Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre. Please read our Privacy Policy.
The EMV (Chip & PIN) protocol requires ATMs and point-of-sale terminals to generate a random number. If this number (known in EMV terminology as the "unpredictable number") isn't random,...
The UK Cards Association (previously known as APACS) has written to the University of Cambridge asking them to remove a paper, claiming that it contains information that might be of use to criminals....
It has now been two weeks since we published our paper “Chip and PIN is broken”. Here, we presented the no-PIN attack, which allows criminals to use a stolen Chip and PIN card, without having to know...
There was a 9-minute film on Newsnight yesterday evening (available online) showing some research by Saar Drimer, Ross Anderson, Mike Bond and me. We demonstrate a middleperson attack on EMV which let...
This week, the 2010 Financial Cryptography conference is being held in Tenerife. The papers to be presented are likely of interest to the Finextra audience. Unfortunately, most are not available onlin...
On the 1st of January 2010, many German bank customers found that their banking smart cards had stopped working. Details of why are still unclear, but indications are that the cards believed that the ...
Today, Finextra published a video interview with me, discussing my research on banks using card readers for online banking, which was recently featured on TV. In this interview, I discuss some of th...
This evening (Monday 26th October 2009, at 19:30 UTC), BBC Inside Out will show Saar Drimer and I demonstrating how the use of smart card readers, being issued in the UK to authenticate online bankin...
Today Which? released their survey of online banking security. The results are summarized in their press release and the full article is in the September edition of “Which? Computing”. The article f...