Ad: Manage updates with the Download App
ie8 fix

Chip-PIN defense is 'broken,' say researchers

A flaw in the protocol underlying chip-and-PIN transactions allows an attacker to push through a purchase without a valid PIN.

by

Chip-and-PIN readers can be tricked into accepting transactions without a valid personal identification number, opening the door to fraud, researchers have found.

Researchers at Cambridge University have found a fundamental flaw (PDF) in the EMV--Europay, MasterCard, Visa--protocol that underlies chip-and-PIN validation for debit and credit cards.

As a consequence, a device can be created to modify and intercept communications between a card and a point-of-sale terminal, and fool the terminal into accepting that a PIN verification has succeeded.

Read more of "Chip and PIN is broken, say researchers at ZDNet UK.

CNET on Cars
Top 5 Coolest Concept Cars
During the summer 2013 lull in the international auto show calendar, we take time to rank our favorite high tech concept cars so far this year.
Play Video
 

Member Comments

Add Your Comment
ie8 fix