step 1: acquire card data via skimming, phishing, or buying dumps on the dark web. step 2: encode the stolen data onto blank cards using a magnetic stripe writer. step 3: test the clone at a low-risk location (e.g. self-checkout) to confirm it works. s