[Gllug] Chip and PIN

John G Walker johngwalker at tiscali.co.uk
Thu May 11 12:18:48 UTC 2006


Thursday, May 11, 2006, 10:38:55 AM, Grzegorz Jaskiewicz wrote:

> On Thursday 11 May 2006 11:33, Alain Williams wrote:
>> On Thu, May 11, 2006 at 11:29:28AM +0200, Grzegorz Jaskiewicz wrote:
>> > pin pads, all, these days encrypt anything that goes off wire. Same
>> > applies to both banking machines, and pin pads connected to terminal in
>> > any shop. The only way someone can stole your PIN from the pad, is when
>> > you add one overlay on it that would capture it. And believe me, ppl did
>> > that in the past - at least for "The hole in the wall".
>>
>> What sort of encryption ? Are you suggesting that the supply of the PIN
>> to the card is encrypted ?

> I don't remember all details, but I remember reading about it. All those are
> standards, and are well documented. So probably googling for it will bring
> some results. 

The point is that the skimmer only works if it's fitted in the pad.
That's why the Shell scam involved people posing as engineers and
taking the pads away (and it was considerably more than one that got
taken away).

And that's why I suggested the weak link was not a technological one
but a human one. If taking pads away was subject to a strict
authorisation procedure, skimmers couldn't be fitted,

-- 
All the best,
 John


-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list