Breaking Safaricom Scratch Card Code

Almost two years ago, Safaricom Ltd extended the scratch card code from 12 digits to 16 in-order to increase the computational time required to break the code thereby making them more secure. However, system theory acknowledges that systems expose their weaknesses at points of change. I set to find out if the move to higher dimensionality introduced a weakness in the scratch card hidden reload number. To begin the analysis I formulated the following assumptions to guide me in the process.

  • The grouping of the hidden reload number into four digits does not reveal the mechanics of the number generator.
  • Increasing the hidden reload number by a factor of four digits provides more data for statistical analysis.
  • The hidden reload numbers are separated into groups of four digits only for the purposes of ease of reading.
  • The hidden reload number represents a 16 digit number generated by a random number generator.

With the assumptions in place I set to curate the data set, my collection of scratch cards came in handy (448 in number). In understanding each digit has relevance with its position, I created a data set with 16 variables each holding the positional value of  the digits as shown below with an additional column of sum of the digits.

Safaricom

Now, here is where everything get’s interesting, mapping the sum of digits produces a near perfect normal distribution as shown below. According to the Central Limit Theorem, the sum of n independent and identically distributed random variables tend to be normally distributed as n becomes sufficiently large. In layman language, it simply means we have proved that the digits are indeed randomly generated which confirms my third and fourth assumptions.

Normal Distribution

Next, I asked the question, what if within the digits there is a pair that is  linearly or otherwise dependent. So, I set my favorite software WEKA to find any rules within the data in a process known as association mining.  Running the apriori algorithm with default settings produced results shown below:

WEKA Results

From the results I knew I was onto something, there is a relation between the third and sixth digit with a confidence interval of 1 (meaning the rule always works). To better understand the relation I loaded the dataset to R statistical analysis software and used the plot() function to visually inspect the relation between the two variables. The diagram below made me go Bazinga! It is a linear equation.

Three vs Six

If X > 0, Y=X-1, otherwise Y = 9. Simply put, if the third number in the scratch card is greater than 0 then the sixth number is the third number minus one, but if the third number is 0 then the sixth number is 9. Pick up any card and test the formula, in a cryptanalytic sense, I’ve broken part of the code used to generate the hidden reload number of Safaricom scratch cards.

scratch card

Download the dataset here https://www.dropbox.com/s/dvkpoq35u9bmy2t/Hidden.csv?dl=0

Advertisements
  1. WTF! you mean its a fact?
    Lemme try it out, have gat bamba 10. lol

    Like

    Reply

  2. Its a fact,true statistics.Still working on 14 digits.

    Like

    Reply

  3. i have nt understood please sent me how i can now create the digits after your assumption…

    Like

    Reply

  4. sir,,could you tell me which course should i undertake and in which university …..would like to speak the same language as you…..”weka,,R,,Sas,, blablabla…otherwise it won’t be amiss saying .u r great nigga..

    Like

    Reply

  5. also give me hints on what should i expect 2b .aft the course…thanks

    Like

    Reply

  6. how can i get the codes nigga???

    Like

    Reply

  7. cool kid. there is only one question. when i look at the equation i wonder how if you reverse the equation given a random digit, the result is always fascinating. so why not split the numbers and see the magic. Safaricom wishes we assume the number is one but actually there is more than one generator whose a logarithm is quit simple.

    Like

    Reply

  8. […] data of his Airtel scratch card collection and asked if I could perform a similar analysis to the Safaricom blog post.  I was up to the ask and  opted to apply a couple of techniques I’ve been trying […]

    Like

    Reply

  9. Am nearly gettin 3 other digits and i guess it won’t take me 3 yrs before i break the codes…You can join me into this new orgnization am creating (M.U.I.T.I) Members United In Technology Innovation…follow me in fb #aul Muiti,whatsapp +254701729321,Email paulmuiti9@gmail.com and u will learn much more.

    Like

    Reply

  10. what about the formula of the overall digits………….thanks am almost there @

    Like

    Reply

  11. congrats! i will like u to inbox me the real procedure that u used to crack the credit cards.

    Like

    Reply

  12. Hi…. Enjoyed this blog …… Do you still go on with the analysis?

    Like

    Reply

  13. I’m a hacker too….wtf we collabo and do this together…email ezramwangi3@gmail.com…got some projects 2

    Like

    Reply

    1. Okay, send e-mail to the Get in Touch tab.

      Like

      Reply

  14. Criasly i dont understand all this concepts..

    Like

    Reply

  15. I really like it and have a great interest in computer security, and ethical hacking, but please guys don’t take this for granted. Do it only for educational purpose, not anything else.

    Like

    Reply

    1. Thank you, it’s all ethical.

      Like

      Reply

  16. u really challenged me and i went on to find other more relationship between the digits and guess what am almost there…i jus need a couple of hours to reveal the whole thing!

    Like

    Reply

  17. That was big mental exploration….am an undergraduate in applied statistics and by at most 2years I will make this my main case study.

    Like

    Reply

    1. Go ye and explore. Thanks.

      Like

      Reply

  18. hey orwa, I think this is interesting, have you ever recharged your sim using this idea

    Like

    Reply

  19. hit my email dude,,i have private conversation

    Like

    Reply

  20. can this work by used airtime scrach cards

    Like

    Reply

  21. whatsapp me just text hacker my number is 0707210794

    Like

    Reply

  22. hello….I think I got it….after several months of analysis.I finaly found out the alogarithm behind generating the codes.

    Like

    Reply

    1. Do share your analysis.

      Like

      Reply

      1. Hey orwa since I first read this article I have been in its hant bt not yet yeild….any proceedings in your side or any more steps ….???

        Like

      2. Hi Hulk,

        Unfortunately I haven’t had the time to perform further analysis. It’s my hope that others can pick up from my analysis and make progress.

        Regards

        Like

    2. Share your analysis I have also broken another part after collection of 50 Safaricom used recharge cards

      Like

      Reply

      1. All my analysis is shared on this blog. Do share yours!

        Like

  23. Hello guy I am currently doing my post graduate in Applied Statistics and have recently been wondering about the whole concept behind the randomization of the numbers used in credit cards as well as scratch cards. It is very awesome to find other people such as myself who are trying to break the code. I employ you to continue analyzing the whole concept and as I join in the research may we work towards success.

    Like

    Reply

    1. Thank you Michael for the encouraging words.

      Like

      Reply

  24. […] about 2500 mentions on Twitter and the blog stats were on steroids – you can read about this here. I guess this was me living up to my […]

    Like

    Reply

  25. Not yet got the concept…….
    Whatsapp +254710398529

    Like

    Reply

  26. Please send me the access at kanyiri01@gmail.com

    Like

    Reply

  27. can i get the app to my phone i like this teachings .nice one.

    Like

    Reply

  28. Blackowa you think the theory is still in place and working

    Like

    Reply

  29. based on all cards or just specific cards

    Like

    Reply

    1. Based on all scratch cards.

      Like

      Reply

  30. Ok Thank you..But i tried once and i could not make so i dont know why but may be i didnt get the theory well..May be you can explain to me Abit sir if you are willing to..i mean the third and sixth theory or may be another theory if there is

    Like

    Reply

  31. how, show me.

    Like

    Reply

  32. BLACKORWA,GOT ANOTHER BIG STUFF SOMEWHERE,WISH TO SHARE AND SEE WAY FORWARD, WHATSAPP 0717723863

    Like

    Reply

    1. Just share via e-mail.

      Like

      Reply

  33. Rodney sitienei June 13, 2016 at 5:06 pm

    I have now discovered the sequence of the first eight digits of the scratch card.
    step 1
    take cards that are attached and of the same denomination.
    step 2
    compare digits 1,3 &6
    step 3
    compare digits 2 , 4 & 7
    step 4
    compare digits 5&8

    Like

    Reply

  34. wow it is interesting how it works you really a top rank genious ,please share the ideas with me.

    Like

    Reply

  35. So if I work out the digits that will be a valid credit?

    Like

    Reply

  36. Get in touch with me on my email. We need to talk. Love your work.

    Like

    Reply

    1. Drop a message on the Get in Touch page. Thank you.

      Like

      Reply

  37. Get in touch with me on my email. I love your work. We need to talk.

    Like

    Reply

  38. i like this Orwa, send me your number, we work it out together 0702036850

    Like

    Reply

    1. HI? how is it going.. im interested

      Like

      Reply

  39. I love your work let’s talk on e-mail
    doguti1260@gmail. com
    kindly email me

    Like

    Reply

  40. hello guys…we need to form a group on whatsapp.my contact is 0707857731

    Like

    Reply

      1. Please I have not understood now email me on hw to create the other digits other than the 3rd and 6th..
        Email dlamarau85@gmail.com.. Please send

        Like

      2. Please inbox me

        Like

      3. help me understand please i have understood abt 3rd & 6th digits..
        bt how can i now make a credt i mean hw to deal with the remaining digits

        Like

      4. Douggy Akesh Lamarau October 17, 2016 at 9:40 am

        Hey Sterno help me please understand this

        Like

  41. Since you posted this, they have acquisitioned an algorithm from a German Company and other safeguards such as regional 16- digit codes, minimising the number of attempts and only activating the cards once it has reached the destination. Attempting to bruteforce their security network is hard man. The Chinese tried and were caught. The data set is invalid at the moment.

    Like

    Reply

    1. Interesting developments

      Like

      Reply

  42. Waaoh! That’s really #Magical. But, I really like it Men. It’s on your way to have the equation, to meet the #Solution challenge.
    It’s #Awesome
    Keep Up.

    Like

    Reply

  43. […] Breaking Safaricom Scratch Card Code | BLACKORWA – Breaking Safaricom Scratch Card Code. … if the third number in the scratch card is … I’ve broken part of the code used to generate the hidden reload number of … […]

    Like

    Reply

  44. Sir. Isaackh's The Great Gambler November 10, 2016 at 9:27 pm

    Atlast I Got There, My First Way Out Worked, Am Currently Enjoying 500 Airtime

    Like

    Reply

  45. genius!!

    Like

    Reply

  46. Haha Crazy Geeks in Kenya and yet they say Africans have no knowledge people like you should stand up and show what you can do… A flying car should originate from Kenya I see we have the right people.

    Like

    Reply

  47. Just asking… Can you know how to create safaricom bundles?

    Like

    Reply

    1. Have not figured that out yet

      Like

      Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Advertisements
Advertisements
%d bloggers like this: