Ross Anderson: Chip and PIN is broken

/dev/oei

... beats /dev/random for entropy. This is a tumblelog of quotes, links, snippets, and occasionally a few paragraphs of my own. Your feedback is most welcome; please look for "Send a message" on my Google profile

February 11, 2010

Ross Anderson: Chip and PIN is broken → 11:16 pm

This is so broken, I can hardly believe it. There’s no fixing it either - the whole protocol is rubbish.

The flaw is that when you put a card into a terminal, a negotiation takes place about how the cardholder should be authenticated: using a PIN, using a signature or not at all. This particular subprotocol is not authenticated, so you can trick the card into thinking it’s doing a chip-and-signature transaction while the terminal thinks it’s chip-and-PIN.