Stand up and take a bow, MBTA. The CharlieCard (actually a MiFare Classic) uses simplistic proprietary encryption that has been broken twice. Had the MBTA spent a few extra clams on the version that uses strong encryption, this wouldn't be an issue- and everyone is screwed, because readers installed in thousands of fareboxes aren't compatible with the better cards.