Category Archives: Banking

Debit-credit applications, as well as electronic purses and other applications related to electronic banking, such as one-time password generation.

The lowest hanging card

The latest news on six second card hacking is very entertaining, and frankly, not reassuring. This thing is just as simple that it is stupid. The CVV2/CVC2 is a secret number computed by banks using a secret key, so they are validated by the issuing bank. Apparently, most (all?) of them have chosen not to […]

Fashion statement

I am just out of the Cartes show. A bit depressing, mostly because of the current circumstances and the number of “Absent exhibitors”. However, there werea few interesting highlights. One of them came in the Wearable and IoT conference track, in a presentation from Oberthur’s Olga Titova Candel about Wearable Payments for Fashion. The main […]

Convenience vs. Security vs. (Perceived) Security

Yesterday, @poulpita tweeted a link to a blog explaining that convenience keeps winning against security. The main argument in this blog is about iOS6’s Passbook, which can store credit card numbers, for your convienience. The reasoning goes on with a comparison of the security merits of a credit card number stored on Passbook and a […]

Payment Card Security Codes

It is not always easy to explain the advantages of using smart cards for payment security, because most people lack knowledge about the security of payment with a card. So, here is some information about it, and in particular about the codes used to authenticate a valid payment card. Every card is identified by a […]

Google Wallet has a Vulnerability (not on SE)

The game has started for Google Wallet. Some guys are looking for vulnerabilities, and of course, finding some. You can read the papers to get all the details on this attack. Basically, they have been smart enough to use a salt before hashing the PIN value to avoid brute-force attacks. However, they haven’t been smart […]

Smart card security on the radio

Smart card security doesn’t often get on traditional media, so we can all (at least, the French-spaking ones) be happy that France Culture will spend an hour discussing the security of payment cards, trying to provide an answer to the question “Comment améliorer la sécurité des cartes bancaires?“. Among the speakers, we will have Jean-Louis […]

Chip cards for (some) Americans

It seems that the American plastic cards are getting them in trouble, at least when they travel in Europe. Of course, cards without chips still work perfeectly in restaurants, hotels, and stores. However, things are very different at automated machines. If you are in France and you want to pay for underground parking, for renting […]

Secure magstripe?

Visa seems to be investigating a new way to use magnetic stripe cards. The article does not give much details, but the basic idea seems to be that the magnetic stripe is scanned with a high definition, which provides a “unique” pattern, which Visa compares to the DNA or fingerprint of the card. Of course, […]

Cloned debit cards are good for secure EMV cards

Reports about cloning debit cards have been all around, for instance here. The combination of cloning cards and making millions with a fraud scheme instantly makes smart card people happy: we told you that your magstripe cards would lead to big problems! OK. But let’s try to analyze this a bit deeper.

How many Java Card’s in a mobile phone?

There is a big ongoing debate about the future of the SIM, as illustrated by e-Smart’s debate about “SIM, no SIM , super SIM?”. I don’t have the answer, and as a Java Card expert, I am not sure to really care. It seems that most people agree that it is nice to have at […]