Hacking the new more secure credit cards

I've removed advertising from most of this site and will eventually clean up the few pages where it remains.

While not terribly expensive to maintain, this does cost me something. If I don't get enough donations to cover that expense, I will be shutting the site down in early 2020.

If you found something useful today, please consider a small donation.

Some material is very old and may be incorrect today

© November 2015 Anthony Lawrence

In 2011, a bunch of the new "chip and pin" credit cards were stolen. The thieves physically modified the cards circuitry to accept any pin as valid, thereby letting them rack up almost $700,000 in fraudulent transactions.

Don't panic, because this particular hack method has already been blocked. But do think about how this was done: it was micro surgery on the cards innards. That's scary, because this particular modification was (relatively) simple and unsophisticated. What might the next one be?

It's obvious that anything physically accessible has a potential hackability. So how can we ever be secure?

Well, suppose your credit card number wasn't a number at all but was biometrics derived from your person. Suppose further that what you owe and what you own wasn't stored at a bank somewhere, but was stored in your biometrics - that is, you are your own bank account. That's somewhat possible now, though there's no way for you to control it - you wouldn't know if someone hacked you to steal your assets. But that might change eventually.

And then someone will find a way to hack that.

How a criminal ring defeated the secure chip-and-PIN credit cards

If you found something useful today, please consider a small donation.

Got something to add? Send me email.

---

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us