It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
a team of computer scientists at Cambridge University has found a flaw in chip and pin so serious they think it shows that the whole system needs a re-write.
"We think this is one of the biggest flaws that we've uncovered - that has ever been uncovered - against payment systems, and I've been in this business for 25 years," Professor Ross Anderson from the Cambridge University Computer Laboratory said.
"This is a flaw in a system that's used by hundreds of millions of people, by tens of thousands of banks by millions of merchants," he added.
In essence the Cambridge researchers have discovered a way to carry out transactions without needing to know a card's pin.
It makes the terminal think the correct pin has been entered, and the card think the transaction was authorised with a signature," Dr Saar Drimer, one of the Cambridge team, explained.
Following the attack we approached the Co-Operative Bank, Barclays and HSBC - which also administers the John Lewis card - for comment.
All three stressed that this was an industry-wide issue, not specific to any particular to any provider, that their cards were no different to those offered by any other provider or bank, and each referred us to the banking trade association for further comment.