The idea sounds great: Swipe a smart payment card through a parking meter instead of feeding it quarters and dimes, and reload the card with funds online or even automatically whenever you need a refill. Sounds like a change-free dream!

Or, better yet, you could just hack together a phony payment card and get free parking whenever you'd like it.

And that's exactly what hackers at this year's Black Hat security conference say they've done, creating a fake payment card that San Francisco's 23,000 electronic parking meters are incapable of distinguishing from the real thing.

Researcher Joe Grand says it took about three days and fairly limited experience with the smart card format to create a $1000 card that would never run out of funds. All it does is replay the signals that an authentic card uses when it makes a payment.

To do the hack, Grand simply recorded the electromagnetic waves that were generated when a real card was used on a parking meter, using an oscilloscope. A little trial and error is all it took to create a card that would play back the same waveforms to trick a parking meter into accepting it as a payment.

Chances are the hack is San Francisco-only for now. Other cities with computerized parking meters use different systems to run the payment system. They may very well be vulnerable also, but each city's meters would require their own reverse engineering process to hack. Still, it's probably safe to assume that most electronic parking meters in use today are vulnerable to some form of card tampering.

The only question is: How many people are already doing it?