Creativity and security

Dave Korn davek_throwaway at hotmail.com
Fri Mar 24 13:47:07 EST 2006 

J. Bruce Fields wrote:
> On Thu, Mar 23, 2006 at 08:15:50PM -0000, Dave Korn wrote:
>>   So what they've been doing at my local branch of Marks & Spencer
>> for the past few weeks is, at the end of the transaction after the
>> (now always chip'n'pin-based) card reader finishes authorizing your
>> transaction, the cashier at the till asks you whether you actually
>> /want/ the receipt or not; if you say yes, they press a little
>> button and the till prints out the receipt same as ever and they
>> hand it to you, but if you say no they don't press the button, the
>> machine doesn't even bother to print a receipt, and you wander away
>> home, safe in the knowledge that there is no wasted paper and no
>> leak of security information  ...
>>
>>   ... Of course, three seconds after your back is turned, the
>> cashier can still go ahead and press the button anyway, and then
>> /they/ can have your receipt.  With the expiry date on it.  And the
>> last four digits of the card number.  And the name of the card
>> issuer, which allows you to narrow the first four digits down to
>> maybe three or four possible combinations.  OK, 10^8 still aint
>> easy, but it's a lot easier than what we started with.
>
> If all that information's printed on the outside of the card, then
> isn't this battle kind of lost the moment you hand the card to them?

1-  I don't hand it to them.  I put it in the chip-and-pin card reader 
myself.  In any case, even if I hand it to a cashier, it is within my sight 
at all times.

2-  If it was really that easy to memorize a name and the equivalent of a 
23-digit number at a glance without having to write anything down, surely 
the credit card companies wouldn't need to issue cards in the first place?

  IOW, unless we're talking about a corrupt employee with a photographic 
memory and telescopic eyes, the paper receipt I leave behind is the only 
place they could get any information about my card details.  This was of 
course not the case in the old days when your card was rolled over a receipt 
with multiple carbons, one of which was the retailer's copy that they needed 
to deposit with their bank, but things are a lot more secure now: a debit 
card transaction, authorised and completed online, leaves a lot less 
exposure; so nowadays I reckon that it is worth worrying about the remaining 
risks, that /were/ relatively speaking lower risks back then when compared 
to the fact of the retailer's retaining a hard copy of your card details, 
but that (now /that/ particular risk has been eliminated) are relatively 
higher risks.

  Of course, a corrupt employee could conceivably replace the card reader 
with a corrupt one of their own, but since it would take major carpentry to 
detach them from the cashtills and counters to which they are firmly fixed, 
I think that's a lot more likely to be noticed than an employee craftily 
pressing a little button and palming a receipt.  YMMV!

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today.... 




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list