Card Dump

A card dump (often just 'dump') refers to the raw data encoded on the magnetic stripe of a payment card — typically Track 1 and Track 2 data, which contain the card number, expiry date, cardholder name, and service codes. This data is harvested by skimming devices installed on ATMs or point-of-sale terminals, or through malware on payment systems that intercepts card data as it is processed.

Once captured, dumps are sold in bulk on dark-web carding forums and used to produce counterfeit cards through a process called 'card cloning' or 'dumping.' Criminals encode the stolen Track data onto blank cards using an MSR (magnetic stripe reader/writer) device and then use the cloned card at physical payment terminals, particularly at self-service checkout or in card-present transactions in countries that have not fully migrated to EMV chip technology.

EMV chip cards significantly reduce the value of dumps because the chip generates a unique cryptogram per transaction that cannot be replicated from the magnetic stripe. However, swipe fallback and older infrastructure still provide exploitation windows.