Not sure how the KPLC implementation works but all the details of the standard used in South Africa is available online: http://www.nrs.eskom.co.za/nrs/specifications/nrs%20009-6-7%20%282.2%29.pdf The system uses cryptography to make it difficult to create fake vouchers. They also use a timestamp in the recharge code and the meter keeps track of the last timestamps used so that you can't use the same code twice. In South Africa at least, you can all the info you need to reverse engineer the firmware online but you would still need the encryption keys. If you could get your hands on the encryption key you probably would already have someone on the inside who could just send you codes or get you the code generating software. Besides, you would imagine that KPLC could monitor the power actually used and cross check that against codes purchased for your meter to detect fraud. Although it is probably easier just to splice out the meter than it is to generate fraudulent recharge codes. Josh On 4/23/2012 6:53 PM, skunkworks-request@lists.my.co.ke wrote:

Message: 1 Date: Mon, 23 Apr 2012 18:41:58 +0300 From: gisho<gichuhie@gmail.com> To: Skunkworks Mailing List<skunkworks@lists.my.co.ke> Subject: Re: [Skunkworks] How prepaid power works Message-ID: <CAEoband=aKwfYXwX_kYAMxrc-Zj3cnRvBdmvsLVZ8W4cxpX0qg@mail.gmail.com> Content-Type: text/plain; charset="iso-8859-1"

Thanks, i had thought of that but it seems so venerable to hacks by just reverse engineering the firmware.

-- -erastus Nairobi Kenya