Researchers Find A Chip In EMVs Armor

Published April 03, 2011, 11:48 p.m. EDT

|

Updated April 11, 2011, 1:26 p.m. EDT

1 Min Read

Researchers say they’ve found a security hole that exposes EMV chip-and-PIN protected cards, adding wrinkle to the hot debate over the use of the security standard in the U.S.

Processing Content

According to InversePath researchers, the flaw allows skimming devices to steal data from chip-and-PIN protected cards at point of sale terminals and ATMs.

The Italian online security firm, which called chip-and-PIN “broken” at the recent CanSecWest security conference in Vancouver, built a faux skimming device. It says the device can be installed on any terminal, is difficult to locate and can draw power from the actual terminals.

InversePath also says the skimming devices can intercept EMV card communications.

EMV cards communicate with terminals through application protocol data unit messages, which read records and issue commands. The tech firm says the skimming devices can read these message exchanges.

Generally considered to be safer than MAG stripe cards, EMV cards are widely used outside the U.S. but have not caught on in the States because of concerns over the multibillion dollar cost of migration, though some, such as Wal-Mart and members of the Atlanta Fed, say the lack of migration isolates the U.S.

For reprint and licensing requests for this article, click here.

MORE FROM AMERICAN BANKER

Tokenization

BMO, UK's Monument Bank join the tokenized deposit train

Bank of Montreal has introduced a tokenized cash and deposit platform, while the London-based Monument is partnering with the Midnight Foundation's distributed ledger. Also, Starling Bank's AI play, stablecoins gain ground in APAC and Africa and more in the American Banker global payments and fintech roundup.

By John Adams and Joey Pizzolato

4h ago
Deposit insurance

House gives deposit insurance reform another try

In a new legislative package offered Wednesday, House lawmakers halved the deposit insurance limit offered in earlier deposit insurance reform bills coming from the Senate.

By Claire Williams
Reporter

4h ago
Politics and policy

Stablecoin yield language unloved by banks and crypto alike

Draft legislative language meant to break an impasse on stablecoin yield circulating among stakeholders includes a lengthy list of exceptions to a ban on rewards for stablecoin holdings, making it unlikely to satisfy banks as negotiations continue.

By Claire Williams
Reporter

4h ago
FSOC

FSOC guidance sets 'very high' bar for nonbank designation

The Financial Stability Oversight Council Wednesday published a proposed guidance focused on designating activities rather than individual firms for heightened prudential standards, making it more difficult for the council to designate firms going forward.

By Ebrima Santos Sanneh
Reporter

4h ago
Commercial banking

Zions' latest deal will boost its multifamily business

The Salt Lake City-based regional bank plans to grow its multifamily lending business by acquiring the agency lending business of a commercial real estate investment group. If the deal is approved, Zions would join a short list of banks that can underwrite and close multifamily loans on behalf of Fannie Mae and Freddie Mac.

By Allissa Kline
Staff Writer

4h ago
Digital banking

How Revolut plans to go 'head to head' with US banks

2025 was Revolut's fifth consecutive year of net profitability. This year, the neobank has its sights set on expanding in the U.S., a key pillar of its global footprint.

By Joey Pizzolato
Reporter

6h ago