Don’t pin your hopes on it
01 March 2010
Scientists at the Cambridge University Computer Lab have uncovered a flaw in chip and PIN technology.
Jay Abbott, One Security, PricewaterhouseCoopers LLP (PwC), comments: “Essentially, what the scientists have come up with is a very effective and simple way of exploiting weaknesses in the system. However, it is important to bear in mind that the fraud requires a very specific scenario to become effective. A number of electronic components are involved that require concealment, therefore the fraudster must remain in contact with the card at all times. A simple process change by the retailer of asking for the card holder to hand over the card would break the circuit, although this possibility can be eliminated if the card reader is fixed to a point on the other side of the counter. One of the motivations for introducing chip and pin in the first place was to give consumers extra protection by limiting the chance of a sales assistant being able to ‘skim’ the card and duplicate it for fraudulent purposes. Also, it is important to note that it only affects transactions where the fraudster visits the retailer in person and does not work online or on ATM transactions, where different forms of authentication are required. At present, the customer is accountable for the fraud as banks argue that pin verified transactions are secure. Given this attack demonstrates a clear method of bypassing the pin system, this assertion by the banks stands on shakier ground.”
Contact Details and Archive...
Related Articles...
Most Viewed Articles...