Weaknesses Found in Payment Cards in Europe

Hundreds of millions of payment cards throughout Europe have a flaw that could allow criminals with a stolen card to enter any random PIN to complete a transaction, according to researchers from the University of Cambridge.

The Cambridge researchers have found a weakness in the complicated EMV protocol that allows for a man-in-the-middle attack. It essentially tricks the point-of-sale terminal into believing it has received a correct PIN no matter what digits are entered.

The card thinks that the transaction was authorized by a signature. In some instances, point-of-sale terminals may have trouble connecting back to a card's issuing bank but allow a transaction anyway if completed by a signature.

About 730 million chip-and-PIN cards are in use worldwide. Most European countries use the cards, and they are also being introduced in Canada and discussed in the U.S.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.