I think you're pretty lucky to even be able to detect anything at all with javascript event listeners as you seem to imply....
Imagine the privacy intrusions we'd have all over (maybe already) if javascript stealthily downloaded from a web site could gain access to your microphone and/or microphone jack as you want to do. It might be possible, but the phone 'ifrastructure' is definitely designed to 'resist' this.
I think you're going to have to write an app that installs with user permissions to access the devices you need - otherwise the mic jack device is unlikely to be available to you.
BTW, credit card stripes are encoded in 7 bit, so if you are getting a string that looks 'encrypted' examine the unaltered string as 7 bit and it'll start making sense.