Now the FAQ for lamers..
Can a EMV Software be used to clone or duplicate cards ?
The EMV standard regarding Signed-SDA, DDA and CDA have never been broken.
There are few reasons:
- EMV softwares cannot write accurately card data that varies on every transaction or upon "read".
Such data include ARQC, DDOL, CDA data and other dynamic EMV data.
- EMV softwares cannot write accurately card data for data, that varies upon every transaction.
Good example, is DDA data, which changes or varies, and cannot be static.
Thus, a "cloned" card will never be accepted as anti-fraud systems will detect the DDA, CDA data is static, and marked as invalid.
How are all these videos using blank cards, and withdrawing from ATMs and places ?
The people doing this, are:
1) remove the chip of an actual working EMV card (most of time visa prepaid cards) and put the chip on a white plastic card.
2) remove the paint lamination on a working card, and then use that card on an ATM.
They can be spotted easilly in their 'cashout' videos, contact plate of the emv chip ain't their J2A040.
In reality they are withdrawing from their own prepaid cards that they buy with the cash of their victims.
We are aware of such videos, and when we are bored, we report them.
Suppose example, EMV Software 'X' saves data from one credit card, to another live credit card, is that possible ?
No. That is not possible.
All live credit-card systems have anti-tamper systems built into the card.
A request to write data will be, ACCESS_DENIED and result in CARD_LOCKED.
Can EMV Software 'X' be used to code data from "dumps" ?
That is not possible.
First, the EMV Standard encodes more data required, such as ICC (a 1400+ bit RSA key) and IPK (another 1400+ bit RSA Key) which cannot be easily duplicated.
Second, as above. The EMV standard DDA and CDA has never been broken.
If someone clones a card, and brings it to a store, would it work ?
No, it would not work.
The person would be stopped as the card does not work.
As explained earlier the main feature that prevents fraudulent attacks is the use of dynamic data for each transaction,
so that even if the card data is stolen or intercepted during a transaction, nothing can be done with it.
All dynamic card data can only be used for one individual transaction, and after that, it's useless.
Is there a version of (Software) that works to modify dynamic data in-chip ?
No. No such version of software exists at all.
You can't predict the dynamic data: EMV Algorithms have never been hacked nor broken.
Someone told me i need to buy 'X2 2028', it work!
No. no it will not work.
Basically x1 is dead in late 2015, and all the newest versions "x2" are just reshacked versions where scammers
just change pictures and placement of controls (buttons, texts, etc..).
Their mistakes are obvious as the pdb pathway and compilation timestamp are always the same.
It mean they don't even recompile from source, just same old 'X1' file in a new outfit.
Sometime they even do more mistakes like leaving: "Modified by an unpaid evaluation copy of Resource Tuner 2" in file informations.
source: https://emv.cybercrime-tracker.net/