First we can talk about the card number.It is the number embossed on the credit/debit card.If you didn't know the card number is the primary account number and contains lot of information about the bank that issued the card,which type of card it is and some costumer info.Lets take down here an example of credit card number.Say 4862362667787439
Have you ever wonder what would happen if you loose your credit or debit card and someone finds it. Would this person be able to withdraw cash from an ATM guessing, somehow, your PIN? Moreover, if you were who finds someone's card would you try to guess the PIN and take the chance to get some easy money? Of course the answer to both questions should be "no". This work does not deal with the second question, it is a matter of personal ethics. Herewith I try to answer the first question.
We present an attack on hardware security modules used by retail banks for the secure storage and verication of customer PINs in ATM (cash machine) infrastructures. By using adaptive decimalisation tables and guesses, the maximum amount of information is learnt about the true PIN upon each guess. It takes an average of 15 guesses to determine a four digit PIN using this technique, instead of the 5000 guesses intended. In a single 30 minute lunch-break, an attacker can thus discover approximately 7000 PINs rather than 24 with the brute force method. With a $300 withdrawal limit per card, the potential bounty is raised from $7200 to $2.1 million and a single motivated attacker could withdraw $30-50 thousand of this each day. This attack thus presents aserious threat to bank security.
In-Store Carding, the art of using conterfeit credit cards in order to obtain merchandise from stores. This article is for education only and to make those gain more knowledge
The following article explains practically how vulnerable banks are in the operation of ATM cards. ATM cards (Credit cards) usually has a magnetic stripe that contains the raw data called tracks for its operation.
The physical layout of the cards is standard. The LOGICAL makeup varies from institution to institution. There are some generally followed layouts, but not mandatory