Articles about chip and pin

Person using a card reader

UK chip and PIN readers fall ill: Don't switch off that terminal!

Updated A problem with credit and debit card readers has left some unlucky UK retailers staring at an error message rather than collecting cash. Register reader Toby Hewett noted that problems began from 7am yesterday, UK time, and sought assistance from payment processing giant Mastercard. The cash slinger popped out a message, seen …
Richard Speed, 15 Aug 2018

Mastercard armours its contactless cards against relay attacks

Elements of the payment card industry have introduced a new contactless payment card security feature, designed to defend against relay attacks. Relay attacks were first demonstrated nine years ago by a team of computer scientists Saar Drimer and Steven Murdoch. The pair also suggested how the security flaw can be mitigated …
John Leyden, 4 Aug 2016

Paying a PoS*, USA? Your chip-and-PIN means your money's safer...

The value of online fraudulent transactions is expected to reach $25.6bn by 2020, up from $10.7bn last year, according to a new study from industry analysts Juniper Research. The researchers predict that by the end of the decade, $4 in every $1,000 of online payments will be fraudulent. Juniper’s study, Online Payment Fraud: …
John Leyden, 3 May 2016
australian credit cards fraud contactless

Americans to be guinea pigs in vast chip-and-PIN security experiment

Black Hat 2014 Next year US banks will begin a wide-scale rollout of chip-and-PIN bank cards, just 11 years after the UK made it mandatory. In doing so, Americans will take part in a vast experiment to test chip-and-PIN against chip-and-sign when it comes to stamping out money thieves. Not every US bank is keen on the PIN system, so some …
Iain Thomson, 7 Aug 2014
Chip-and-PIN Tetris hack

Chip and SKIM: How dodgy crypto can leave shoppers open to fraud

UK academics today describe how criminals can forge chip-and-PIN card transactions and spend other people's money for free. The team of University of Cambridge experts say their technique exploits a cryptographic weakness in some devices implementing the EMV (aka chip'n'PIN) standard. And they're confident they've found a …
John Leyden, 19 May 2014
Orange Credit Card

Infosec bods scorn card-swiping Coin over security fears

All-in-one digital payments start-up Coin has issued a robust defence of its technology following criticism from an infosec firm. Coin offers a single combined credit/debit/loyalty/store card that's paired with a user's mobile phone. The Coin app requires that you take a picture of the front and back of the card, type in your …
John Leyden, 18 Nov 2013
The Register breaking news

Cambridge boffins: Chip and PIN cards CAN be cloned – here's how

Boffins at Cambridge University have uncovered shortcomings in ATM security that might be abused to create a mechanism to clone chip-and-PIN cards. The security shortcoming might already be known to criminals and creates an explanation for what might have happened in some, otherwise baffling, "phantom" withdrawal cases. Each …
John Leyden, 13 Sep 2012
The Register breaking news

Chip and PIN keypads 'easily fooled' with counterfeit cards

Black Hat 2012 Retail Chip and PIN devices might easily be attacked using a specially prepared chip-based credit card, according to security researchers. Researchers from British IT security company MWR InfoSecurity demonstrated the attack at a session during the Black Hat Security Conference in Las Vegas on Wednesday. MWR purchased the …
John Leyden, 27 Jul 2012
The Register breaking news

Schmidt sees NFC terminals everywhere

Eric Schmidt reckons a third of shops will be NFC enabled in 2012, but Google won't pay for the terminals – that's up to the credit card companies. According to Google's executive chairman, credit card companies will pay for the new terminals, with the critical mass of one in three to hit sometime next year and enabling Google …
Bill Ray, 23 Jun 2011
The Register breaking news

Visa's chip-and-PIN exemption rules given cautious welcome

Visa has relaxed its regulatory rules so that European high street merchants who capture at least three-quarters of their take through EMV-enabled chip-and-PIN terminals will no longer have to pass Payment Card Industry Data Security Standard (PCI DSS) audits every year. The programme, which will help high street shops to reduce …
John Leyden, 15 Feb 2011
The Register breaking news

Cambridge boffins rebuff banking industry take down request

Computer scientists from Cambridge University have rebuffed attempts by a banking association to persuade them to take down a thesis covering the shortcomings of Chip-and-PIN as a payment verification method. Omar Choudary's masters thesis contains too much information about how it might be possible to fool a retailing …
John Leyden, 29 Dec 2010
The Register breaking news

Banking industry worker faces cosh over anonymous rant

Anonymous comments dissing Cambridge University computer scientists for their research into security weaknesses with Chip and PIN have been traced back to a banking industry group worker who acted without the permission of his bosses. A commentard using the handle Scrutineer tore into research that demonstrated how it might be …
John Leyden, 24 Feb 2010
The Register breaking news

Industry groups leap to Chip and PIN's defence

Analysis Banking industry suppliers have lined up to defend Chip and PIN, following the release of research last week from Cambridge University demonstrating how cybercrooks might be able to bypass security controls on credit and debit card transactions in shops. A four man team from Cambridge University demonstrated how it might be …
John Leyden, 18 Feb 2010
The Register breaking news

Chip and PIN security busted

Security researchers have demonstrated a gaping security hole in Chip and PIN credit card authorisations which undermines trust in the technology as a means to verify retail purchases. Cambridge University security researchers have demonstrated how it might be possible to trick the card into thinking it’s doing a chip-and- …
John Leyden, 12 Feb 2010
The Register breaking news

Judge backs Halifax in Chip and PIN clone case

Halifax, the UK retail bank, has scored a victory in a closely-watched 'phantom withdrawal' case that put the security of Chip and PIN on trial. Halifax customer Alain Job sued the bank after he was held liable for making eight disputed cash machine withdrawals from his account. Job was left £2,100 out of pocket from the …
John Leyden, 5 Jun 2009
The Register breaking news

Cambridge security boffins slam banking card readers

Card readers for online banking are inherently insecure, according to a new study by Cambridge security researchers. Researchers Saar Drimer, Steven J Murdoch and Ross Anderson found a number of serious security shortcomings after reverse engineering the underlying protocol (called the Chip Authentication Programme or CAP) …
John Leyden, 26 Feb 2009
The Register breaking news

Merchants and punters cry foul over Verified by Visa

The Verified by Visa system is becoming harder to avoid, even for those with real doubts about its effectiveness in combating fraud. The experiences of Verified by Visa refusenik and Reg reader Steve reported in our earlier article on the system are being experienced by more and more Register readers. Both Verified by Visa ( …
John Leyden, 23 Oct 2008
hands waving dollar bills in the air

Organized crime tampers with European card swipe devices

Hundreds of card swipers used by retail stores across Europe are believed to have been tampered by organized crime syndicates in China and Pakistan, according to US National Counterintelligence Executive Joel Brenner. Brenner told The Daily Telegraph that criminals have doctored chip and PIN machines either during …
Austin Modine, 10 Oct 2008

Create a news alert about chip and pin, or find more stories about chip and pin.

Biting the hand that feeds IT © 1998–2018