[Cryptography] cost-watch - the cost of the Target breach

Jerry Leichter leichter at lrw.com
Sun Dec 7 10:20:08 EST 2014


On Dec 7, 2014, at 1:45 AM, Anne & Lynn Wheeler <lynn at garlic.com> wrote:
> at the start of the century,there was large pilot deployed in the US based
> being told it had fixed all the problems... A particular issue was that they had moved business rules into the chip ... so that the terminal would ask the chip 1) if the correct PIN was entered, 2) if the transaction should be done offline, and 3) if the transaction was within the credit limit. The "YES CARD"
> designation comes from a counterfeit card answering "YES" to all
> three questions....
And how many Web-based systems continue to be fielded today with security enforcement in the browser or other client?
                                                        -- Jerry



More information about the cryptography mailing list