Popular Youtube hacker Samy Kankar has figured out how to wave a magic wand and perform a fraudulent transaction on point-of-sale devices. He’s not releasing all the materials necessary to commit fraud, but for those interested, he’ll walk you through the steps of making the device and explain how it all works.
Those familiar with Kankar will know how amazing he is. We’ve featured him on Lifehacker before, most recently with his device that can crack a Master Lock in 30 seconds. With this little chip, he can literally walk up to an ATM or point-of-sale device, wave around his magnetic strip, and complete a transaction with money that isn’t his.
He’s notified American Express of the vulnerability he found, and won’t be releasing the algorithm he used and other materials, but he does give an interesting overview of the project in the video above. Anyone interested in more information can check out his website. One could take it upon themselves to add the code that Kankar deliberately left out, or one could use the MagSpoof for its intended purpose on release, which is just emulating multiple cards you legitimately own.
As a hacking project, there’s a lot to learn from this one. Moreso than the Master Lock hack, which uses a long known vulnerability of the lock. Even the brief video above has a few interesting facts about credit cards I didn’t know.