Comments on: Reliability of Chip & PIN evidence in banking disputes http://www.lightbluetouchpaper.org/2010/02/26/reliability-of-chip-pin-evidence-in-banking-disputes/ Security Research, Computer Laboratory, University of Cambridge Fri, 10 Feb 2012 17:31:40 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Sadiq http://www.lightbluetouchpaper.org/2010/02/26/reliability-of-chip-pin-evidence-in-banking-disputes/comment-page-1/#comment-141068 Sadiq Tue, 25 Oct 2011 06:12:53 +0000 http://www.lightbluetouchpaper.org/?p=1850#comment-141068 Hi,,how if we do the opposite,well am writting new paper and suggesting that by using Mobile Phone,,we let the customer to read from merchant POS (instead of current situation where POS read customer card information), then the payment process goes to customer bank via mobile phone network,,if the payment approved,,customer bank will deposit the money to merchant's bank account and then merchant bank inform the merchant via POS network..by this way we avoid keeping customer information at merchant internal POS network/server. How is it? pls send me email for any new ideas. Hi,,how if we do the opposite,well am writting new paper and suggesting that by using Mobile Phone,,we let the customer to read from merchant POS (instead of current situation where POS read customer card information), then the payment process goes to customer bank via mobile phone network,,if the payment approved,,customer bank will deposit the money to merchant’s bank account and then merchant bank inform the merchant via POS network..by this way we avoid keeping customer information at merchant internal POS network/server. How is it? pls send me email for any new ideas.

]]> By: Steven J. Murdoch http://www.lightbluetouchpaper.org/2010/02/26/reliability-of-chip-pin-evidence-in-banking-disputes/comment-page-1/#comment-53719 Steven J. Murdoch Tue, 30 Mar 2010 16:39:32 +0000 http://www.lightbluetouchpaper.org/?p=1850#comment-53719 @Han-Wen It varies country to country, and there's no way to know for sure except trying the attack out on the live system and seeing whether it works. I don't know what the situation is in Brazil. @Han-Wen

It varies country to country, and there’s no way to know for sure except trying the attack out on the live system and seeing whether it works. I don’t know what the situation is in Brazil.

]]> By: Han-Wen Nienhuys http://www.lightbluetouchpaper.org/2010/02/26/reliability-of-chip-pin-evidence-in-banking-disputes/comment-page-1/#comment-53538 Han-Wen Nienhuys Mon, 29 Mar 2010 15:18:29 +0000 http://www.lightbluetouchpaper.org/?p=1850#comment-53538 Is there any way for me as end-user to know whether my cards are vulnerable to the no-PIN attack? I am using a MC credit and VISA electron debit card from HSBC in Brazil. The former allows signature verifications, but this usually only happens in terminals that have no chip reader. Is there any way for me as end-user to know whether my cards are vulnerable to the no-PIN attack? I am using a MC credit and VISA electron debit card from HSBC in Brazil. The former allows signature verifications, but this usually only happens in terminals that have no chip reader.

]]>