Martin's selection of few interesting IT Security, Privacy, and free tools from the Net: Hacking Chip-and-PIN is not "improbable" (according to EMVCo and the UK Cards Association) anymore.

Tuesday, October 20, 2015

Hacking Chip-and-PIN is not "improbable" (according to EMVCo and the UK Cards Association) anymore.

All truth passes through three stages.

First, it is ridiculed.

Second, it is violently opposed.

Third, it is accepted as being self-evident.

— Arthur Schopenhauer, German philosopher (1788 – 1860)

From the article:

When in 2010 a team of computer scientists at Cambridge University demonstrated how the chip and PIN system used on many modern payment cards can be bypassed by making the POS system accept any PIN as valid, the reaction of the EMVCo and the UK Cards Association was to brand the attack as "improbable".

The FUNcard chip was programmed to intercept the POS systems' PIN query and return an answer that says that the PIN is correct.

The card itself didn't look suspicious - the "double" chip still allowed the card to be inserted into POS systems.

Thusly modified cards were used in France by a group of fraudsters that were ultimately arrested in 2011 and 2012 because they repeatedly used them at the same few locations.

According to Wired, the French authorities estimated that before getting arrested, they managed to spend nearly 600,000 euros.

For More info:

http://www.net-security.org/secworld.php?id=19003

Martin's selection of few interesting IT Security, Privacy, and free tools from the Net

Tuesday, October 20, 2015

Hacking Chip-and-PIN is not "improbable" (according to EMVCo and the UK Cards Association) anymore.

No comments:

Post a Comment

Popular Posts

Categories

Blog Archive