After reading through the StripeSnoop site I decided to buy a 30$ TTL magstripe reader.  These seem to be the simplest to use and they work with StripeSnoop.  However, StripeSnoop requires a gameport or parallel port connection, and most computers nowadays do not have either of those.  I wanted to be able to use my reader on any system.  I found this guide that shows how to make a sort of USB adapter for the TTL reader.  It basically reads the TTL signals from the magstripe reader, and then “types” them into the computer as though it is a keyboard.  If you have a notepad window open it will just dump a long string of 1’s and 0’s into the window.  StripeSnoop has a -i option that takes input from the keyboard so all of this should work together.  I purchased one of the adapter boards along with the magstripe reader. Five days later they both showed up at my door and in about an hour I had everything hooked up on my computer and functioning.  My reader only reads track two, although I cold read track one if I put a small piece of plastic in the bottom of the reader to raise up my cards by exactly one track size.  For now, reading just track two will work fine since my research showed that most cards use that track anyway.

Enter the idea for the magomatic.  I’ve had this idea for a while but it keeps changing slightly in my mind.  I essentially want the ability to read a magstripe card and then emulate it back.  This is different from cloning a magstripe card onto another card.  This is basically “recording” the magstripe data and then “playing” it back as though it is coming from a magstripe card, even though it is not. I first thought that the easiest way to accomplish this goal would be to record the magstripe data as audio, and then play it back out through an amplifier, into an electromagnet.  I had found this instructable where someone did something similar and prooved that it works.  This person would scan in the data, and then put it into a C program.  The c program would encode the binary data into a wav file.  He could then put the wav file on his iPod, play it out through an amplifier and into an electromagnet.  He included a video to proove that the concept works.  This is how I started the project.

I had to proove to myself that his idea worked. I created an electro magnet and downloaded his source code.  I also purchased a small battery powered amplifier from RadioShack that was able to boost an audio signal pretty loud.  I wasn’t able to get the C program to work correctly so I ended up changing some of the code around.  I altered it so I could just paste the raw binary data from my card into an array in the program.  It would then encode that data, rather than converting symbols and letters into binary data and having to generate valid checksums.  After some fiddling with the code and with volume settings I was able to get this working.  I could play the audio file out of my headphone jack, through the amplifier, into the electromagnet, and then into the card reader.  The card reader thought I had swiped my card.  Success.

The next step was figuring out how I could store the data on something portable.  I didn’t want to have to lug around a computer.  My idea was to have a small, handheld device that could read a card and then instantly play it back.  I bought a small picture frame from RadioShack that included a 10 second voice recording module.  It is supposed to be used to store a message along with your photograph.  I had other plans.  I ripped that picture frame appart and pulled out the small recording module.  I removed the microphone and the speaker and just left some wires attached.  To test the module, I hooked my computer’s headphone port up to the microphone wires of the circuit using some aligator clips and a 1/8 inch mono jack.  I pressed the record button on the module and then played the working wav file through the headphones.  I then moved the aligator clips to the speaker wires and plugged the headphone jack into the audio amplifier.  I then had another set of clips going from the amplifier to the electro magnet.  After fiddling with the volumes for recording and playback, I had it working.  I now knew that it was possible to record magstripe audio data onto this module and play it back without losing the data.

The last step was to create my own simplistic reader from a magnetic read head.  I bought an old Walkman from the local Goodwill for $4.  The read head was not difficult to remove.  Unfortunately, I had a terrible time figuring out how to build a mechanism that would line up the read head exactly to track two of the magstripe card and swipe in a nice, straight line.  I tried a few things but everything failed.  I could tell it was picking up data but I never knew what track(s) it was from.  Eventually, after all that work, I had to give up on the audio idea.

It was time to come up with a new plan.  How else could I record the data and play it back though?  I had already been thinking it would be nifty to be able to record the data digitally, rather than via an analog signal.  Having the actual data would allow the possibility of data manipulation.  Why would it be good to manipulate the magstripe data?  One application is in hotels.  Most hotels use magstripe cards as room keys.  What if that data was not encrypted?  What if I could just read the data, see the room number in the data, and then change it to another room number?  I could open any room in the hotel!  I could even put a number pad on the device to allow me to choose what room I wanted to enter.  This is just one interesting application that I thought of.  But how could I accomplish this?

I pretty much instantly thought of using a microcontroller.  I assumed that a Basic Stamp would be too slow to read the magstripe data, and also, Basic Stamps are expensive at around $50 a pop.  My next thought was the use the Parallax SX chip, since it’s the only other microcontroller that I have used and have a programmer for.  To prevent myself from re-inventing the wheel I Googled around to see if anyone else had interfaced a magstripe reader to an SX chip before.  I got lucky and found one article where someone did just that.  He also used the easier to understand SX/B code rather than assembly so it worked rather well for me.

I was going to have to edit the code, though.  He was using a serial LCD for output but I don’t have one of those.  My only real option was to set WATCH’s on the variables that hold the data and then poll for the variables while debugging.  After a few days of fiddling, frustration, code editing, etc I had to give up for a bit.  I was having a terrible time making that code work with my reader.  The author had used a similar, yet different reader and his code just wasn’t working right for me.  At this point I had changed pretty much all of it and simplified it as much as possible and still wasn’t getting anywhere.  I decided to focus my attention on the emulation part of the project.

I figured it would be a waste of time to finally get this reader working, only to find out that I was unable to emulate magstripe data with the SX.  Emulating the data turned out to be a piece of cake.  I created two SX/B functions to output either a one or a zero depending on which function was called.  You essentially have the electromagnet hooked up to two SX pins.  If you want to output a one, you just turn one pin off, and the other on, then after about 1ms you switch them.  For a zero, you turn one pin on and the other off, but after the 1ms delay you leave them in the same position for 1 ms.  You can then “flip the pins” to make the current travel through the electromagnet in the other direction.  I wrote a simple program to output a fake credit card number, including the start sentinal, end sentinal, checksum bits, and the LRC byte.  The extra information was necessary for StripeSnoop to properly decide data.  More information on magstripe protocols can be found at this great resource.

Now it was time to get back to the card reader.  It took another 2-3 days of fiddling before I finally got this part working, but I did.  I was able to store the credit card information in a byte array, and then play it back through an electromagnet into my computer.  StripeSnoop thought I swiped my credit card.  Victory at last!  But I still had to merge the reader function with the emulation function.

Initially, the reader function would specifically wait for the start sentinal character and then collect data in 5 bit intervals.  This is how the typical stripe 2 protocol works.  After thinking about it, though, I realized that hotel systems and other systems might not follow that protocol.  They could very well use their own system.  That’s when it occured to me that for simply replaying the data, I didn’t even have to collect it in such a tedious manner anyway.  That is only benneficial if I want to view the data in a way that I can read it.  Instead, I altered the code to just fill up each byte all the way, instead of only the first 5 bits.  I ended up with two 16-byte arrays.  As you swipe the card, it stores the binary data in each bit of those arrays.  Once the data is stored in the variables you just put the magnet inside the card reader, press a button, and it reads through the variables bit by bit and powers the electromagnet as necessary.  Everything worked as it should.  I now had a working magstripe emulator.

I spent all morning and early afternoon drawing up a schematic, collecting parts, soldering, and troubleshooting.  After a few hours I had a working circuit board.  About 4 hours ago I was able to fit everything into a project box the way I wanted.  I did one last test with everything fitted to make sure it still worked and it worked just fine.  My goal of having a portable, battery operated device capable of cloning magstripe cards is now a reality.  I’m heading to Las Vegas in one week for a short vacation with my family.  I can’t wait to test this thing out.  I’m hoping that the hotel uses track two so I won’t have to try and read tracks one or three and mess with my reader.  I’m also hoping that the keys are encrypted in any way.  This might let me program the SX with my laptop to open other doors.  I’ll post an update once I get back with the results of my experiment.

I’ll also take some photos of the device and post them on the project page.  If I am able to get it to open my hotel room door I’ll definitely post up a video as well.

The second reason is that my web server has been down and I haven’t fixed it until recently. My server rebooted one day when I lost power and Apache refused to start for some reason. Rather than sitting down to fix that, I just spent all my time working on the anniversary project. It turns out there was some other instance of httpd running in the background hogging port 81. I have no idea why this was. I’ll have to reboot the system again to see if the problem occurs again. At least I’ll know what the problem is.

In other news, I have started the Near Space class at school last week. I am really excited for this class. We will be sending a balloon equipped with computer, science experiments, and a camera into near space in just a few months. Ryan is splitting the class into teams and should have them posted on the e-shell this weekend at some point. Hopefully I’ll have access to the shell soon. I just e-mailed a local enthusiast to see if he wants to come to class to share his experiences and offer some words of wisdom. Hopefully that will go over well.

My dad should be sending me another radio, antenna and a Tiny Trak 3 module next week. I can’t wait to get that stuff. I want to start messing with APRS tracking as soon as possible to get a feel for it before we actually do a launch. I’m hoping to be on the tracking and telemetry team for the near space class.

I suppose that’s enough updating for now. I have to take some photos of the anniversary lamp to stick on that page, as well as get a schematic up. Man, I still need to get a schematic up on the graduation hacks page… I’ll get on that soon. I’ll also post a video of the lamp in action. Until then.