New security flaw in credit card chips revealed

Discussion in 'other security issues & news' started by hawki, Aug 3, 2016.

  1. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    "...Computer security researchers at the payment technology company NCR demonstrated how credit card thieves can rewrite the magnetic stripe code to make it appear like a chipless card again. This allows them to keep counterfeiting -- just like they did before the nationwide switch to chip cards...

    This glaring hole in EMV, the chip-based system, is possible because of the way many retailers are upgrading their payment machines: They're not encrypting the transaction....

    ...This latest research shows that retailers could spend millions of dollars upgrading to EMV and still not protect their customers from a massive credit card theft like the Target and Home Depot hacks two years ago...."

    http://money.cnn.com/2016/08/03/technology/credit-card-chips-flaw/index.html
     
  2. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,594
    ACH should setup verification paradigms ensuring encrypted payloads are passing - OR invalidate completely. Could this hole be any easier to plug, or what? Secondly, and so obvious, remove ALL strip activity from POS machines. Answer this question: If the USA (and elsewhere) is now on chip technology why would anyone still be using a magnetic strip for anything other than careless, stupid, virtually criminal negligence.

    I could fix and eliminate the entire issued instantly. I wouldn't be too popular, but we'ld all be much more secure.
     
Loading...