Banks 'tried to censor study on chip and PIN flaw'

A CAMBRIDGE University professor has accused the banking experts of making a "very nasty attempt at censorship" over a flaw in chip and PIN technology.

The UK Cards Association (UKCA), which represents the big banks, wrote to the university to try to remove the online publication of research that shows how a 20 hand-held device could be used to buy goods without entering the correct PIN.

Ross Anderson, professor of security engineering at Cambridge's computer laboratory, said: "This was absolutely unacceptable. It was a very, very nasty attempt at censorship."

Hide Ad
Hide Ad

He said exposing vulnerabilities in the system was an example of "responsible disclosure" and said the industry had been guilty of "sitting on their butts and doing nothing" since he and fellow scientists first revealed the flaw in late 2009.

A UKCA spokeswoman said it had written to Cambridge "not to challenge the work of the university's security academics but only to challenge whether publishing explicit details of how to attempt a fraud - one which there is no evidence of a fraudster yet undertaking - is necessary and serving the public's best interest".

She added: "We remain hopeful the academics concerned will work with us rather than against us to help defeat the fraudsters."