Instructables

Magnetic stripe card spoofer

Magnetic stripe card spoofer
This instructable demonstrates how to use an electromagnet, a simple amplifier circuit, and a personal music player to induce signals into a magnetic stripe card reader, causing it to think that you have swiped a card through it.



This instructable assumes that you have basic knowledge of electronics and a cursory understanding of C++.

NOTE: This device is useless unless you already know the contents of a particular magnetic stripe card that you want to emulate. Thus, you can't use this device to do Something You're Not Supposed To Do unless you've already done something naughty to obtain the data from a magnetic stripe card you're not supposed to have.

Don't do naughty things. Your mother wouldn't like it.
 
Remove these adsRemove these ads by Signing Up
 

Step 1How it works

Before going any further, read the document I've attached to this step, "A Day in the Life of a Flux Reversal" by Count Zero. This document is pretty much the bible on how magnetic stripes work, and you need to understand how data is encoded on to them and the basic formatting of the tracks on a given magnetic stripe card. I'm going to go get a cup of coffee; have it read by the time I get back.

.......

Finished? Good.

As you will have learned from your reading, data is encoded on to magnetic stripes by means of magnetic flux reversal in the segments on the stripe. When the card is swiped past the card reader, the changing magnetic field of the passing flux reversals induce a current in the reader element, which is then decoded into binary bits, and the original data stored on the magnetic stripe is reconstructed.

So, in order to emulate a particular magnetic stripe, all we need to do is find a way to recreate the pattern of the way its magnetic field changes as it's being swiped past the reader. How are we going to do this? With an electromagnet!

As you may already know, an electromagnet is basically just a solenoid (coil of wire). When an electric current is passed through the coil, a magnetic field is created. By turning the electromagnet on and off rapidly, we can replicate the changing magnetic field of a magnetic stripe swipe.

The final piece of this puzzle is how to control the electromagnet. Well, we're trying to recreate a particular waveform of current through the solenoid in order to create a particular waveform of magnetism. What's a common way of storing waveforms and converting them to electric current? Sound files! So, all we have to do is encode the highs and lows representing the desired flux reversal pattern into a .wav file and play it back on an iPod or similar music player through the solenoid.

Music players designed to play sound through headphones do not produce enough current to drive the electromagnet in this project, so we will also have to construct a basic amplifier that the signal must be passed through before going to the electromagnet.
« Previous StepDownload PDFView All StepsNext Step »
108 comments
1-40 of 108next »
Dec 3, 2011. 4:53 PMjanny130 says:
hello i was wondering if do anybody know anyting about tracks
Oct 7, 2011. 2:56 AMlokivoid says:
This type of spoofer will only work single track cards sadly.
Feb 10, 2011. 6:55 AMmaxell3775 says:
Good Morning, Is there a way to get the data come straight from a usb port?, instead of having is to come from a audio source, that you could connect the spoofer to a USB port and send the data, and if it is not possible with this king of design, is there a USB SWIPE CARD like Justin longs in DIe Hard 4? when he tries to bypass woodlands server room door.

THank you
Oct 3, 2011. 3:45 PMS33PlusPlus says:
The first thing that comes to mind is a cheap USB sound card. All you'd need to do is crack it open and stuff a signal amp in, and depending on the particular card, a headphone jack that connects to the amp's output.

For the amp stage, you could cut size *way* down by using surface mount ICs and draw the power you need straight from the card's power supply (just make sure you keep the current below 500mA or you'll overload the USB port!)
Jul 28, 2011. 2:57 PMDlowe089 says:
would it be possible to amplify the output of the initial card reader to record directly as audio through a microphone jack (mixer, some form of audio in), and then run that recording of the magnetic pass into the mp3 player and spoofer? It seems to me like a perfectly reasonable analog solution. But I am no expert in magnetic stripes, nor did I read the "A Day in the Life of a Flux Reversal" article (later, I'm just browsing instructables right now.)
Feb 10, 2011. 7:17 AMmaxell3775 says:
another form would be to be able to connect to the mini usb port of an android smart phone and be able to send the signal.
Nov 4, 2010. 11:28 AMjaycwallace says:
Someone should start a website with known data formats for different card types and make this conversion to audio track on the server side. Seems it would be pretty handy to know the data format and just fill out the form with the required information encoded on the card, since most the information is often pretty apparent and/or in sight. It would generate the audio track and you could play it locally wherever you are.
Oct 18, 2010. 11:59 PMasconine says:
There is an app for the iPhone called square and when you sign up for it they send you a card reader that plugs into your headphone jack ( see squareup.com). The way this app works is by converting the info on the mag-stripe into audio. So could you use an audio file recorded off of the Square card reader rather then using this C++ app to create one?
Nov 1, 2010. 8:54 AMGrazfather says:
Yup, totally.
Oct 15, 2010. 5:22 AMfub1985 says:
you say that a old powered computer speakers can be used.. what do you mean by this?
Sep 16, 2010. 11:25 AMPooloop says:
You could make a video tutorial explaining how to create the .Wav file
Sep 13, 2010. 1:44 PMPooloop says:
where did you buy the parts?
Sep 13, 2010. 1:42 PMPooloop says:
where a put the card code in the c++ code?
Aug 3, 2008. 3:01 PMGiggles12 says:
I think nerds are hot!
Apr 17, 2010. 11:06 AMNatureTM says:
Fact Check:  We are ugly.
3
Sep 9, 2010. 10:48 PMcody777 says:
speak for yourself
now if only i could find a girl who was hot AND as smart as me
Mar 6, 2010. 10:57 PMthestyrofoampeanut says:
 that kinda sorta just really made my day
Aug 7, 2008. 12:33 PMwaterppk says:
Nice to hear someone has some love for us, but it doesn't make the cold nights any warmer :P
Jun 24, 2010. 10:01 PMNatrix2494 says:
exactly, knowing C++, C#, in highschool doesnt mean a thing to anyone.. we stay nerds cuz we know one day it will mean something..
Jul 6, 2010. 8:38 PMnam2000 says:
I wonder if you could somehow use the 12, 5 or 3.3 volt connections on the ipod 30 pin plug to power the device. It would be more expensive but smaller... here is a good website with the 30 pin port specs http://pinouts.ru/PortableDevices/ipod_pinout.shtml
Nov 13, 2008. 6:12 AMseth3d says:
WIP: I've created a PCB trace. The yellow lines signify where I'll be using wire jumps. If anyone is interested I'll post my results, negs, and Digi-Key part list.
amp1b_layout.jpg
Nov 17, 2009. 8:26 PMmacgeek10 says:
There is an error in your pcb layout if i am not mistaken, the potentiometer is not hooked up as an adjuster, but rather as a simple 5k resistor, you need to change one of the traces to that center post instead.  I recommend Eagle for your pcb layout, it is lightweight and free, give it a try.
Dec 30, 2008. 10:47 AMbrokentesting says:
Seth3d, This would be excellent. But seeing as it has been going on 2 months since your last post, I still hope you provide the details :) Nonetheless, I have subscribed to your Instructable area, just waiting on you to create a Instructable with the details of your PCB board. In the interim, I will try and contact you otherwise. Thanks for offering this Seth3d :) Keep us the cool work :)
Dec 30, 2008. 12:16 PMseth3d says:
OK, here are the files in the zip file. The express PCB layout has top layer flipped for your printing convenience. I used the oxy-hydrogen-chloride etching method described here.

I haven't had much time recently to work with this much more. The amp is essentially a simple "square wave" modulator. I'm not 100% certain that the wave files would even work without the amplifier though others have stated it does with the right miniaturized electromagnet.

Additional materials not included in the part list include some solid core wire to use for jumpers, copper clad, an audio jack which was wrenched from the end of a broken headphone, and an LED with resistor to display power state. The LED can be excluded.
amp1b_complete1.jpgamp1b_complete2.jpg
Dec 30, 2008. 12:50 PMseth3d says:
Here are both layers to the PCB, no sense wasting two sheets of transfer paper.
amp1b_copper_silk.pdf(612x792) 40 KB
Dec 30, 2008. 2:55 PMbrokentesting says:
Seth3d, You are the MAN! Very prompt reply indeed with all the necessary details :) Going to send you a Email shortly regarding some other stuff I think you'll find interesting. Thanks much Seth3d. You DA MAN!!!!!!!!!!!!!!!!!!!!!!!!!!! :)
Oct 22, 2009. 9:36 AMcrasymonkey89 says:
is it possible to use these on say a card reader without a track?  I.e. a system wherein you simply hold the card to the reader?
Nov 14, 2009. 1:53 AMejreynolds says:
Unfortunately, no.  That type of system is usually RFID (http://en.wikipedia.org/wiki/Radio-frequency_identification).
7
Oct 7, 2009. 6:16 PMfinfan7 says:
Could one use this setup but with a file that would enter all possible codes?  It might take a while to go through them all but unless there is a failure counter or a notification setup on the system it would be able to open any normal keycard door.
8
Aug 3, 2008. 4:36 PMjoe57005 says:
Is the amplifier really necessary? if you put the coil a little closer to the reader, you only need as much power as the ipod normally gives to speakers. you could probably draw a suitable coil using conductive ink on a real [blank] card. depending on the size of the coil and the resistance of the lines, amplification should not be needed. Card readers use the same parts and very similar circuits as a cassette players, and you don't see any cd adapters use amplification or large coils, they just get the tiny coil very close.
Aug 29, 2009. 5:06 AMhummelm says:
could you put conductive ink on the magnetic strip on a card somehow and just have the coil at the end of the card so the card could go in the insertion readers instead of just the swipe readers like the movie showed?
8
Aug 31, 2009. 7:44 PMjoe57005 says:
not sure what you mean.
2
Aug 3, 2008. 9:29 PMpowerpants (author) says:
i initially tried it with no amplifier and quite a few less of turns of wire that were placed directly against the sensor element, and getting the positioning right was really hard. also, when the positioning was exactly right, the data transmission was very error prone. stuff would show up, but a system like this is obviously useless unless it transmits the data with no errors. the amplifier really, really improves the reliability. anyway, it would definitely be cool to have a much more compact system, so if you come up with something better, let me know asap!
Jan 3, 2009. 1:04 AMpacemaker says:
I'm thinking of using the 30 pin connector. It would be much smaller. Let me know what you think. I don't want to fry my ipod touch lol.

http://pinouts.ru/Devices/ipod_pinout.shtml
3
Nov 16, 2008. 2:32 PM_soapy_ says:
You'll get better results by using a finer wire. This will let you have many, many more turns, and so a far higher magnetic field for the same current. The iPod (or whatever) will limit the current out anyway, so looking that up, then referring to a coil design website for the current capability of the wires you can get, will let you design the "perfect" coil. I made one of these devices many, many years ago from a tape-to-tape deck, as a proof of concept reader. I adjusted the depth by simply adding a bit of something (I don't recall, probably a bit of plastic) to raise the spacing so that the card slid past at the exact right height, rather than re-configuring the reader. Then you just do three passes to get all the data.
Aug 5, 2008. 12:43 PMMioTheGreat says:
How about drawing power from the iPod connector? In fact, you can both draw power and receive the output signals from that connector. I may have to write a little app for my iPod Touch for this...
2
Aug 5, 2008. 3:47 PMpowerpants (author) says:
hey, that would be nifty! let me know what you come up with!
8
Aug 4, 2008. 3:51 PMjoe57005 says:
unfortunately i don't have anything to test with. (except a tape player, but that's a slightly different setup) I also don't have any conductive ink to play with. Sorry, but all i can offer are ideas.
Nov 24, 2008. 11:27 AMbignaughtydog says:
can you not add some iron filings to the ink or just buy some?
8
Nov 26, 2008. 5:38 PMjoe57005 says:
yeah, that works. I've heard of people using graphite powder mixed with epoxy, but i wouldn't do that, too much resistance. I'd use copper or something more conductive.
1-40 of 108next »

Pro

Get More Out of Instructables

Already have an Account?

close

All Steps Viewing
View all steps of an Instructable on the same page when you're a Pro Member.

Upgrade to Pro today!
36
Followers
2
Author:powerpants