[Dave Birch] I went to Cambridge to hear a couple of talks on the state of payment card security. David Ware from RFI Global concentrated on contactless security. With the imminent start of contactless payment trials in the UK, this is important to us and our clients right now. Mike Bond from Cryptomathic gave a good overview of EMV security. This is a hot topic in the UK because of the media reports of the “Shell” breach and card cloning.

Technorati Tags: , , ,

David reinforced the feasibility of relay attacks against contactless systems and in the subsequent discussion, it seemed to me that me people felt that serious fraudsters would begin investing in this soon, so the industry needs to take it seriously. On the EMV side, Mike put forward the common sense proposition: so long as the industry puts “legacy” magnetic stripes on the cards so the fraudsters will continue to attempt to obtain the data necessary to make magnetic stripes cards and use them in non-EMV territories as this is simply the path of least resistance.

Afterwards, Smartex had arranged for us all to go punting. It was a beautiful day so I can’t resist posting a couple of pictures. Here I am with Mike Bond, discussing the relative merits of chip vs. stripe attacks in mature EMV markets like the UK…

DSC00123

This was the scene while the assembled throng discussed the relay (“ghost and leech”) attack on contactless terminals and worthwhile countermeasures…

DSC00128

Leave a Reply


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
%d bloggers like this: