Community
Cambridge University computer scientists’ discovery of a way to carry out transactions without knowing a card's PIN hit the headlines on Friday; however consumers should not lose faith in credit card security. Chip and PIN is by far and away the most secure way of protecting payment transactions currently available.
No security system can claim to be completely bulletproof - there is always a three-way trade off between cost, ease of use and security and the industry is constantly looking for improvements. Consequently, the aim of security systems is not to make security unbreakable but to make it unprofitable for criminals to attempt to break it. The benefits of Chip and PIN are proven. Once the UK adopted Chip and PIN in 2003, losses on UK high street transactions reduced by 55 per cent by 2008. However, not all countries have followed suit and the US, for example, still use magnetic stripe cards with signature verification. Verification by signature remains an option even for EMV cards, and it is the availability of this weaker security that has been exploited by the attack highlighted by Cambridge University.
These recent findings should be discussed. However, the bigger problem lies not with Chip and PIN technology itself, but rather with the differing levels of adoption of advanced security technologies and procedures across the industry. The Cambridge scientists’ research provides interesting insight and could be an important input to future revisions of card security technologies.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Andrew Ducker Payments Consulting at Icon Solutions
19 December
Jamel Derdour CMO at Transact365 / Nucleus365
17 December
Andrii Shevchuk CTO & Co-Partner at Concryt
16 December
Alex Kreger Founder & CEO at UXDA
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.