Cambridge University
researchers have again showed the fallibility of chip and Pin
technology, this time wirelessly cloning cards from
shops.
Saar Drimer and Steven Murdoch of the
Cambridge University Computer Laboratory will
tonight be seen on the BBC‘s Watchdog programme cloning a chip and Pin
card using a fake terminal in a shop.
The card is inserted into the fake terminal and the details of
the card are snatched and wirelessly sent to an accomplice outside
the shop.
The scam requires an insider at the retail outlet as well as the
accomplice who collects the data using a wireless connection.
UK payments association Apacs said there was no evidence this
method had been used in the UK.
With the stolen card details, the Cambridge researchers were
able to clone another card to enable them to make further
purchases.
The same researchers managed to get a chip and PIN terminal to
play Tetris earlier this year, to demonstrate how chip and PIN
terminals were not tamper proof.
The Watchdog programme will be shown at 7pm tonight.
Researchers demonstrate chip and PIN terminal insecurity
Comment on this article:
computer.weekly@rbi.co.uk
David Lacey’s
security blog
The latest ideas, best practices, and business issues associated
with managing security
Stuart King’s
risk management blog
Dealing with the operational challenges of information security and
risk management