Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Chip and PIN vulnerability minor compared to on-line fraud potential.

Gridsure : 03 March, 2008  (Technical Article)
With researchers having uncovered vulnerability with POS terminals used with chip and PIN cards, GrIDsure points out the need for alternative to static PIN authentication methods.
The news that chip and PIN is not infallible has hit the headlines with Cambridge University researchers publishing results of successful attempts to obtain personal identification number (PIN) and credit card details from chip and PIN terminals.

While the report is a valuable reminder to the public and the industry that Chip and PIN is not perfect, GrIDsure, the developer of a revolutionary new approach to authentication argues that we must remain realistic about the threats.

"The Cambridge University researchers should be applauded for highlighting the vulnerabilities of Chip and PIN to the public, making them more aware of its potential dangers, whilst also reopening the debate within the industry," said Steve Howes, CEO, GrIDsure. "However, we should not get too carried away, and must look sensibly at the most common threats out there today."

At present, very few fraudsters are using the same technique demonstrated by the Cambridge researchers as there are other far easier and more cost effective methods available to them. Fraud on the UK's high streets has reduced since Chip and PIN was introduced, although the same cannot be said for online fraud and so called 'fraud abroad'. There will always be vulnerabilities with authentication systems, but no matter what you do to strengthen the POS terminal you will not overcome the basic problem of people shoulder surfing a static PIN number.

"Systems exist now that are more secure than current Chip and PIN methods and yet easier for the public to use," continued Howes. "It is time we stopped looking for the nirvana to end fraud once and for all, and instead concentrate on making practical and incremental improvements to tighten security - starting by addressing the static PIN number - which can cut down on fraud immediately."

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo