I Dissolved My Credit Card To Understand How It Works
What connects a Cold War spy device hidden inside a wooden plaque to the credit card in your wallet? By dissolving credit cards in acetone and tracing payment technology back to CIA counter-surveillance operations, this investigation reveals how modern contactless payments evolved from Soviet espionage tactics. The security features designed to protect your money may be more vulnerable than you think — especially when it comes to stealing thousands of dollars from a locked iPhone. Can a simple tap really drain $10,000 without unlocking the phone?
Pontos-chave
Contactless payment technology directly descends from «The Thing», a Soviet bug that required no battery and remained undetected in the US ambassador's office for seven years by using radio waves for both power and data transmission.
Magnetic stripe cards revolutionized payment speed in the 1970s but were trivially easy to clone — a vulnerability that enabled fraudsters to steal millions and build criminal empires before chip-and-pin finally arrived in the 2000s.
EMV chip cards use cryptographic keys buried deep in silicon to generate unique codes for each transaction, making them nearly impossible to clone — but the added security increased transaction times by over 10 seconds, costing the US economy an estimated 116 million hours per year.
Contactless NFC cards can be read through pockets from two centimeters away, and while transaction limits protect most users, the US has no cap — meaning a digital pickpocket could theoretically drain thousands in a single tap.
Mobile wallets appear to offer the best security by combining contactless convenience with biometric locks, but new vulnerabilities may allow attackers to authorize large payments from locked phones — a threat explored in the video's upcoming sequel.
Em resumo
Credit card technology has oscillated between speed and security for decades, from magnetic stripes to chips to contactless NFC — but each convenience feature opens new fraud vectors, and today's mobile wallets may not be as secure as banks claim.
The Soviet Bug That Launched a Payment Revolution
A Cold War listening device with no battery became the blueprint for contactless cards.
In 1945, Soviet schoolchildren gifted the US ambassador a hand-carved plaque concealing «The Thing» — a listening device with no battery or power source. It remained undetected for seven years because it only activated when the Soviets blasted it with radio waves from outside. The device used a resonant cavity whose frequency changed as sound vibrated a diaphragm, modulating the reflected radio signal to carry conversations back to eavesdroppers. When the CIA finally discovered it in 1952, they kept the find secret and reverse-engineered the technology for their own use.
This same principle — using radio waves to both power a device and extract data — would eventually evolve into RFID and near-field communication. Leon Theremin, the inventor coerced into building the bug while imprisoned in a Gulag, had unknowingly created the foundation for modern contactless payment. The CIA's Project Easy Chair refined the concept by adding a rectifier and amplifier, hiding listening devices inside furniture legs at the Soviet embassy in the Hague. Decades later, engineer Mario Cardullo adapted this for toll booth tags, and by the 2000s, the same technology powered credit card tap-to-pay.
Inside a Dissolved Credit Card
Acetone reveals the antenna coil and chip that enable contactless transactions.
“Watch what happens if you take a credit card and stick it in a beaker of acetone. This is one that we started about 30 minutes ago. That's a credit card from 30 minutes ago? Why does it look — okay, so I see this like frame on the inside now. That's the antenna. And the chip right there in the middle.”
The Evolution of Card Payment Technology
Credit cards cycled through three phases, each balancing speed against security.
Embossed cards (1958–1970) Bank of America's BankAmericard required physical imprinting onto slips mailed to banks for approval. Transactions took days, and counterfeit fraud cost banks $100 million annually by the late 1960s.
Magnetic stripe (1970–2000s) IBM engineer Forrest Parry invented the mag stripe after his wife suggested ironing magnetic tape onto plastic. Transactions became instant, but static data made cloning trivial — fraudsters built empires swiping cards.
Chip-and-PIN (2003–present) EMV chips generate unique cryptographic codes per transaction using keys buried in silicon. UK counterfeit fraud fell 63% over seven years, but transaction times doubled, costing the US 116 million hours annually.
Contactless NFC (2005–present) Near-field communication uses magnetic fields to power and communicate with cards. COVID-19 accelerated adoption: global contactless transactions grew 40% in Q1 2020, and US usage surged 150% that year.
How Chip-and-PIN Cryptography Works
The Criminal Economics of Mag Stripe Fraud
A former fraudster ran 300 restaurant employees to skim thousands of cards weekly.
“I'd give them a grabber, and I'd just say to them, «Just swipe the numbers. Just when someone comes to pay, swipe their card, then swipe that one on there.» You know, I'm gathering thousands and thousands of numbers weekly. But I'm also becoming a wholesaler of the numbers. You know, at 16, I was paying loads of people 300 quid a week wages. I had half a million quid under my bed, didn't I, at 16? It's crazy how easy it was.”
Contactless Vulnerability: Digital Pickpocketing
NFC cards can be read through pockets, and the US has no transaction limit.
Contactless cards communicate via near-field magnetic induction, which requires proximity of about two centimeters. This enables «ghost tapping» or digital pickpocketing: an attacker with a hidden reader can extract card data through clothing. While the cryptographic protections prevent cloning, the attacker can still authorize a real transaction if close enough. In 2025, a woman was arrested in Rome for tapping tourists' cards in crowded streets, potentially draining accounts one transaction at a time.
Most countries impose transaction limits — the UK caps contactless at 100 pounds — but the United States has no such restriction. That means a single tap could authorize thousands of dollars. Tony Sales imagines embedding readers in subway turnstiles or narrow walkways, harvesting hundreds of cards daily. Countermeasures include Faraday cage wallets, carrying multiple cards together to interfere with reads, and enabling real-time bank notifications. But the safest approach may be abandoning physical cards entirely for mobile wallets — though even those have emerging vulnerabilities.
Key Fraud Statistics
Credit card fraud costs and adoption timelines reveal security trade-offs.
The Mobile Wallet Paradox
Phones combine biometric security with contactless speed — but may enable $10,000 thefts.
The Mobile Wallet Paradox
Mobile wallets appear to solve the contactless vulnerability: real card numbers aren't stored, and biometric locks prevent unauthorized use. Yet the video teases an upcoming demonstration where $10,000 is drained from MKBHD's locked iPhone using only a standard payment terminal. This suggests that the layering of convenience features — automatic small-transaction approval, Express Transit modes, or merchant-initiated billing — may have created exploitable gaps even biometrics can't close.
Pessoas
Glossário
Aviso: Este é um resumo gerado por IA de um vídeo do YouTube para fins educacionais e de referência. Não constitui aconselhamento de investimento, financeiro ou jurídico. Verifique sempre as informações com as fontes originais antes de tomar decisões. O TubeReads não é afiliado ao criador do conteúdo.