mrxsailor1
Professional
Even if DDA is cashable, how do you go about writing it to chip?
BIG Dump + pin cashing with a difference :) SDA,DDA 201,221 ETC in Thai, malay, cambodia
- Thread starter nipsey1
- Start date
godsname1, and rest of posters ...
If I can add some thing to this discussion and I hope I do not step on some ones toe ...
DDA and SDA are nothing but authorizataion mode and they do not matter unless we are talking about pos transactions.
Banks treat cash widrawl and pos transactions as two different entities ( for proof check ur bank card statement). Now this DDA and SDA only matter when you are trying to do pos treansactions.
All atms all over the world are online but thier auth is not like pos auth. They are online but not performing any DDA functions. Auth transactions are never carried out locally but with in atm networks which differ a lot from ur standard pos merchant.
Now , just to go into a bit of detil of sda and dda and for those who may be interested sda is what ppl simply call offline auth .. but basically it is just the facility on card to auth itself offline for certain amount.
Giving an example u walk into walmart and purchase 20 $ food. Now walmart being such a super store as it is ..and have so many transactions taking place for these silly amounts , has authorized an offline floor limit with its merchant. Normally it is 50 $ offline. So now all those card who have sda facility (which 90 % debit cards have) available will be authorized locally until transaction is less than 50 $.
proof : take a card which has less than 10 $ in it but was never declined in walmart and go do shopping of 40 $ . It will approve how ever after midnight when u will wake up next day ur card will have un auth over draft and if u try to use that card again in walmart without putting any money it will get decline.
also to combat fraud these stores have set total floor limit and number of transactions offline before card is taken for online auth. Normally in uk it is 2 transaction in tesco or max shping of 50 gbp.
Now dda forces the card to auth online every time. All your local pos petrol stations and casinos , money changers , elect stores etc have been forced by merchant to auth of every card online or go for dda.
There are some cards that have to be authorised every time for dda like mostly cash cards or credit cards.
Has cashing out got any thing to do with SDA Or DDA ??
Absolutely No .
If any one can claim they have found an atm that is authorizing SDA or is doing local offline auth . That will be like finding a window in bank safe.
And then coming again to main point sda / dda auths have nothing to do with atm networks.
@godsname1 its quite fancy of you to use these words in your cashing out advert but i can tell you with experience and knowledge both SDA and DDA has got nothing to do with your atm cashing out. I will recommend you should do some study on this and speciallly ISO/IEC 7816 protocol.
How ever your confusion about dda and sda auth does not imply in any way that u may be not a legit and reliable cashier !
I hope this helps . +1 if it helps (just being cheesy)
If I can add some thing to this discussion and I hope I do not step on some ones toe ...
DDA and SDA are nothing but authorizataion mode and they do not matter unless we are talking about pos transactions.
Banks treat cash widrawl and pos transactions as two different entities ( for proof check ur bank card statement). Now this DDA and SDA only matter when you are trying to do pos treansactions.
All atms all over the world are online but thier auth is not like pos auth. They are online but not performing any DDA functions. Auth transactions are never carried out locally but with in atm networks which differ a lot from ur standard pos merchant.
Now , just to go into a bit of detil of sda and dda and for those who may be interested sda is what ppl simply call offline auth .. but basically it is just the facility on card to auth itself offline for certain amount.
Giving an example u walk into walmart and purchase 20 $ food. Now walmart being such a super store as it is ..and have so many transactions taking place for these silly amounts , has authorized an offline floor limit with its merchant. Normally it is 50 $ offline. So now all those card who have sda facility (which 90 % debit cards have) available will be authorized locally until transaction is less than 50 $.
proof : take a card which has less than 10 $ in it but was never declined in walmart and go do shopping of 40 $ . It will approve how ever after midnight when u will wake up next day ur card will have un auth over draft and if u try to use that card again in walmart without putting any money it will get decline.
also to combat fraud these stores have set total floor limit and number of transactions offline before card is taken for online auth. Normally in uk it is 2 transaction in tesco or max shping of 50 gbp.
Now dda forces the card to auth online every time. All your local pos petrol stations and casinos , money changers , elect stores etc have been forced by merchant to auth of every card online or go for dda.
There are some cards that have to be authorised every time for dda like mostly cash cards or credit cards.
Has cashing out got any thing to do with SDA Or DDA ??
Absolutely No .
If any one can claim they have found an atm that is authorizing SDA or is doing local offline auth . That will be like finding a window in bank safe.
And then coming again to main point sda / dda auths have nothing to do with atm networks.
@godsname1 its quite fancy of you to use these words in your cashing out advert but i can tell you with experience and knowledge both SDA and DDA has got nothing to do with your atm cashing out. I will recommend you should do some study on this and speciallly ISO/IEC 7816 protocol.
How ever your confusion about dda and sda auth does not imply in any way that u may be not a legit and reliable cashier !
I hope this helps . +1 if it helps (just being cheesy)
Last edited:
Hello,
I appreciate your comments, just to clear things up, i'm not saying that this as anything to do with communicating with the ATM network
DDA cards authenticates by challenge-response
DDA card can do symmetric and asymmetric crypto
DDA card cannot be cloned
never used by ATM (always online)
but.. transaction is not tied to the card authentication (shimming)
if workers are in a country with only DDA cards and if they are skimming then not all is lost
DDA, that means dynamic authentication ,where unlike SDA the cryptogram is not static, meaning that replay attacks are not possible. HOWEVER it does not prevent WEDGE attacks or man in the middle there are a few methods of getting the cards to be able to work like a SDA card, as we know the track2 data is stored on the chip itself so lets say we're in a country where they have rolled out DDA cards, if you use a offline POS using a man in the middle attack or EMV skimmer, or if possible skim from magnetic stripe rather than chip, what im trying to say is that its not impossible to cashout DDA cards at the ATM as some people think, because it has nothing to do with authenticating with the atm in the first place.
Also if a hacker has hacked a POS network with DDA cards with pin, we're going to have a massive problem cashing them, maybe my title was a bit misleading in the sense of atm cashing but it has sparked up a interesting discussion, would be interested in anyone who wanted to talk more about this subject. Thanks all
Last edited:
err not true brv... what u are thinking over here from dda is the chip of card .. however mag strip cloning has nothing to do with dda.
no brv what ever way cards are cloned .. pos , atm skim , man in middle or relay attack (in which u dont need cloning any ways ) as long as it is mag strip clone card it will work fine.
Now incase if you are wondering .. if card is inserted in pos instead of swiped .. well for your info if u have a pos sniffer u will pick up track 2 of card .. and rest of cryptic keys.. any experienced guy can separate trk 2 from all rest of gibberish and can write it on mag strip and card can be used for cash out.
if u have looked at emv structer of card or better still get a smart card reader in ur house and put ur chip card inside it. On state t=0 meaning when chip is not charged u will easily pick up track 2 card and some of basic card holder details like name etc and some of basic card functions like currency card uses, bank details , iso codes etc etc from chip with ease.
How ever its when chip is alive or simply t=1 when it get tricky .. first of all moment u go for t=1 stage it asks u for crypto keys to open chip directory .. which off course we dont have as those keys are generated by hsm in bank separately for each transaction .. its a public key where half is from chip and half is from hsm of merchant.
lol i should better stop before this get too technical
I hope u understood the basics ...
any ways point is as long as u have valid track 2 and pin .....cashout is never a problem as long as card has money inside it and bins are not blocked coz of region.
@ninja if it gets too hot for normal viewing pls move the thread to safe section or edit my post .. lots or preying eyes here
Last edited:
Yeah im talking about the DDA chip aspect (sorry english is not my first language) nev3r0ng about the hacked cards, if the pos terminals in hacked network is taking the cards using chip then surely like i said there will be problems cashing out is what i was trying to say, of course if the cards were taking by magstripe then they would be cashable but then that would defeat the object of normal pos terminals taking chip so i think in this case its rare unless there are still using the old style... it all depends on the country , but i see what your saying and its making sense. I have some more things i would like to discuss, but like you say a lot of praying eyes so i'll keep to myself. You know your shit... thanks for the info. +1
Update: United kingdom banks have sent out a letter to all their customers saying that they will not allow you to use your card outside the united kingdom unless you call them to tell them your going abroad most cards are already like this but soon most banks will be, this will take action shortly.
Netherlands has recently locked mostly all their cards to usage only within their country.
Austria also has a similar deal, i wonder how many more country's will follow this?
HOT eu working countrys:belgium, italy, swiss, turkey, germany
Netherlands has recently locked mostly all their cards to usage only within their country.
Austria also has a similar deal, i wonder how many more country's will follow this?
HOT eu working countrys:belgium, italy, swiss, turkey, germany
Last edited:
From now on ALL d+p cashing services will be able to post any advertising only on payment form or only VERIFIED will be there for free.
Because person is potentially dangerous to community (i dont speak about sinister itself) if he:
a) dont have money to pay for advert, means hes newbie and hungry for money
b) dont have history of succesull deals.
+ i see like 1 new advert about cashing D+P everyday. so we have overfeeded market with this service and we will regulate it manually.
Closed.
Because person is potentially dangerous to community (i dont speak about sinister itself) if he:
a) dont have money to pay for advert, means hes newbie and hungry for money
b) dont have history of succesull deals.
+ i see like 1 new advert about cashing D+P everyday. so we have overfeeded market with this service and we will regulate it manually.
Closed.
Similar threads
