Tiny open-source gadget simulates replacement Amex cards, disables chip-&-PIN


#1

[Read the post]


#2

The banks won’t fix this until the law changes to make them fully responsible for fraudulent transactions, instead of the card holder. There simply isn’t a high enough cost to the banks.


#3

Actually, while it’s fun to pretend that poor customers are left holding the bag, in the vast majority of CC fraud cases, the banks do take the hit. However, that doesn’t make mean that fraud isn’t highly frustrating and annoying for the customer.

However, this is a choice that the banks have made because they are cognisant of the fact that the total amount of consumer hatred is far greater if good security measures cause them inconvenience than if a much smaller subset end up having to deal with fraud.

In general, the inconvenience of security measures is blamed on the banks, while the inconvenience of fraud is blamed on merchants and the criminals themselves. In essence, American banks are too consumer-focused to do security properly.

So, fraud does cost the banks a pretty penny. But they believe that losing customers by vigorously pursuing higher security will cost them more. There’s a reason that the US is the last developed country to move to chip, and even then, not to PIN.


#4

Yeah, and even Chip and PIN is broken, for similar reasons. The banks decided that leaving customers waiting for proper authentication was unacceptable, and so was the expenditure to provide the infrastructure to do it quickly and properly.


#5

The Canadian banks pretty much do chip and pin properly. But then all the Canadian banks are part of a (legal) cartel called Interac, which allows the banks to impose good security on the customers, since there’s essentially no where else the customers can go.

And frankly, the idea that good security is painless is a dream. The whole point of good security is that it prevents taking any shortcuts, including the shortcuts we take when things don’t work properly. Chip reader out of order - no sale. Communication with the bank down - no sale. HSM unit breaks down - no sale, etc., etc.

Security can certainly be done badly, and many security errors could be corrected without impacting the customer experience. But I’m amazed at the number of holes that are deliberately left in in deference to customer demand. As a Canadian, it boggles my mind that American consumers have this much power over their banks. I guess it’s that consumer choice thing.


#6

Chip and PIN as a protocol is broken, precisely because of the design considerations I mentioned. If the protocol were designed for security above anything else, it would be more like the CAC / PIV model used for US DoD and government ID cards.

The problem with chip and pin is that the system actually trusts the cards to be giving proper information, instead of doing asymmetric key verification with a central server. While the US is doing it worse by going with chip / sig, nobody is doing it right.


#7

Oh no. I hoped the whole thing will be at least hashed with the key stored in the card, and the PIN entered, and all the data then sent to the bank who’d have the last say if the transaction is valid or not.

This is… dumb.


#8

Welcome to the wonderful world of modern financial security!


#9

I really really hope that this guy is not living in the USA. Generally when you expose that the emperor is truly not wearing clothes, then the results are a bit different than the classic tale. I’m sure that amex has enough paid for connections at high levels to make sure that this guy gets a very dingy cell, and slow as possible trial…


#10

Why do I feel like we’re discussing encryption back in 1990?


#11

Because we are, this time as a farce.


#12

This topic was automatically closed after 5 days. New replies are no longer allowed.