Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Researchers discover critical flaws in the Chip and PIN system

Researchers discover critical flaws in the Chip and PIN system

2014/05/19

Help Net Security - (International) Researchers at Cambridge University identified two vulnerabilities in the Europay, MasterCard, and Visa (EMV) 'chip and PIN' payment card system that could allow attackers to carry out "pre-play" attacks in order to commit ATM or point of sale (POS) fraud. One vulnerability involves poor random number generation that could be predicted and used for ATM withdrawal, while the second is a protocol failure that could enable malware or a man-in-the-middle (MitM) attack to replace randomly generated numbers with ones chosen by the attacker.

Source: http://www.net-security.org/secworld.php?id=16881

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:20:17