Postagens

Mostrando postagens de Abril, 2009

Credit Card Security: Say NO to Chip and PIN

Picture this situation: Visa sends you a letter with a new card. It has the "newest technology", a chip that is supposed to be much harder to clone than your old magnetic strip. The card has to be used with a four digit PIN that replaces the need to sign the receipt at the moment of the transaction.

All seems very well, you are impressed with VISA's concern for the security of your transactions and you think to yourself: Wow, Visa takes good care of their costumers. Wrong! The chip set cannot be replicated, but there are other ways in which it makes the costumer vulnerable. Worse ways.

See, if you need to sign the receipt when you buy something with your credit card, there is a way of knowing when it was not you who signed the paper. There are infinite possibilities for ways of signing your name, now, a four digit PIN has only 10 thousand possibilities. That is much less than infinite.

But that's only a detail. The big problem is that the costumer is not only vulnerable…