Delfigo Security - Strong Authentication

  • Increase font size
  • Default font size
  • Decrease font size
Home Identity Theft How Are Chip and Pin Enabled Cards Vulnerable?

How Are Chip and Pin Enabled Cards Vulnerable?

We know that magnetic strip cards, the standard for credit cards in the US, is going to change. EMV, or "Chip-and-PIN" cards are coming, and will become the new norm. The changeover is touted as a way to improve security and reduce fraud, and has been widely adopted and accepted outside the US. In October of 2015, Visa will impose a "liability shift", making the party involved in the transaction (the retailer or vendor), responsible for fraud when it happens when the customer does not use EMV.

Ross Anderson of Cambridge University spoke about how this will effect fraud, and vulnerabilities that will survive the shift in Las Vegas this week at Black Hat 2014. Anderson warned: “Banks believed that replacing magnetic strips with an alternative such as chip and PIN that they would be able to cut fraud...Fraud went up, however, then down, and now it’s up again. The overall effect is as if they’ve taken a bulldozer to the landscape; the river of crime is still flowing, just from slightly different channels.” ThreatPost provided further analysis, highlighting the fact that new security flaws are introduced when the security of a transaction relies on a PIN.

Security for PINs themselves will need to increase, as will the other security factors that are used with them.