Chip and PIN and the Media Spin

Many of you will have heard about the new way to pay for goods and services in the UK, "Chip and PIN". It's been hyped as "the biggest change to payment since decimalisation". We've been regularly asked for comment on the new system, so have recently condensed the balance of our opinions into the following paper:

"Chip and Spin" by Ross Anderson, Mike Bond, Steven J. Murdoch Download PDF File (79KB)

Nearly all the material in this paper is accessible to all readers, however certain parts may require moderate computer literacy. If you are not at all technically savvy, you can continue on to browse through this site which has been prepared by one of the authors in order to explain the basics of the arguments in a less technical manner, and at a slower, more detailed pace.

News and Updates

Mar 06: Our own investigations of transaction traces led us to discover that the potential Cardholder Verification Method list attack we described as a possible EMV weakness was in fact already fixed before EMV was deployed. You can read the new results in the EMV Weaknesses section.

Advantages and Disadvantages

Now, the Chip and PIN system has advantages and disadvantages associated with each of the interested parties. On the one hand, APACS and the banking community in general are already doing very well at describing the advantages of Chip and PIN, both in relation to the customer and themselves. On the other hand, parts of the media have portrayed the scheme as entirely negative, with headlines such as "Crisis Looms for Chip and PIN", maybe just to sell papers, or maybe in line with the agendas of third-party dissenters.

However, it does seem that the UK banking community is avoiding open discussion of the disadvantageous aspects more than they should be. The purpose of this site is not to provide totally balanced comment on the move, but to give proper airing to the drawbacks. It's a always a tough job for onlookers to assess the truth behind anything controversial, but the greater the quantity of information, and the greater the variety of sources the better.

What is Chip and PIN?

"Chip and PIN" is the media slogan for the new EMV Card Payments System designed to augment and eventually replace magnetic stripe payment cards in Europe. It was designed by Europay, Mastercard and Visa, and the specifications for this new technology are managed by EMVCo, a company specially created for that purpose. In the United Kingdom, all the banks have decided to make their EMV cards conform to an additional specification UKIS, created by APACS, the banking industry association. Be sure to visit the official Chip and PIN Website

Disadvantages of Chip and PIN for the Customer

Dispute Resolution This section describes why PIN is worse than signature. It describes the problems with dispute resolution using Chip and PIN and explains why the Banking Code of Practice doesn't solve them. POS to ATM Linkage This section describes why customer's money and physical safety is more at risk due to using the same PIN for goods and services as for cash withdrawal.

Why Chip and PIN Fails to Fight Fraud in the Short-Term

Offline Counterfeiting This section describes why Chip and PIN counterfeit cards can still be used offline in terminals that are not connected to the bank's network or have been temporarily disconnected. The fraudster does not even need to know the PIN. Cross-Border Fraud This section describes why one easy fraud will be replaced by another when Chip and PIN fails close off important avenues from fraud. The customer gets all the hassle and gains nothing. Fallback This section describes why the same old fraud can continue because magnetic stripe technology is not on the way out for a long time.

Why Chip and PIN may Fail to Fight Fraud in the Long-Term

EMV Weaknesses This section discusses the security of the technical standard behind Chip and PIN, and how potential shortcomings may be exploited in the future. Any security system is liable to have weaknesses exposed when it comes under sustained attack; EMV is no exception. Middleperson Attacks This section describes the fundamental technical shortcomings in using smartcards for authorising payments. How do you know when you put your smartcard into a payment machine exactly where the transaction it participates actually leads. You may think you are buying lunch at a restaurant, but your card is actually buying diamonds on the other side of town! Smartcard Attacks The whole security of EMV also rests on the difficulty of extracting the secrets stored on the smartcard. This section describes physical weaknesses of smartcards, and how any smartcard can be cracked for a cost. When will the cracking techniques become cheaper than the cash value of the stolen card?

Recommended Links

Chip and PIN The official site of the "Chip and PIN" initiative, with information for customers, merchants and media. Safety in Numbers?

Not Likely A must-read article by Aida Edemariam discussing the benefits and risks of Chip and PIN technology. It includes an excellent summary of arguments against the Chip and PIN scheme. Phantom Withdrawals Learn about Phantom Withdrawals, the disputed ATM transactions where neither the bank nor the customer admits liability. Increased usage of PINs will make this sort of fraud much more common. Find out about it here. Mike Bond's Webpage Return to the personal homepage of the maintainer of this site, for contact details and more information. Learn also about Security API research, one of the areas of computer security research which could help make ATM security better in the future.

Links to Media Coverage

Chip and PIN

Croocks turn to online card fraud -- BBC News Online, 8th November '05

Chip cards fail to pin down fraudsters -- The Guardian, 16th October '05

Chip and pin 'cutting' card fraud -- BBC News Online, 9th October '05

Fraudsters show how to beat chip and pin -- The Guardian Online, 5th September '05

Chip and pin helps push bank and credit card fraud to 505m -- The Guardian, 8th March '05

UK Criminals Know The Chip Card's In The Mail -- Card Technology Magazine, 8th March '05

Shadow hanging over card users -- The Observer, 17th July '05

"Anti-Bank"

Competition in British banking is mostly notable by its absence -- Daily Telegraph Opinion, 14th March '05