EMV TUTORIAL
May
1. Getting the EMV Dump
typically need to **acquire a dump** of the EMV card data, which contains all the critical information from the chip. This data can be obtained through methods like:
Skimming devices**: Placed on ATMs, PoS terminals, or other places where cards are swiped or inserted.
Malware**: Installed on compromised PoS systems to capture EMV data when cards are used.
Social engineering**: Obtaining dumps from the dark web, or using phishing attacks on bank customers.
An **EMV dump** typically contains:
PAN** (Primary Account Number)
Track 1 & 2 data** (magnetic stripe data)
Issuer information** (like AID and keys)
ARQC/ARPC** (Application Request Cryptogram) for dynamic data
*Expiration Date**
Service code**
2. Tools for Cloning with Omnikey 3021
Fraudsters will use software that works in tandem with the **Omnikey 3021** reader/writer. The **Omnikey 3021** is **not a standalone tool**; it’s used to interface with blank EMV cards. Tool: https://www.amazon.com/HID-OMNIKEY-3021 … ref=sr_1_3
Common software and steps used include:
Software Needed:**
a. **X2 All-In-One** (or other EMV cloning software):
– This software can read an **EMV dump** and send the necessary APDU commands to write the data to a blank smart card (via Omnikey).
– It supports **emulating** SDA (Static Data Authentication) or **partial DDA** (Dynamic Data Authentication) to help with cloning.
– X2 helps **write** the PAN, expiration date, Track data, and the application identifier (AID) to the EMV card.
b. **JCard Editor** (optional):
– Used to interact with JavaCards (like JCOP21/JCOP41).
– It can be used to install or modify applets on JavaCards.
3. GlobalPlatformPro (for advanced manipulation)
– Used to interact with **JavaCard** applets and enable deeper customization, such as loading proprietary scripts or keys.
Hardware Needed:**
– **Omnikey 3021**: A **contact smart card reader/writer** that can interface with **EMV cards**.
– **Blank Smart Cards**: These cards, typically **JCOP** or **JavaCard**, are used to receive the cloned data. These cards are compatible with the **Omnikey 3021** and can be programmed to behave like the cloned target card.
3. Process of Cloning the EMV Card**
Step 1: Obtain a Full EMV Dump**
– Fraudsters acquire a full **EMV dump** using **skimming devices** or buying it from illegal sources.
– This dump contains crucial card details such as the PAN, ARQC, and other information that will need to be cloned.
Step 2: Set Up the Omnikey 3021**
– Insert the **Omnikey 3021** into a computer.
– Connect a **blank EMV chip card** (like a **JCOP21** or **JCOP41**) to the reader.
Step 3: Launch Cloning Software**
– Start **X2 All-In-One** or any compatible cloning software.
– Load the **EMV dump** into the software. This will contain all the data that needs to be written to the blank EMV chip card.
– The software will verify the validity of the EMV dump (including PAN, expiration, and ARQC).
*Step 4: Write Data to Blank EMV Card**
– X2 sends the necessary **APDU commands** (the communication protocol used between the computer and smart card).
– These commands write the PAN, expiration date, service code, track data, and ARQC data to the blank EMV card.
– If the **ARQC** data is present, it simulates dynamic data validation for the cloned card.
Step 5: Test the Cloned Card**
– The fraudster will now test the cloned card in **offline** environments (like self-service machines, gas stations, or vending machines) where **EMV authentication** may not fully validate the card.
– **Online validation** (PIN or full authentication) will likely fail since the fraudster does not have the **dynamic encryption keys** used by the bank or issuer.
Summary of Tools and Hardware**
| **Tool/Hardware** | **Purpose** |
|—————————-|———————————————|
| **Omnikey 3021** | Reads and writes EMV data to smart cards |
| **X2 All-In-One** | Software to clone and write EMV card data |
| **JCard Editor** | Modifies JavaCard applets (optional) |
| **GlobalPlatformPro** | Advanced manipulation of JavaCards (optional) |
| **Blank Smart Cards (JCOP21, JCOP41)** | Cards used to receive cloned data |
—
Final Notes:**
The **Omnikey 3021** can be used effectively for **cloning EMV cards** with the appropriate **EMV dumps** and software. However, this setup generally works best for **offline fraud** where full EMV authentication is not required. Fraudsters would need more advanced methods or equipment (like **PIN cracking** or **key extraction** techniques) for **online transactions** requiring full PIN verification or real-time cryptographic checks.