28 September 2015

Chip & PIN is broken


As many readers know, I’ve disliked Chip & PIN pretty much since it was launched, as there are better solutions out there.  Here’s my comment from 2006:

Chris Skinner, CEO of financial services think tank Balatro told silicon.com: “I’m an anti-chip and PIN person. Sorry Apacs – I like them very much but it’s not an appropriate technology today. Chip and Pin is very old in a very modern society – it started in France in 1994. 

“In Eastern Europe [Hungary and Russia] they have a much better system than chip and PIN – when you make a payment you get a text. You can ignore it or if there’s a problem, you get in touch with your bank. It’s very cheap but there’s been a 93 per cent reduction in fraud – that’s far more successful than chip and PIN.”

Now, just to add insult to injury, Steven Murdoch discusses how they’ve cracked Chip & PIN on Finextra, and references a 13-page research paper which explains how it works:

‘EMV is the dominant protocol used for smart card payments worldwide, with over 730 million cards in circulation.  Known to bank customers as “Chip and PIN”, it is used in Europe; it is being introduced in Canada; and there is pressure from banks to introduce it in the USA too. EMV secures credit and debit card transactions by authenticating both the card and the customer presenting it through a combination of cryptographic authentication codes, digital signatures, and the entry of a PIN.

‘In this paper we describe and demonstrate a protocol flaw which allows criminals to use a genuine card to make a payment without knowing the card’s PIN, and to remain undetected even when the merchant has an online connection to the banking network. The fraudster performs a man-in-the-middle attack to trick the terminal into believing the PIN verified correctly, while telling the issuing bank that no PIN was entered at all.

‘The paper considers how the flaws arose, why they remained unknown despite EMV’s wide
deployment for the best part of a decade, and how they might be fixed. Because we have found and validated a practical attack against the core functionality of EMV, we conclude that the protocol is broken.

‘This failure is significant in the field of protocol design, and also has important public policy
implications, in light of growing reports of fraud on stolen EMV cards. Frequently, banks deny such fraud victims a refund, asserting that a card cannot be used without the correct PIN, and concluding that the customer must be grossly negligent or lying. Our attack can explain a number of these cases, and exposes the need for further research to bridge the gap between the theoretical and practical security of bank payment systems.’

Download the 13-page white paper
Watch the BBC news report videoRead Steven’s views in-depth


UPDATE 13-02-10 11:10

The UK Cards Association dismissed the claim, saying that while the research had shown what it was possible to do in theory, this did not mean it was practical or even possible to do in reality.

A spokeswoman said: “We believe that this complicated method will never present a real threat to our customers’ cards.

“It requires possession of a customer’s card and unfortunately there are much simpler ways to commit fraud under these circumstances at much less risk to the criminal. This fraud is also detectable by the industry’s systems.”

She added that figures due to be released by the group shortly would show that fraud committed on lost or stolen cards during 2009 had fallen to its lowest level for two decades.


Originally posted on here and reproduced with kind permission of the author. 

About the author

Chris Skinner

Chris Skinner is best known as an independent commentator on the financial markets through the Finanser, and chair of the European networking forum the Financial Services Club, which he founded in 2004. He is the author of nine books covering everything from European regulations in banking through the credit crisis, to the future of banking.

Leave a Reply

Your email address will not be published. Required fields are marked *