[Cryptography] EMV as a fraud enabler

Peter Gutmann pgut001 at cs.auckland.ac.nz
Tue Oct 28 14:05:12 EDT 2014


Brian Krebs has an interesting writeup at:

http://krebsonsecurity.com/2014/10/replay-attacks-spoof-chip-card-charges/

on EMV as a fraud enabler.  The trick is that instead of spoofing non-EMV on
an EMV card, you spoof EMV on a non-EMV card because it's assumed to be secure
so there's less checking done by the back-end processing systems.

Peter.


More information about the cryptography mailing list