If companies or governments issue ID cards that can be authenticated with PINs, then this kind of fraud will be repeated, except that the bad guys will be stealing ID card PINs instead of bank card PINs. But what does that matter in a world of two-factor authentication, where the bad guys needs the cards and the PIN in order to execute an attack? After all, identity cards won’t have a magnetic stripe "fallback" option, so it’s hard to see how to get away with anything.
So, rationally, the Shell fraud doesn’t really mean much for ID fraud. Yet it is a very undermining kind of fraud. It tells members of the public that they cannot trust the terminals — of whatever kind — that they are putting their cards into. It’s really hard to know what to do about this, because unless terminals are in a wholly secure environment, they will always be subject to attack. And if the terminals are made wholly tamper-resistant, then they will simply be replaced by subverted terminals.
What is critical is that obtaining the card details and PIN does not enable an attacker to create counterfeit cards. In practical terms, this means that ID cards must have similar cryptography to EMV DDA cards (ie, public key cryptography) which naturally means a slightly higher price. But it’s a price worth paying.
(Incidentally, a podcast from Jerry will up here this week).