In this post, I integrated some different researches and combine them to generate sound files that transmit mag-stripe info; also I added some personal concepts, views and code to have a better understanding. I tried to add links to mention all the authors. This is a not a technical post about magnetic stripe information nor sound waves generation. It is a proof of concept.
Long time ago, I read an article at Instructables about spoofing mag-stripe information using sound powered with an amplifier. The idea is to generate a sound wave that simulates 0(zeros) and 1(ones) in the exact format how a card reader is expecting the data. Another research that I will mention to generate a successful audio mag-stripe info wave is the MagSpoof from Samy Kamkar.
By default, a sound wave has the same similarities of an Alternative Current(AC) flow, but it needs a special power to be enough stronger to be detected in the card reader, and also it needs a special shape. The amplifier plays an important role.
Before start talking about flux reversal, it is recommendable to understand the details about magnetic stripe info, and how it is encoded. Yes, it is necessary to understand a technology created at the World War II, and we is still use to make monetary transactions!! One of the best articles, Card-O-Rama: Magnetic Stripe Technology and Beyond from 1992, and it is still being one of the most recommended to understand mag-stripe concepts.
At the end of the instructable article, Powerpants(nickname who wrote the article) added a zip file which contains two files in C to generate the .wavs at different frequencies. However, the writer added, “Some music players cut off the first split second of things that they play. If this happens, your data will obviously not be transmitted properly. You might have to mess with the C++ code or use an audio editing program to add some silence at the beginning of the sound file if this is a problem. I was able to get around this with my iPod by making a playlist that has a .wav of silence before my data file.”
Analyzing the generated sound file with Audacity, It is notorious the silence issue at the beginning of the mag-stripe wave(<0.005):
There is no space between file headers and mag-stripe wave; it is necessary some “silence” between them. Instead of using the default 44000Hz for frequency, the code implemented 8192Hz. The frequency is very important; it seems that this code passed many different tests to generate those waves; they are almost perfect for card readers timing.
Now, let’s take a look at the wave shapes; they are very similar to the magnetic flux that generated the card reader when someone swipes a card.
Moreover, the original code has some limitations in checking parity which is essential in the card readers. At that part, I implemented the Samy’s code as wave generator, but also as parity checker! I left some original variables and methods because they looked old fashionable. I modified and add some code too. With all the modifications the waves looked like this(the data in each wave is different):
Notice the silence at the beginning of the second file; it is important for the card reader to detect the first zeros from the wave. Now a video playing the sound with an amplifier:
Playing it with a Qianson LM386 Audio Power Amplifier.
Transmitting mag-stripe info through Bluetooth speaker project: https://hackaday.io/project/19319-audiospoof
Thanks to Luis Colunga