Researchers Devise Chip and PIN Crack - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 14th, 2012

Linux Advisory Watch: May 10th, 2012

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Researchers Devise Chip and PIN Crack

User Rating:

How can I rate this item?

Source: ZDNet UK - Posted by Administrator

Here is a hugely popular article on LinuxSecurity.com from 2007 that is even more true today.

Two Cambridge researchers have devised a relay attack with a hacked chip and PIN terminal that could enable attackers to bypass bank card security measures.

Saar Drimer and Steven Murdoch, members of the Cambridge University Computer Laboratory, demonstrated in January how they could modify a supposedly tamper-proof chip and PIN terminal to play Tetris. They have now extended the hack to demonstrate how they can compromise the system by relaying card information between a fake card and a genuine one.

Chip and PIN, introduced last year, is a security measure in which a customer must enter a four-digit code when they use a credit or debit card. The researchers argue that the system is not as secure as the banking industry claims.

Details of the prototype attack were released on Monday. In it, Drimer and Murdoch demonstrate how a chip and PIN system could be compromised to steal diamonds.

Read this full article at ZDNet UK