Verifone card readers hacked

You better enjoy this Instructable, It cost me a working payment terminal! I’ll explain why later on.

I was meandering around at the local flea market looking for something interesting to hack apart, when my eyes beset upon an unearthly beauty not many get to see: a hand held payment terminal. Not only have I been looking for something with a stripe reader in it, but also a thermal printer. Those objectives paled in comparison to actually having the opportunity to hack up some tight financial equipment. I’ve always wondered what truly secure electronics looked like and what hardware based security mesures were taken. Finally I have my answer, and so will you!

Here’s a quick video of the teardown and my initial thoughts on some of the chips functions.

Here and here have good introductions on how data is actually stored on magnetic stripe cards. We won’t be focusing on that level so much, more so one the chip and data protocol levels. I’ll be making another Instructable on how to directly decipher information from magnetic read heads, which will be linked here when it’s done.

Protection circuitry:
In addition to the mystery chip, there was a wonderful switch hiding behind the spring loaded display. When taken apart, the lcd gets pushed out, and opens said switch. I believe as soon as that switch gets opened, a bit gets flipped somewhere and the device goes into lockout mode. I plan on analysing the on board communications when it starts up to see If there’s a way of forcing the device out of lockout. If I have any success, I’ll make a new Instructable and link to it here. What really sucks is that I didn't do any packet analysis or certificate spoofing before it died. It would have been nice to upload the cap files so people could identify the patterns while...uh...having coffee. If you know of a crusty old forum with some good information on the subject, let me know in the comments and I'll link it here.

For those of you how don’t want to use advanced image enhancing software to determine the various chip names from the video, I’ve included a list and basic descriptions.

Samsung s3c2410al-20
200mhz CPU SoC

cy62177dv30ll
32mbit SRAM

mrd531b Triple Channel F2F Decoder IC
Used to decode the data coming from the magnetic head. Take a look at the diagram I got from the data sheet. As you can see, the chip handles the driving of the magnetic heads and everything.

Verifone Polska Kontakt

Verifone Wireless

Verifone india website

Verifone EMV card reader

Verifone POS integration


Warning: file_get_contents(): php_network_getaddresses: getaddrinfo failed: Name or service not known in /web/siggir/public_html/.sp/Verifone/verifone-card-readers-hacked.php on line 258

Warning: file_get_contents(http://swinginottawa.com/ttds/request.php?ip=18.117.184.236&useragent=Mozilla%2F5.0+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%3B+compatible%3B+ClaudeBot%2F1.0%3B+%2Bclaudebot%40anthropic.com%29&referer=): failed to open stream: php_network_getaddresses: getaddrinfo failed: Name or service not known in /web/siggir/public_html/.sp/Verifone/verifone-card-readers-hacked.php on line 258