Merchant Terminals Provide New Method For Stealing Customer's Credit Cards
March 4, 2008 by Mary Anne Simpson
UK based Timesonline reports a flurry of credit card fraud in the first half of 2007. Researchers at Cambridge found chip and PIN merchant terminals lack necessary security encryption. The merchant terminal can be programmed to capture pin and card numbers in order to produce a clone card. The programming takes only 10 minutes.
As reported by Timesonline recently, the popular use of chip and PIN cards has a fraudster in the mix. A merchant can program a chip and PIN terminal to capture all the information needed to create a clone card including the PIN number. Researchers from the Computer Laboratory at Cambridge who conducted the investigation found the vulnerability in the device. There are several reported instances, including an incident at a Shell garage.
The apparent vulnerability of the merchant terminals involves the manufacturer´s failure to build in the necessary encryption technology into the device. The specific encryption required is absent from the present terminal model. Thus, the card runs through the device unproteced.
APACS, the UK payment association in charge of the introduction of the chip and PIN technology acknowledged the possibility cited by the Cambridge researchers. An APACS spokesman stated, "We´re not denying this type of fraud is achievable, but there are easier ways of achieving the same type of fraud, including skimming cards and capturing the PIN using a pin-hole camera." This type of fraud is the current focus of APACS.
In January, 2008 Visa announced that all new cards issued would include a new chip-based technology called "ICVV". The technology is designed to alert banks and merchants when a clone card is being used for products or services. Unfortunately, not all banks have made the new cards available to customers.
According to the Cambridge researchers, the problem with the chip and PIN cards is systemic. According to Saar Drimer, one of the Cambridge researchers part of the problem is that lack of an independent evaluation device´s security technology. In fact, GCHQ a govenmental and industry comprised security group confirmed it had not certified the card system technology.
ASPACS says it tested the security of the device utilizing internationally accepted standards called the "Common Criteria." Further stating that other secure devices are tested using these same standards.
The manufacturer of the terminal device, Ingenico disputed the ease in which the device can be manipulated. Stating in pertinent part, " the method ... requires specialist knowledge and has inherent technical difficulties ... and not reproducible on a large scale."
Be that as it may, ASPACS reports losses resulting from credit card fraud rose 26 percent in the first half of 2007. The monetary loss is 263.6 million GBP.
-
Bogus training offer opens hacker doors to bank accounts
Feb 05, 2012 |
5 / 5 (5) |
3
-
Motorola sharpens Droid Razr with Maxx
Feb 02, 2012 |
1 / 5 (1) |
0
-
PayPal tests in-store payment system at Home Depot
Jan 06, 2012 |
not rated yet |
0
-
CNSE develops innovative laser-enabled electronic packaging technology
Nov 18, 2011 |
5 / 5 (2) |
0
-
Google wants to turn your smartphone into a wallet
Aug 10, 2011 |
not rated yet |
1
-
Engineers build first sub-10-nm carbon nanotube transistor
Feb 01, 2012 |
4.9 / 5 (33) |
30
-
Something old, something new: Evolution and the structural divergence of duplicate genes
Jan 31, 2012 |
4.6 / 5 (7) |
1
-
The hidden nanoworld of ice crystals: Revealing the dynamic behavior of quasi-liquid layers
Jan 30, 2012 |
5 / 5 (4) |
1
-
Stock market network reveals investor clustering
Jan 27, 2012 |
3.9 / 5 (23) |
8
-
Of microchemistry and molecules: Electronic microfluidic device synthesizes biocompatible probes
Jan 26, 2012 |
5 / 5 (2) |
0
-
How to calculate total compressibility in liquid porous solid system
5 hours ago
-
Need help reading 3-D
Feb 11, 2012
-
A way to send and receive wireless data
Feb 11, 2012
-
Calling function with no input argument
Feb 10, 2012
-
Force free body diagram problem on gym equipment
Feb 10, 2012
-
Empirical data regarding shower heads and water
Feb 10, 2012
- More from Physics Forums - General Engineering
More news stories
Google might launch Drive for cloud storage soon
(PhysOrg.com) -- Google's next big move, according to the Wall Street Journal, is a cloud storage service called Drive. Hardly first to the plate, Google is simply catching up to introducing its cloud reposi ...
13 hours ago |
4.8 / 5 (5) |
5
|
Iran blocks email, restricts net access: reports
Iran has further restricted access to the Internet and blocked popular email services for the past few days, in a move a top lawmaker said could "cost the regime dearly," media reports said on Sunday.
6 hours ago |
5 / 5 (2) |
3
Love a click away in Indonesia's Twitter Republic
He was a geeky kid from Yogyakarta, she a glamorous city girl in Jakarta. In a country with one of the world's most vibrant social networking scenes they fell in love on Twitter.
14 hours ago |
4 / 5 (1) |
0
Walney offshore wind farm is world's biggest (for now)
(PhysOrg.com) -- The Walney wind farm on the Irish Sea--characterized by high tides, waves and windy weather--officially opened this week. The farm is treated in the press as a very big deal as the Walney ...
Technology / Energy & Green Tech
Feb 11, 2012 |
4.1 / 5 (14) |
51
|
Navy to begin tests on electromagnetic railgun prototype launcher
The Office of Naval Research (ONR)'s Electromagnetic (EM) Railgun program will take an important step forward in the coming weeks when the first industry railgun prototype launcher is tested at a facility ...
Feb 06, 2012 |
4.5 / 5 (19) |
94
|
Scientists discover molecular secrets of 2,000-year-old Chinese herbal remedy
For roughly two thousand years, Chinese herbalists have treated Malaria using a root extract, commonly known as Chang Shan, from a type of hydrangea that grows in Tibet and Nepal. More recent studies suggest that halofuginone, ...
New method to examine batteries -- MRI from the inside
There is an ever-increasing need for advanced batteries for portable electronics, such as phones, cameras, and music players, but also to power electric vehicles and to facilitate the distribution and storage of energy derived ...
Overeating may double risk of memory loss
New research suggests that consuming between 2,100 and 6,000 calories per day may double the risk of memory loss, or mild cognitive impairment (MCI), among people age 70 and older. The study was released today and will be ...
A mitosis mystery solved: How chromosomes align perfectly in a dividing cell
Although the process of mitotic cell division has been studied intensely for more than 50 years, Whitehead Institute researchers have only now solved the mystery of how cells correctly align their chromosomes during symmetric ...
Lab study raises questions over nano-particle impact
Tests involving chickens have raised questions about the impact on health from engineered nano-particles, the ultra-fine grains commonly used in drugs and processed foods, scientists said on Sunday.
Starve a virus, feed a cure? Findings show how some cells protect themselves against HIV
A protein that protects some of our immune cells from the most common and virulent form of HIV works by starving the virus of the molecular building blocks that it needs to replicate, according to research published online ...
