Despite the push for adoption of chip and PIN payments in the US, experts have warned that the EMV standard still holds significant security threats.
Speaking at the Black Hat security conference in Las Vegas on Thursday, Ross Anderson, a security engineering professor at Cambridge University with 25 years of experience in payment systems security, warned that EMV suffers from both regulatory and security problems, some of which have already been exploited in attacks.
While conceding that chip and PIN remains superior to swipe cards in many ways, Anderson highlighted a number of attacks possible against EMV that banks have tried to downplay as impractical or overly complex for cybercriminals to launch.
Researchers demonstrated to the Black Hat audience how they could take over mobile payment terminals by using a malicious EMV card. They declined to name any of the vendor devices, as not all of the flaws are yet patched.
Anderson told the audience: “We’ve been using EMV in the U.K. for 11 years and have a lot of experience understanding how these things break. When this started, we thought we knew what the shortcuts were and what fraud would be, but reality was quite different.”
Whitepapers
Related reading
2020 hailed “year of contactless” by payments study
By Richard Young The coronavirus crisis has caused a surge in mobile and contactless payments, driving consumers to make fewer but larger ... read more
Redefining remittances: Fintechs during coronavirus
By Daumantas Dvilinskas, CEO and co-founder, TransferGo According to new projections by the World Bank, remittances are set to decline by as ... read more
Crypto’s safe-haven status wavers amidst market crash
Perceptions that cryptocurrency performs autonomously from other markets is being questioned as bitcoin crashed by 50 percent on March 12. Market participants ... read more
COVID-19: our action plan
Dear reader, As the coronavirus pandemic spreads, we continue to hear and read unsettling stories from around the globe. At Payment Eye, ... read more
