Thursday, February 11

Chip and PIN Vulnerabilities Documented

There is a significant research document that's been published publicly on some issues related to the new Chip and PIN standard. Looks like the vulnerability is associated with a lack of coordination between each of the organizations involved.

The attack although sophisticated is easily used by individual's with no technical understanding of the attack simply a "wedge" inserted between the card and the POS device.

Considering that these cards are all being migrated to by Canada's largest card issuers, this is a big issue. I have not yet confirmed that this affects chip and pin cards issued in Canada.

Link to press release-http://www.cl.cam.ac.uk/research/security/banking/nopin/press-release.html

Link to technical paper-http://www.cl.cam.ac.uk/research/security/projects/banking/nopin/oakland10chipbroken.pdf
Post a Comment