Computer experts find flaws in Chip and Pin

Published on 11/02/2010 23:34

FRAUDSTERS are exploiting flaws in the Chip and Pin system to use stolen cards, researchers claimed last night.

The group from the University of Cambridge's Computer Laboratory found that criminals can insert a "wedge" between the stolen card and terminal, tricking it into believing the pin has been verified, when any pin can be used for the transaction to go through.

The card, meanwhile, thinks it was authorised by signature.

Dr Steven Murdoch said: "We have tested this attack against cards issued by most major UK banks. All have been found to be vulnerable."

The discovery is likely to place question marks over Chip and Pin design and security. Victims of this type of fraud may encounter problems obtaining refunds from their banks as the receipt produced states "Verified by Pin".

Professor Ross Anderson said: "Over the past five years, thousands of cardholders have had stolen Chip and Pin cards used by criminals.

"The banks often tell customers that their pin was used and so it's their fault. Yet we've shown that it's easy to use a card without knowing the pin – and the receipt will say the transaction was 'verified' by Pin'."

"This is not just a failure of bank technology, it's a failure of bank regulation. The ombudsman supported the banks and the regulators have refused to do anything. They were just too eager to believe the banks."

News

Looking for...

Featured advertisers

Jobs

Search for a job

Motors

Search for a car

Make Model Price from Price to

Property

Search for a house

Buy Rent

Bedrooms Price from Price from Price to Price to

What is a Cookie?
What is a Flash Cookie?
Can I opt out of receiving Cookies?
About our Cookies

Cookies are small data files which are sent to your browser (Internet Explorer, Firefox, Chrome etc) from a website you visit. They are stored on your electronic device.
This is a type of cookie which is collected by Adobe Flash media player (it is also called a Local Shared Object) - a piece of software you may already have on your electronic device to help you watch online videos and listen to podcasts.
Yes there are a number of options available, you can set your browser either to reject all cookies, to allow only "trusted" sites to set them, or to only accept them from the site you are currently on.

However, please note - if you block/delete all cookies, some features of our websites, such as remembering your login details, or the site branding for your local newspaper may not function as a result.
The types of cookies we, our ad network and technology partners use are listed below:
- Revenue Science ►
  
  A tool used by some of our advertisers to target adverts to you based on pages you have visited in the past. To opt out of this type of targeting you can visit the 'Your Online Choices' website by clicking here.
- Google Ads ►
  
  Our sites contain advertising from Google; these use cookies to ensure you get adverts relevant to you. You can tailor the type of ads you receive by visiting here or to opt out of this type of targeting you can visit the 'Your Online Choices' website by clicking here.
- Webtrends / Google Analytics ►
  
  This is used to help us identify unique visitors to our websites. This data is anonymous and we cannot use this to uniquely identify individuals and their usage of the sites.
- Dart for Publishers ►
  
  This comes from our ad serving technology and is used to track how many times you have seen a particular ad on our sites, so that you don't just see one advert but an even spread. This information is not used by us for any other type of audience recording or monitoring.
- ComScore ►
  
  ComScore monitor and externally verify our site traffic data for use within the advertising industry. Any data collected is anonymous statistical data and cannot be traced back to an individual.
- Local Targeting ►
  
  Our Classified websites (Photos, Motors, Jobs and Property Today) use cookies to ensure you get the correct local newspaper branding and content when you visit them. These cookies store no personally identifiable information.
- Grapeshot ►
  
  We use Grapeshot as a contextual targeting technology, allowing us to create custom groups of stories outside out of our usual site navigation. Grapeshot stores the categories of story you have been exposed to. Their privacy policy and opt out option can be accessed here.
- Subscriptions Online ►
  
  Our partner for Newspaper subscriptions online stores data from the forms you complete in these to increase the usability of the site and enhance user experience.
- Add This ►
  
  Add This provides the social networking widget found in many of our pages. This widget gives you the tools to bookmark our websites, blog, share, tweet and email our content to a friend.
- 3rd Party Cookies ►
  
  We use Advertising agencies to provide us with some of the advertising on our websites. These include (but are not limited to) Specific Media, The Rubicon Project, AdJug, AdConion, Context Web. Please click on the provider name to visit their opt-out page.

Computer experts find flaws in Chip and Pin

Top stories

News