It looks like you're using an Ad Blocker.

Please white-list or disable in your ad-blocking tool.

Thank you.


Some features of ATS will be disabled while you continue to use an ad-blocker.


New flaws in chip and pin system revealed

page: 1

log in


posted on Feb, 13 2010 @ 03:17 PM
This is intersting and I am surprised it has not taken anyone longer to discover, but this information released does not mean that nobody else has discovered it.

It may just have been released in order to alert everyone the the major amount of hijacked signals that have previously been unrported in order to 'keep the pezce' so that people continue to spend using their cards.

It seems perfectly clear that the use of cards is a method to phase out cash.

They purely want to know what you spend, where, when and on which items.

Profiling through your spending habbits is certainly something the banks would be interested in. You can't do this sort of profiling if everyone uses cash.
Without cash, you also limit 'criminal' activity, yet it seems clear that someone, somewhere, has worked out a way to bypass the entire system altogether.

According to what is said here, it does not take a genius to get the correct equipment to be able to do the things that are reported;

a team of computer scientists at Cambridge University has found a flaw in chip and pin so serious they think it shows that the whole system needs a re-write.

"We think this is one of the biggest flaws that we've uncovered - that has ever been uncovered - against payment systems, and I've been in this business for 25 years," Professor Ross Anderson from the Cambridge University Computer Laboratory said.

"This is a flaw in a system that's used by hundreds of millions of people, by tens of thousands of banks by millions of merchants," he added.

In essence the Cambridge researchers have discovered a way to carry out transactions without needing to know a card's pin.

It makes the terminal think the correct pin has been entered, and the card think the transaction was authorised with a signature," Dr Saar Drimer, one of the Cambridge team, explained.

Following the attack we approached the Co-Operative Bank, Barclays and HSBC - which also administers the John Lewis card - for comment.

All three stressed that this was an industry-wide issue, not specific to any particular to any provider, that their cards were no different to those offered by any other provider or bank, and each referred us to the banking trade association for further comment.

It seems apparent thatthe banks already know about this flaw and have done nothing to prevent it.... why?

Why would you allow a flaw like this to carry on? Is it because it would cost too much to fix? would it stop people spending altogether and crashing the system?
Are the banks so aware of this that they do not mind that a minority are ripping everyone off on a daily basis, yet the amount 'stolen' is insignificant to the amount of people that continue to use chip and pin type cards?

posted on Feb, 13 2010 @ 04:21 PM
I no longer use credit cards nor debit card. My payroll checks come to me and I cash them at the bank. I pay cash for everything.

posted on Feb, 13 2010 @ 04:28 PM
reply to post by Violater1

Me too, I have a building society account that allows money to come in but does not allow standing orders/direct debits etc....

So my wages go in and I draw out what I need.

My new landlord was shocked that I would not pay my rent by standing order...took me a while to express the fact that I use cash only.

posted on Feb, 13 2010 @ 10:00 PM
The ASIC (smartcard with a chip on board) technology used on new credit cards is the same technology that has been used for over 20 years to try and secure satellite TV receivers. It has always been hackable. People have always had access to free satellite from the guy you know down the street. Hackers have had 20 years to practice on this technology and now that real money is at stake every teen age geek is going to have access to your account and what ever other information is stored on the card's chip. Its a stalkers dream come true.

The banks have no interest in telling you what information is stored on your card, why they need it, or who has access to it. I will NEVER own a card with this technology on board.

Microsoft has spent countless billions in futility trying to secure information on PCs. How did the banks ever think that the information on these cards which are sprawled across the public domain would ever be safe.

top topics

log in