Abstract

Security Loophole Renders PIN Code Ineffective

(ETH Zurich, September 01, 2020)

A team of ETH researchers recently discovered a serious security loophole in a protocol used by credit card company Visa, which would enable fraudsters to obtain funds from cards that have been lost or stolen, despite the fact that the amounts should be validated by entering a PIN code. Although the researchers were able to demonstrate that this fraud scheme works with debit and credit cards issued in different countries in a range of currencies, they have already alerted Visa to the vulnerability and proposed three changes that could be made to the protocol with minimal effort to solve this problem.



Original Article on https://ethz.ch

Note: Some website previews may not load properly. If nothing appears in this box, access the original webpage directly by clicking its link above.


Science-Switzerland

This article is part of Science-Switzerland produced by swissnex China as part of the swissnex Network.
Click here to read the most recent edition, access back numbers or subscribe yourself.