Reloadable Debit Cards

From The Black OP Security Wiki

  Main Page >> Tutorial Directory >> Reloadable Debit Cards

Reloadable debit cards are debit cards that can have funds applied to them at future dates. You need an identity to get the actual plastic card activated. You should also have a safe mail box to get the card mailed to. Pretty much, you go into a store that sells the reloadable debit cards with a bunch of cash in hand. You give a clerk the money, and they give you a temporary card. The temporary card can't be used for much, it is just a number on cardboard, not actual plastic. You need to call and give an information (SS#, ETC) to active that card, and then the actual plastic card is mailed to you.

To active the card, you should clearly not use an info that has ties to you. You also should not use a phone that has ties to you. I suggest you read my tutorial about <a href="throwphone.html">throw away cellphones</a>. Also, you should have the card sent to a box registered with a fake ID, or an abandoned house or some such thing. Not to anyone connected to you!

Although you need infos and secure boxes to get the plastic card, it is very easy for people to send you money. They merely need to go into a store that sells reload packs, and hand the clerk some cash for one. The clerk loads the cash onto the reload card. Now, they can take the number off the reload card and send it to the person with the plastic card. The number should be sent encrypted in all cases, incase surveillance is being done on the communications channel. You do not want to get a persons card flagged, nor do you want to draw attention to yourself. I suggest people refuse reload card information that is sent to them with out encryption. The person with the plastic card can now take the number of the reload card, and can use it to apply funds to their plastic card online. This should be done behind Tor or similar proxies in all circumstances!

Greendot reloadable cards are only sold in the USA, but different countries are likely to have different reloadable cards. Parts of Europe, including Russia and I believe Germany, have Web Money Cards, which are like a mixture between reloadable debit card and E-currency.


When cashing out money from a reloadable debit card at an ATM, a great deal of care can be taken. Gloves should be worn, as should hats and long sleeved clothing. The plastic card should be free of fingerprints, some ATM machines can 'grab' cards, which could later be forensically analyzed. You should park at least a block away from the ATM you use, a better bet would be to use a taxi and be dropped off a block away from the ATM you plan to use.


There are creative systems that can be done with reloadable debit cards. Someone trusted with access to lots of identities and boxes can get cards in bulk, and resell them once they are activated. People buying pre-activated reloadable debit cards do not need safe boxes or access to identities, they just need a magstripe encoder and blank card stock. Here is the scenario:

One person gets many activated reloadable debit cards. They use a skimmer to get dumps of the magstripe information. Skimmers are usually used by people who commit credit card fraud. Essentially, they make a perfect digital copy of the information on a cards magstripe. The person can take this dump and encrypt it to a customers encryption key, then send them the encrypted dump. The person buying the activated reloadable debit card then decrypts the dump and uses a magstripe encoder to encode it to a blank card stock. The blank card is essentially the activated reloadable debit card now, as far as an ATM can tell.

For this system to work, the person selling the activated card information must be trusted to not keep a copy of the card themselves. If they keep a copy of the card, they could steal money intended for you. If they are trusted and destroy their copy of the card after selling it, this can be a good market for people with access to identities and boxes, and a great way for people to buy anonymous ATM cards that are easy to fund for customers.

Reloadable debit cards should be split up over regions. Time should be allowed to pass between funds being added and money taken off them as well. Remember, reloadable debit cards are not designed for money transfers they are designed to be used as actual debit cards. If the company providing the reloadable card sees it is being loaded by people over a wide area, and the money is immediately cashed out at an ATM, they will likely freeze the card and the assets loaded to it. For this reason, I suggest you use specific reloadable cards to cover different regions of the area you work. Also, if you only work regionally, reloadable debit cards can be the perfect solution. You should not move more than around $1,000 a month through a single reloadable debit card, or you risk it being frozen.