Remember the flurry of discussion generated by our original article about prodding a bashful credit card into making a good swipe? Well, those creative minds at SparkFun Electronics (SFE) have now entered the fray.
Their new magnetic stripe card reader (#SEN-08633) is the perfect tool for actually analyzing those failed card swipes by reliably reading the contents of that ubiquitous mag stripe that inhabits the backside of every credit card.
Although priced a little high for the average experimenter, this $60 card reader is a cinch for snooping inside all of your credit cards. Just plug the reader into an available RS-232C serial port (or use a USB-to-serial converter), turn on a serial terminal program, tune into the reader's 9600 bps ASCII output, swipe the card, and read the mag stripe's contents on your monitor. It's as simple as that. In fact, according to SFE every credit card they tried could be read by this reader. Even scarier, all of the card stripe's data was clear, readable unencrypted ASCII.
So here's the test dear reader, following the rules of engagement from the original failed credit card swipe article, ensconce your credit card in a plastic bag, swipe it, and read it. Post your results in our comments section below. Oh, and you smoking gun conspiracy theorists, please be gentle.
By "Post your results" I'm sure our friends at PopSci mean 'describe in general your results' rather than 'copy-paste the unencrypted data from the mag stripe of your credit card into a post'. SparkFun also sells a mag card reader/writer after all...
It's funny how you try to alarm people in your article "Cure for the Failed Credit Card Swipe: Part Deux" by telling them that the swipe of their credit cards yields "unencrypted ASCII" - just looking at the card with your own eyes yields the same. These days, security in credit card transactions is dependent on both the user (checking cards balances/activity) and the card vendor with their anti-fraud measures on the back end.
Speaking of fraud, a while ago I read an article which said I should write "ASK FOR ID" on the back of my credit card as opposed to signing it. I did, and after using it for a couple of years now it appears most businesses aren't worried about fraud. >95% of the time nobody checks my ID or even looks at the back of the card.
It is great that it has available RS-232C serial port connectivity. But if has easy USB connectivity then it will be great other than using a USB-to-serial converter. Memory of the device also important i believe.
<a href="http://www.stop-credit-card-debt.com">Credit Card Debt</a>
It's scary that the card contains unencrypted ASCII. I agree, it's up to both the consumer and the credit companies to manage fraud risk. But hardly anyone checks the back of credit cards these days. Seems most retailers aren't concerned about fraud. www.creditloan.com/credit-cards/