[Gllug] OT - chip & pin
John Winters
john at sinodun.org.uk
Mon Apr 3 13:02:37 UTC 2006
On Mon, 2006-04-03 at 13:20 +0100, Paul Rayner wrote:
[snip]
> The PIN (in encrypted form) *is* stored on the card (as not all readers
> can always be online - you can see this by the number of readers that
> return "PIN OK" immediately). I've always thought this makes a bit of a
> mockery of the security of the PIN (three strikes and you're out etc.)
> because all a crook would have to do is hack (or make) a terminal so
> that it allowed unlimited tries whilst offline. Brute forcing a 4 digit
> code when you have immediate validation isn't exactly hard!
It's a long time since I had any involvement with the workings of these
things, so my information may be out of date, but the whole point of the
chip was meant to be to prevent this sort of thing.
Yes, if your PIN is stored (even encrypted) on the mag stripe then
extracting it is fairly straightforward.
The point of the "Chip" part of the equation was meant to be that there
is intelligence on the card. This intelligence is only available (i.e.
powered up) when the card is in a reader but the reader can only ask the
on-card processor questions (not instruct it) and the on-card processor
can behave intelligently.
Thus if a reader keeps saying, "Is this the PIN?", "How about this
one?", "Well, how about this one?" the on-card processor eventually goes
into sulk mode and starts refusing all of them, regardless of whether
they're right or not.
Now whether it was actually implemented this way I don't know - perhaps
they removed this intelligence to save money, but if they did it rather
defeats the point of Chip and Pin.
John
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list