Monday, April 26, 2010

No PIN Needed to Fool Chip and PIN Technology - Cambridge



University of CambridgeChip and PIN has come under further scrutiny today as research shows a vulnerability allowing criminals to use cards without the owner’s number.
By Jennifer Scott, 26 Apr 2010 at 15:47
Chip and PIN
Cyber criminals are able to abuse the Chip and PIN system, even without the cardholder’s four digits, according to new research released today.
The study by Cambridge University’s Computer Laboratory has shown that thanks to a protocol flaw a “man in the middle” attack is possible, whereby criminals can insert an electronic device between the card and the terminal, fooling it into believing the PIN is verified.
Eli Jellenç, head of international cyber intelligence at iD...


Disqus for ePayment News