Thursday, January 10, 2008

Chip and PIN: Bank Cards Easily Attacked - Only 'Martians' Are Safe

Liam Tung writes on ZDNet Australia:

Since the introduction of mandatory chip and PIN cards in the UK, banks have increasingly turned down fraud victims claiming compensation on the grounds that such chip-embedded smartcards cannot be cloned.

Chip and PIN has been heralded as the way forward for card security, with Westpac recently issuing them to customers, and with more banks set to roll out the cards once compatible terminals become more widely deployed in Australia.

However, Cambridge PhD students and security researchers, Steven J Murdoch and Saar Drimer, showed at a recent conference in Germany that the cards do not need to be cloned to be compromised -- a situation that has ruffled the feathers of banks, which rely on the UK's Banking Code of Practice to deny compensation claims if the fraud victim has been deemed to have compromised the security of their card.

The ability to reject such claims relies on the presumption that cloning is the only manner in which fraud can occur on the smartcard, which, according UK banks, is simply impossible.

More here.

posted by Fergie @ 1/10/2008 11:25:00 PM

0 Comments:

Post a Comment

<< Home