Chip and Pin is Broken

Chip and Pin, the protocol that protects your transactions in a shop, has been 'fundamentally broken'. It is subject to a 'man in the middle' attack. The original paper can be seen here, the attack was demonstrated on Newsnight last night (linked via sjm217) -see also their early thoughts on the issue as well as the more up to date post on the same site. Some electronics (which can be miniaturised to fit onto the stolen card, hence making the attack more portable) is connected to the chip on the card. When a wrong pin is entered, it sends a signal to the chip making it think that a verification by signature was given, and the reader things the correct pin has been entered. With a crooked retailer, the electronics need not be miniaturised.

This allows the transaction to proceed and hence for the cardholder to be robbed.

With Chip and Pin, the bank assumes it is secure, and so will not refund losses due to cardholder negligence - so this is a big problem.

Mark Bowerman, spokesman for UK Payments Administration, acknowledged the Cambridge researchers' paper, but rejected their conclusions.

"We are taking this paper very seriously, as maintaining excellent levels of card security is paramount," he said. "However, we strongly refute the allegation that chip and PIN is broken." (source)