[Cryptography] EMV as a fraud enabler
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue Oct 28 14:05:12 EDT 2014
Brian Krebs has an interesting writeup at:
http://krebsonsecurity.com/2014/10/replay-attacks-spoof-chip-card-charges/
on EMV as a fraud enabler. The trick is that instead of spoofing non-EMV on
an EMV card, you spoof EMV on a non-EMV card because it's assumed to be secure
so there's less checking done by the back-end processing systems.
Peter.
More information about the cryptography
mailing list