Chip & Pin Problems

Indy Article

Rather scary story about Chip & Pin security, suggesting usual security measures (card in sight at all times, not allowing others to see pin no.,etc), can be inadequate.

Scammers simply had to work out a way to crack the system... and they did. Last October, Dr Joel Brenner of the US National Counter-Intelligence Executive warned that hundreds of chip and pin machines in stores and supermarkets across Europe had been tampered with...

An organised crime syndicate was thought to have been behind the scam. It must have been an inside job as the machines were doctored, either when they were being built in China, or before they left the production line. Investigators call this “supply chain attack”. It needs slick engineers, too. Dr Brenner says the devices had been perfectly resealed after being taken apart and customised. “It was impossible to tell, even for somebody working at the factory, that they had been tampered with.”

From China, the doctored devices were shipped as normal to Britain, Ireland, the Netherlands, Denmark and Belgium, and were installed in many different outlets – typically with the help of an insider, such as a member of staff. Investigators from Mastercard International reportedly found doctored machines at branches of Asda and Sainsbury’s.
Chip and pin was only ever about protecting the card vendor, not the public. I wonder how this'll square up in the courts next time the firms try the 'our papers are in order' routine in a dispute over card fraud?

Similar threads

Latest Threads