/r/EMV
Discussion about Europay, MasterCard & Visa chip cards.
Thanks for subscribing to r/EMV. We're a community that loves to discuss payment technologies, specifically current events regrading EMV technology for small & mid-sized businesses.
Payments Discussion:
Payments News
Credit Card Processor Reviews
Business Discussion:
Join The Fun On Twitter
Curious about obtaining a subreddit or external link in the sidebar? Message us!
Grab us a Coffee With Bitcoin
What is Bitcoin? Bitcoin is a digital store of value that might offer a cheaper alternative for businesses looking to reduce transaction fees.
/r/EMV
Hi friends. A consult, how could I know the voltage used in a determinate EMV cards (chips)?.
Please let me know if anyone has anything available in the EMV space. I was the global central point of support for all EMV certifications for a well-known ATM company. I worked with EMV co as well as the payment schemes for both certifying the end full stack solution as well as the internal kernels. I will send a resume upon request. Please note that I do not have any coding experience.
Hey! Im awfully new to all this but thought id seek help with reddit for a problem Ive been having.
The short story is, a provider of a service I use as a doctor tracks the number of times I use their services using a chip card, im supposed to have paid for 50 uses but me and other doctors have realized that most often than not the card gets blocked way before we reach that number. There are two things that I would like to know:
The first one is if there is a way to "read" the card at any given time and determine how many uses it has registered. If the answer is Yes then id like to know what is the card reader I should purchase and who I should contact to get it done since im pretty technologically challenged...
The other is if it is possible to change the information within the card in order to get the number of uses we paid for. We tried speaking to the provider of the service but they have been really unhelpful to the point that they stated we have no evidence that the cards stop working before they should (hence the necessity to read the cards in the first place). And since they are pretty much the only company in my country that does this, and it is a critical part of our business, we have our hands tied atm.
This is what the chip looks like, thank you reddit!
Hi, a couple of years ago I bought a metal card. I tried to convert my card into a metal one. I bought a magnetic stripe writer that worked perfectly. Then I ran into a problem. I noticed that the EMV function is no longer working, so I soaked the plastic card in acetone. After that, I discovered a copper wire inside. I am now wondering if I can add an antenna inside the chip housing. Does anyone have any suggestions?
I keep coming across this and even seen some videos. Are there actual people who sell this, most seem like scammers and illegal
I travelled in Thailand in March, and used my card for the last time in an ATM. The next time I tried to use it, it was nonfunctional (chip, contactless and magnetic stripe). About a week later , in 9 transactions, my account was drained. The bank investigated and told me they were processed using the card's chip (not a magnetic stripe or by manually keying in the number).
They seemed to conclude that it was impossible to clone the chip, and so it must have been my original card.
I was in possession of my original card and the transactions were in a city I never went to, so I know that the card was somehow cloned.
Has anyone heard of this before? I can't find much about this kind of fraud written on the internet, so it must be fairly new. The ability to shim a card in an ATM and produce a duplicate chip that can be used multiple times.
I am worried that the bank is going to make me liable for the stolen money, because they have not accepted my version of events yet and it has been 3 months. They are pretty unresponsive. They implied l should change my story to say that I allowed the card to be used under duress, in order to progress my fraud claim.
There is a hitherto unknown weakness in the security of these chips, but I have to somehow prove that it exists to be taken seriously.
Any advice is appreciated . I'm in new Zealand, and it was a visa debit card.
I am in Germany and it still doesn't work I wrote the original code in 2002 and even have made updates for multi card support which have not been implemented
Guys I can't do everything myself the failed scientists here need to do something too the scientists can't do everything they need some help from your other morons
Hello, I have some vending machines running android on the mainboard and has internet connectivity. I don't want to folk out 300 USD for a USATech device or similar. Instead I'd rather use something like a square/clover or https://www.alibaba.com/product-detail/Credit-Card-Reader-125KHz-13-56MHz_1600479752776.html and then can I use something like stripe's APIs or another payment processors software APIs within an android app (on the mainboard) to accept payments?
Or is there more to it than that, such as the EMV hardware being tied to a provider and you have to use particular payment processors that only work with that hardware?
Thanks
Ive read here that the payment terminal used by contactless cards has the card number written in it's memory, but how about the cardholder names - are they in the memory too or are they protected?
Does anybody know, in case of offline authorization, how is the Transaction Certificate computed?
From official docs I can't understand if it's just a SHA-1 of CDOL1 data, or a MAC computed with 3DES.
My guess is that it can't be simply a SHA-1 digest, otherwise a terminal could forge TCs and so fake transactions. On the other hand, computing a MAC with 3DES using a secret key means that the POS, which can't communicate with the issuer bank, cannot derive the same keys and so it cannot validate the TC (meaning that the card could compute random MAC and so fake transactions).
If you have an answer to this or you can point me to some reliable sources, I'll be extremely thankful!
PS: I read that contactless card do not validate the ARPC for online transactions. EMVco Book 3 says that, after online authorization, the card sends a TC to the POS. However, since contactless cards do not validate the ARPC and are far away from the POS itself, how can they send a TC? They simply don't send anything and the transaction is considered closed?
Due to a large number of posts advertising products that can potentially be used for illegal activity (such as credit/debit card fraud), we have clarified the subreddit rules. These are now listed on the right hand side of the page in the sidebar. Please review these before posting as some rules are zero tolerance and will result in a permanent ban.
Anyway, thank you for participating in /r/EMV and hope everyone has a good weekend!
Does anyone know the exact size of the EMV chip on credit cards?
I was looking around to see if wedge attacks on EMV cards are still viable or a solution has been implemented, and if so, have attackers found another way around the solution?
The latest documentation I can find goes back to 2010.