New flaws in chip and pin system revealed

    Date11 Feb 2010
    Posted ByAlex
    Most of us do not think twice about paying for something in a high street shop by keying in our pin. It is easy, fast and in most cases it works. But scratch a little under the surface and there are persistent reports of people who say they have been the subject of fraud of one kind or another on their credit or debit card. Now a team of computer scientists at Cambridge University has found a flaw in chip and pin so serious they think it shows that the whole system needs a re-write.

    Over the past few years, the Cambridge team has uncovered a series of weaknesses in the system, which has been running since 2004.

    Shockingly simple

    Two years ago, we featured one on Newsnight showing that criminals could tap into the communications between a pin terminal and a customer's card, and read off sufficient information to create a cloned card.

    Now, the same team has found a way round the chip and pin system that is so simple it has shocked even them:

    "We think this is one of the biggest flaws that we've uncovered - that has ever been uncovered - against payment systems, and I've been in this business for 25 years," Professor Ross Anderson from the Cambridge University Computer Laboratory said.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.