Maker Pro
Maker Pro

Magstripe Reading / Writing

Hello,

My colleagues and I are enrolled in a course which deals with
various aspects of computer security. The particular area we are
studying now is security involing magstripe (non-smartcard) systems.
Specifically, we have been asked to analyze the security of the card
based vending machines on campus.

Our initial conclusion is that the security will be poor -- the
vending machines are not connected to a network so each machines
"vision" of the outside world is limited by what is encoded on a
card. This would undoubtedly make each machine vulnerable to "double
spending attacks". We are currently attempting to investigate the
specific details of what information is stored to the card (ie.
whether amounts are encrypted, timestamps are used, etc.) Again,
these cards are just "dumb" magstripe cards so our analysis will be
much simpler than if they were smartcards.

We have purchased a magstrip reader and writer. This unit has the
ability to read and write in "raw" mode (independent of any of the ISO
standards). The company that manufacturers the vending cards is
called "Debitek" (www.debitek.com) and their card writers work off a
smaller magstripe (smaller than a standard ABA / credit card
magstripe). However, their magstripe does align with approximately
where "Track 2" would be in the standard magstripe configuration.
When we attempt to read for this magstripe, our reader essentially
detects no data -- it is possible for us pull the card through the
reader at various speeds and obtain data, but it always seems to be
"garbage" as we don't consistently read the same data for the Debitek
magstripe.

Some questions -- the reader/writer we purchased has what is called
an "BPI" (Bits Per Inch) setting. This can be set to either 75 or
210. I assume that this value tells the reader where to look for the
next bit as it reads the data -- if Debitek used a value that wasn't
75 or 210, would this explain the reason we are unable to read their
magstripe? There are also parity settings (odd or even) and another
option that allows us to specify how many leading zeros should precede
the sentinel value.

Our goal is to read the value on this magstripe. We just want to
see the raw binary values. Does anyone have any idea why the
magstripe reader is not detecting anything on this magstripe? (We know
that it's not empty because the vending machine can read the values
from the card). I suppose its possible that Debitek has used some non-
standard way to record 1 and 0 onto the card, in which case we need to
find a way to observe the contents of the magstripe in terms of the
two states it posesses. Any ideas?

We're hoping for a relatively inexpensive way to accomplish this
project -- buying the card reader/writer was a huge expense, given
that we have no need for it after the project is complete.

I apologize if there was a better newsgroup to which I should have
posted my querey -- this one seemed the most appropriate of the groups
I found discussing magstripe technology.

Also, for those wondering/concerned, our group has full permission
from the school and professor to carry out our research assignment.
Obviously, when we are successful in completing our project, we would
be able to "steal" from the vending machines, but any theft would lead
to failing grades for all group members. Although the vending
machines are not in real-time communication with each others or a
"home base", when the funds are collected a transaction log is
downloaded so any discrepancies would immediately be detected.

Any suggestions, tips and advice are greatly appreciated.

Thanks,

Jacob
 
Top