Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Payment cards with chips aren't perfect, so encrypt everything, experts say

Lucian Constantin | Aug. 11, 2014
The EMV or 'chip-and-PIN' system is not without security flaws, researchers warned.

The fewer places in the world where cybercriminals can use such cards, the harder it will be for them to steal money from them. That might lead criminals to start using EMV attacks like those described by Anderson.

One technology that has a much better chance of preventing attackers from stealing card data is point to point encryption from the card reader to the payment processor, according to Zaichkowsky.

Security experts have recommended point to point, or end to end, encryption for card-present payments for years. Adoption has been slow because it requires replacing card readers and PIN pads with new ones that support the technology, a significant investment that most merchants were not prepared to make.

However, now that many of them will have to change their terminals anyway in order to support EMV, it would be better if they also took the opportunity to choose terminals that encrypt the card data at the reader, Zaichkowsky said.

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.