[Gllug] Chip and PIN
Alain Williams
addw at phcomp.co.uk
Wed May 10 15:22:35 UTC 2006
On Wed, May 10, 2006 at 04:16:02PM +0100, Lyons, Myke wrote:
> > And it goes without saying: biometric protection will be no safer. All
> > that will be needed is to pull the fingerprint/retinal scan data from
> > the "send" side of the terminal...
I think that (properly implemented) that C&P could be safer:
* integral keypad & card reader/holder - so that the pin doesn't leak out
* I don't fully understand it but think that once activated the C&P card then
engages in an AKA SSL connection that authenticates the transaction.
* high sheilding round the keypad so that your key presses can't be seen by 3rd parties
& video cameras, etc. Most of the ones that I have seen have 'sheilds' that are 1/3 inch
high -- what a joke!
I do not have much faith in most implementations.
--
Alain Williams
Parliament Hill Computers Ltd.
Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256 http://www.phcomp.co.uk/
#include <std_disclaimer.h>
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list