Talk:Magnetic stripe card/Archives/2014

PIN
Is it really true that a encrypted version of the PIN is stored on some cards? Sounds too good to be true for a card thief... He would simply unencrypt it just as the ATM (or whatever) does, and voila! I thougt this information was only stored at the bank for online terminal transactions. The encryption wouldnt bee too hard either with such limited data capacity on track 3. Anyone

Scott 14:40, 15 Aug 2005 (CST)

I don't imagine that they store the actual PIN on the card; it seems to me that the PVV (PIN verification value) is probably some sort of cryptographic hash so that if you can validate the PIN given you without having to contact the card issuer. Who knows, maybe this is an MD5 hash...

Karl 01:57 19 Dec 2005 (PST)

The PIN offset isn't really an encrypted version of the PIN. Every card has a "natural PIN" that's generated by taking the account number (and possibly some other details, such as the expiration date), encrypting it, extracting 4-8 hexidecimal digits from the result, and applying a decimation table (which maps A-F to some digits 0-9). To allow people to pick their own PINs, a PIN offset is introduced and encoded on the card. The PIN the customer enters is the PIN offset + the natural PIN. To verify the PIN, the bank simply subtracts the PIN offset (transmitted with the transaction) from the entered PIN and determines if the natural PIN matches.

Note that without knowing the natural PIN or the PIN that the customer enters, knowing the PIN offset is useless, since the natural PIN can be any valid values.

On an unrelated note, the page mentions that CVV/CVC values may be stored on the card, but I don't believe this is the case. AFAIK, the CVV/CVC values are purposefully left off the magnetic stripe to ensure that only people who physically possess the card know it. Otherwise, some shady self-service machine would be able to swipe the CVV/CVC value.

12:30 02 February, 2006

Sorry, Karl is absolutly correct. The PIN offset is NOT the encrypted PIN. It truly is as Karl describes, an offset that is added to the system generated PIN to equal the Customer Selected PIN. The PIN offset was placed on the magstripe and used often during the days of offline ATMS. At any time a customer changed their cutomer select PIN, the PIN offset was over-written in the track data. However, today 99.99% of ATMS are online always, and the mandate was that issuers migrate the PIN offset to the card issuer's database and issuers now are only to support database verify customer select pins and not card verify customer select pins. Updates are no longer re-written to the track data, only to the database. You are just going to have to accept this fact ... it is NOT the encrypted PIN - I promise. I've been in the credit card issuing business for 18 years ... that is how it is done. I agree with your description of CVV/CVC and CVV2/CVC2.

Track 1 Version A
Can anyone give an example of a track 1 version A readout?

The track two can be generated the same as the original ?

Erasure dangers to magnetic strip
I see many people asking about accidental erasure of a credit card's magnetic strip. Myth busters looked at credit cards and found cards to be very resistant to erasure with magnets. I would like to see a section about erasure other than "be careful with magnets around credit cards". Magnetic jewelry, GPS receivers with magnets to attach to car roofs, and credit cards making direct contact with each other are a few of the common situations that I see on most threads, but the answers are disparate and non-authoritative. Perhaps a graph or table showing the strengths of magnets and whether the magnets pose a risk to credit card erasure.


 * Fact is that the HiCo cards (black stripe) resist magnets well, while the LoCo (brown stripe) cards will get wiped by a casual encounter with a magnetic purse strap. HiCo cards aren't immune, but it takes a very powerful magnet to corrupt them. Reswobslc 04:57, 23 December 2006 (UTC)


 * For my A2 Physics Coursework this year i am studying this effect, i will announce results here when i have gathered all results. Mumuthemonkey 10:18, 5 November 2007 (UTC)

There is a proprietary form of magnetic encoding called "Watermark Magnetics" which, since it is a structural encoding, cannot be erased or altered without destroying the tape. [Steve Brunt was Project Manager for Watermark Products at Thorn EMI, Wells during the 1980s] SteveBrunt (talk) 19:45, 11 May 2009 (UTC)

or , then sign your comment with  ''. Since polling is not a substitute for discussion, please explain your reasons, taking into account Wikipedia's naming conventions.''


 * Support: Because there are so many types of magnetic cards and "Magnetic stripe card" is only one of them. To be able to cover other types the title must be corrected. --Wayiran (talk) 16:51, 9 February 2009 (UTC)


 * Oppose if you want a more general article, then write one. This one is focused on the magnetic stripe card. 76.66.196.229 (talk) 05:35, 10 February 2009 (UTC)


 * Oppose. This is a good, focussed article. There's room for a more general article too, but no need to destroy this one to create it. Andrewa (talk) 12:48, 11 February 2009 (UTC)


 * Oppose - What other kinds of magnetic cards are there and why should they be grouped in the same article with this type? -- Austin Murphy (talk) 14:16, 11 February 2009 (UTC)

Discussion

 * Any additional comments:

Other standards
Since we mention transportation tickets, our list of standards should include ISO/IEC 15457 which deals specifically with "thin flexible cards", including Edmondson size TFC.0 and the airline style TFC.5. Note that CRSW016, the original specification for the BR/London ticket, is not compliant with the standard (which it pre-dates) due to its rounding off of the millimetric dimensions. [Steve Brunt is the author of CRSW016 and ISO/IEC Project Editor for ISO/IEC 15457] SteveBrunt (talk) 19:26, 11 May 2009 (UTC)

What is the Back end process of ATM and POS terminal transactions?any one
could you tell me the back end process at ATM and POS terminal transactions?I mean that how the card dat will read how it compares PIN for authentication,and each and every step up to settlement of funds?and role of card associations? —Preceding unsigned comment added by Suryaau (talk • contribs) 05:22, 10 June 2009 (UTC)


 * Nobody is going to teach you how to hijack ATMs to convince them to give them all the money contained within.

LRC commentary duplicated
The comment about the LRC byte occurs in duplicate, someone might want to fix it. Segin (talk) 01:10, 13 August 2009 (UTC)

Forrest Parry's wife's name? :-)
So, does the ingenious and historically important Mrs. Parry have a name of her own? It seems only fair to give her fair credit... 193.63.174.10 (talk) 14:33, 16 November 2010 (UTC)

I added her name (Dorothea) to the article and added the year (1960) when this happened. Greensburger (talk) 16:25, 16 November 2010 (UTC)

She said, "Here, let me try the iron."
Reference provided does not support this quote. Appears to be a fictionalized version of events.130.102.47.128 (talk) 01:30, 13 November 2012 (UTC)


 * Tagged ref with fails verification. Glrx (talk) 17:47, 16 November 2012 (UTC)

Universal card
Universal card is a new article accepted by WP:AFC. Reviewers recognised the potential to merge this content into Digital wallet or Magnetic stripe card. I believe this is a determination that can be made by the editors of these articles. ~KvnG 19:34, 23 March 2014 (UTC)

American Express service code
At the time of writing, the article states that the service code is three characters. American Express cards appear to have only a two character service code according to the card type information from a payment processor that my employer uses. I cannot find any further information, but was wondering if anyone else can confirm this. — Preceding unsigned comment added by 62.232.59.42 (talk • contribs) 10:13, 3 September 2014