https://javacard.vetilles.com/2010/02/16/chip-and-pin-is-broken-a-little/ A weblog on Java Card, security, and other things personal Thu, 18 May 2017 07:26:32 +0000 hourly 1 https://wordpress.org/?v=4.0.32 https://javacard.vetilles.com/2010/02/16/chip-and-pin-is-broken-a-little/#comment-4114 Wed, 17 Feb 2010 18:23:41 +0000 http://javacard.vetilles.com/?p=543#comment-4114 There is a press release from the German ZKA that the debit cards issued in Germany are not prone to this attack. Apparantly this attack can be countered by the backend system (or the terminal itself) by comparing some data received from the card. So it seems an issuer problem, not the EMV protocol itself.
Also not mentioned in the paper that this attack cannot be done on ‘locked’ cards once the fraud was reported.

]]>