, so we will also have to construct a basic amplifier that the signal must be passed through before going to the electromagnet.

magstripe.txt43 KB

asconine says: Oct 18, 2010. 11:59 PM

There is an app for the iPhone called square and when you sign up for it they send you a card reader that plugs into your headphone jack ( see squareup.com). The way this app works is by converting the info on the mag-stripe into audio. So could you use an audio file recorded off of the Square card reader rather then using this C++ app to create one?

goiano in reply to asconineMay 16, 2013. 6:11 PM

amigo sou do brasil, se tiver interesse em ganhar dinheiro usando a inteligencia que voces tem ai aqui no brasil me mande e-mail madmaxgyn@hotmail.com

Grazfather in reply to asconineNov 1, 2010. 8:54 AM

Yup, totally.

goiano says: May 16, 2013. 6:09 PM

Amigo sou do Brasil procuro amigos para trabalharmos na area !!! preçiso de info e faço dinheiro aqui no brasil e despacho o seu cach tenho msr206 preçiso somente de dados please add madmaxgyn@hotmail.com ou envie e-mail

Abraços

lokivoid says: Oct 7, 2011. 2:56 AM

This type of spoofer will only work single track cards sadly.

VirtualBoxer in reply to lokivoidDec 2, 2012. 6:28 PM

So will the direct output from a Square Register cut it?

~CableGuy says: Nov 18, 2012. 12:34 PM

oh, and if you need a high-tolerance pre-amp for the reading process, Find a cassette player! and unsolder the nearest ic to the mechanical parts and the read head. Good luck!

~CableGuy says: Nov 18, 2012. 12:19 PM

dude you gave me BILLIONS of money! thanks!

janny130 says: Dec 3, 2011. 4:53 PM

hello i was wondering if do anybody know anyting about tracks

maxell3775 says: Feb 10, 2011. 6:55 AM

Good Morning, Is there a way to get the data come straight from a usb port?, instead of having is to come from a audio source, that you could connect the spoofer to a USB port and send the data, and if it is not possible with this king of design, is there a USB SWIPE CARD like Justin longs in DIe Hard 4? when he tries to bypass woodlands server room door.

THank you

S33PlusPlus in reply to maxell3775Oct 3, 2011. 3:45 PM

The first thing that comes to mind is a cheap USB sound card. All you'd need to do is crack it open and stuff a signal amp in, and depending on the particular card, a headphone jack that connects to the amp's output.

For the amp stage, you could cut size *way* down by using surface mount ICs and draw the power you need straight from the card's power supply (just make sure you keep the current below 500mA or you'll overload the USB port!)

Dlowe089 says: Jul 28, 2011. 2:57 PM

would it be possible to amplify the output of the initial card reader to record directly as audio through a microphone jack (mixer, some form of audio in), and then run that recording of the magnetic pass into the mp3 player and spoofer? It seems to me like a perfectly reasonable analog solution. But I am no expert in magnetic stripes, nor did I read the "A Day in the Life of a Flux Reversal" article (later, I'm just browsing instructables right now.)

maxell3775 says: Feb 10, 2011. 7:17 AM

another form would be to be able to connect to the mini usb port of an android smart phone and be able to send the signal.

jaycwallace says: Nov 4, 2010. 11:28 AM

Someone should start a website with known data formats for different card types and make this conversion to audio track on the server side. Seems it would be pretty handy to know the data format and just fill out the form with the required information encoded on the card, since most the information is often pretty apparent and/or in sight. It would generate the audio track and you could play it locally wherever you are.

fub1985 says: Oct 15, 2010. 5:22 AM

you say that a old powered computer speakers can be used.. what do you mean by this?

Pooloop says: Sep 16, 2010. 11:25 AM

You could make a video tutorial explaining how to create the .Wav file

Pooloop says: Sep 13, 2010. 1:44 PM

where did you buy the parts?

Pooloop says: Sep 13, 2010. 1:42 PM

where a put the card code in the c++ code?

Giggles12 says: Aug 3, 2008. 3:01 PM

I think nerds are hot!

NatureTM in reply to Giggles12Apr 17, 2010. 11:06 AM

Fact Check: We are ugly.

cody777 in reply to NatureTMSep 9, 2010. 10:48 PM

speak for yourself
now if only i could find a girl who was hot AND as smart as me

thestyrofoampeanut in reply to Giggles12Mar 6, 2010. 10:57 PM

that kinda sorta just really made my day

waterppk in reply to Giggles12Aug 7, 2008. 12:33 PM

Nice to hear someone has some love for us, but it doesn't make the cold nights any warmer :P

Natrix2494 in reply to waterppkJun 24, 2010. 10:01 PM

exactly, knowing C++, C#, in highschool doesnt mean a thing to anyone.. we stay nerds cuz we know one day it will mean something..

nam2000 says: Jul 6, 2010. 8:38 PM

I wonder if you could somehow use the 12, 5 or 3.3 volt connections on the ipod 30 pin plug to power the device. It would be more expensive but smaller... here is a good website with the 30 pin port specs http://pinouts.ru/PortableDevices/ipod_pinout.shtml

seth3d says: Nov 13, 2008. 6:12 AM

WIP: I've created a PCB trace. The yellow lines signify where I'll be using wire jumps. If anyone is interested I'll post my results, negs, and Digi-Key part list.

macgeek10 in reply to seth3dNov 17, 2009. 8:26 PM

There is an error in your pcb layout if i am not mistaken, the potentiometer is not hooked up as an adjuster, but rather as a simple 5k resistor, you need to change one of the traces to that center post instead. I recommend Eagle for your pcb layout, it is lightweight and free, give it a try.

brokentesting in reply to seth3dDec 30, 2008. 10:47 AM

Seth3d, This would be excellent. But seeing as it has been going on 2 months since your last post, I still hope you provide the details :) Nonetheless, I have subscribed to your Instructable area, just waiting on you to create a Instructable with the details of your PCB board. In the interim, I will try and contact you otherwise. Thanks for offering this Seth3d :) Keep us the cool work :)

seth3d in reply to brokentestingDec 30, 2008. 12:16 PM

OK, here are the files in the zip file. The express PCB layout has top layer flipped for your printing convenience. I used the oxy-hydrogen-chloride etching method described here.

I haven't had much time recently to work with this much more. The amp is essentially a simple "square wave" modulator. I'm not 100% certain that the wave files would even work without the amplifier though others have stated it does with the right miniaturized electromagnet.

Additional materials not included in the part list include some solid core wire to use for jumpers, copper clad, an audio jack which was wrenched from the end of a broken headphone, and an LED with resistor to display power state. The LED can be excluded.

Card_Spoofer_amp_revb.zip10 KB

seth3d in reply to seth3dDec 30, 2008. 12:50 PM

Here are both layers to the PCB, no sense wasting two sheets of transfer paper.

amp1b_copper_silk.pdf(612x792) 40 KB

brokentesting in reply to seth3dDec 30, 2008. 2:55 PM

Seth3d, You are the MAN! Very prompt reply indeed with all the necessary details :) Going to send you a Email shortly regarding some other stuff I think you'll find interesting. Thanks much Seth3d. You DA MAN!!!!!!!!!!!!!!!!!!!!!!!!!!! :)

crasymonkey89 says: Oct 22, 2009. 9:36 AM

is it possible to use these on say a card reader without a track? I.e. a system wherein you simply hold the card to the reader?

ejreynolds in reply to crasymonkey89Nov 14, 2009. 1:53 AM

Unfortunately, no. That type of system is usually RFID (http://en.wikipedia.org/wiki/Radio-frequency_identification).

finfan7 says: Oct 7, 2009. 6:16 PM

Could one use this setup but with a file that would enter all possible codes? It might take a while to go through them all but unless there is a failure counter or a notification setup on the system it would be able to open any normal keycard door.

joe57005 says: Aug 3, 2008. 4:36 PM

Is the amplifier really necessary? if you put the coil a little closer to the reader, you only need as much power as the ipod normally gives to speakers. you could probably draw a suitable coil using conductive ink on a real [blank] card. depending on the size of the coil and the resistance of the lines, amplification should not be needed. Card readers use the same parts and very similar circuits as a cassette players, and you don't see any cd adapters use amplification or large coils, they just get the tiny coil very close.

hummelm in reply to joe57005Aug 29, 2009. 5:06 AM

could you put conductive ink on the magnetic strip on a card somehow and just have the coil at the end of the card so the card could go in the insertion readers instead of just the swipe readers like the movie showed?

joe57005 in reply to hummelmAug 31, 2009. 7:44 PM

not sure what you mean.

powerpants (author) in reply to joe57005Aug 3, 2008. 9:29 PM

i initially tried it with no amplifier and quite a few less of turns of wire that were placed directly against the sensor element, and getting the positioning right was really hard. also, when the positioning was exactly right, the data transmission was very error prone. stuff would show up, but a system like this is obviously useless unless it transmits the data with no errors. the amplifier really, really improves the reliability. anyway, it would definitely be cool to have a much more compact system, so if you come up with something better, let me know asap!

pacemaker in reply to powerpantsJan 3, 2009. 1:04 AM

I'm thinking of using the 30 pin connector. It would be much smaller. Let me know what you think. I don't want to fry my ipod touch lol.

http://pinouts.ru/Devices/ipod_pinout.shtml

_soapy_ in reply to powerpantsNov 16, 2008. 2:32 PM

You'll get better results by using a finer wire. This will let you have many, many more turns, and so a far higher magnetic field for the same current. The iPod (or whatever) will limit the current out anyway, so looking that up, then referring to a coil design website for the current capability of the wires you can get, will let you design the "perfect" coil. I made one of these devices many, many years ago from a tape-to-tape deck, as a proof of concept reader. I adjusted the depth by simply adding a bit of something (I don't recall, probably a bit of plastic) to raise the spacing so that the card slid past at the exact right height, rather than re-configuring the reader. Then you just do three passes to get all the data.