By silicon.com, 9 May 2006 18:05
This week we've heard that chip and PIN payments at Shell petrol stations across the UK have been stopped. It's in reaction to news that a number of handsets were tampered with to enable the theft of around £1m from customers.
Cue doom and gloom from the doubters who've said all along that chip and PIN was always going to prove problematic. Never mind the fact that fraud has fallen since chip and PIN was introduced. Never mind the fact that nothing is going to be 100 per cent secure, especially if there is inside collusion as appears to have been the case here. 'We told you so' became a common refrain.
But is that line of debate worth following? This isn't about the wider reliability of chip and PIN, it's about the specific incident in question.
The doubters certainly aren't keen to linger on the fact that many of the fraudulent payments which were taken in this case were reportedly processed overseas. Why? Because it was easier to make transactions where chip and PIN is currently not in use - while the magnetic strip and PIN number are easily overcome hurdles, the chip poses a far sterner challenge to fraudsters.
And with credit card companies and banks being more thorough in vetting overseas payments - which anybody who has had to phone from a hotel lobby to ensure their bank they are indeed in New York, or wherever, will attest - this channel is also tightening.
Forged cards do still work in UK cash points, to cater for our US cousins and others who refuse to abandon the magnetic strip. But the stats suggest over-the-counter payments are more robustly protected by chip and PIN than by a signature, and typically present a more profitable target for fraudsters than cash point fraud.
There is blame to be apportioned here, however, because money went missing and when that happens somebody must be to blame. A spokeswoman for Shell told silicon.com that all the handsets are "fully accredited and comply with all relevant industry standards".
So that's hardly a glowing testimony for those relevant industry standards, for starters. Let's start looking at the checks and balances in place there.
Obviously the handsets weren't tamper-proof, we've been told as much, though we're also told that was an anomaly, unique to the handsets in question and not affecting others of the same design from the same manufacturer.
You may be as sceptical as we were upon hearing that - that the faulty machines should have come into contact with individuals likely to spot and exploit the fault - but while the investigation is ongoing we can only assume, as with many crimes, that criminals have seized upon the window of opportunity afforded by such an unlikely occurrence, though surely with some idea of what they were looking for.
Which brings us on to the people. The crimes here were committed by people who according to Apacs had easy access to the systems, the terminals and the working-day processes of the petrol station or stations in question.
It's likely whatever electronic system is in place an individual with the time, the access and the inclination can steal from customers. Whether it's call centre staff taking card numbers, a checkout worker in the supermarket, a waiter in a restaurant, a receptionist in a hotel or a worker in a Shell garage.
This is a problem of process, not technology and by letting this cloud our judgment of chip and PIN, which is here to stay, we're allowing ourselves to stare so hard at the scapegoat we miss the real problem.
Comments
There are 4 comments. Join the discussion
1. Connie G. Penn
Very well put congratulations.
When I started in the card industry we knew that when we squeezed the air in the balloon it ballooned elsewhere. Nothing has changed.
Unfortunately few articles focus on the fact that this was magnetic stripe fraud normally perpetuated at ATMs which moved to the Point of Sale. Chip and PIN technology is for the moment still intact. It has stemmed fraud in merchant outlets and thus has reduced some risk for merchants. Chip & PIN has too many benefits for us all we must not allow it to be beaten to a pulp at the first stumble
2. anonymous
Chip & PIN if the rest of the world were chip and PIN compliant then the weakest part of the system remains the PIN. You'd expect to see the weakest in society being mugged for their card after a crook aqcuired their PIN.
The weakest parts of the present Chip & PIN is the magstrip AND the PIN.
In the card industries own words it will be a long, long time before magstrips are obsolete on Visa, MasterCard and Europay plastic cards.
So where does that leave UK cardholders? Obviously cards terms and conditions need to be addressed. You are responsible for the security of your PIN. If your card is cloned or stolen and used with your PIN before you report it lost or stolen, then you have a problem in explaining how someone got hold of your PIN. You can argue the toss with your signature.
As the Chip part is trustworthy to date then it would seem safer from a cardholders perspective to get a Chip & Signature card soonest and bin your PIN.
3. anonymous
This is a mag stripe issue, not a chip one so why title the article in a way that damages the chip & pin "brand"?
Look at the realised benefits of Chip and PIN - it is making a huge difference to real people - yet your article's title just undermines it in people's minds for no good reason.
(Ed note. The article explains quite clearly that this isn't a chip and PIN problem but a magstripe problem, and it addresses the issue that people are assuming this has undermined chip and PIN, hence the question in the title. If anything your comment supports both our argument and our choice of headline.)
4. anonymous
>>As the Chip part is trustworthy to date then it would seem safer from a cardholders perspective to get a Chip & Signature card soonest and bin your PIN.
This is incorrect and bad advice.
Chip & Pin transactions are like a virtual meeting between your card-issuer (represented by your card) the merchant and their bank (represented by the PinPad) and yourself (represented by your pin). All three must agree that the transaction is valid before going forward.
If you refuse to use a pin and request a Chip & Signature card, all you are doing is relying on the till operator to confirm your identity rather than yourself.
Admittedly, if your pin is known to the person holding your card then security is breached but you have to agree that that is far less likely than someone being able to practice your signature which is clearly displayed on the back of your card.
Paul