Chip and PIN -- notes on a dysfunctional security system

Add to your list(s) Download to your calendar using vCal

• Saar Drimer, Computer Lab
• Thursday 04 March 2010, 18:30-20:00
• Lecture Theatre 1, Cambridge University Computer Laboratory, J J Thompson Avenue, Madingley Road, Cambridge.

If you have a question about this talk, please contact Neil Johnson.

In the UK, Chip and PIN has been with us for over five years. Originally promoted as a highly secure system, it turned out to have many shortcomings—some by design, and others by bad design. The talk will introduce the EMV framework, describe known attacks— including the latest “no-PIN” attack—and discuss the contributing factors that made them possible (poor incentives, sloppy regulation, specification overload, design-by-committee, cross-border interoperability, and others).

The talk is based on work done in collaboration with Steven Murdoch, Ross Anderson and Mike Bond. More information and published papers can be found here:

http://www.cl.cam.ac.uk/research/security/banking/

This talk is part of the IET Cambridge Network - Lectures series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• CamBridgeSens
• Cambridge talks
• Computer Laboratory Security Seminar
• Department of Computer Science and Technology talks and seminars
• IET Cambridge Network - Lectures
• Institution of Mechanical Engineers (Cambridgeshire Area)
• Interested Talks
• Lecture Theatre 1, Cambridge University Computer Laboratory, J J Thompson Avenue, Madingley Road, Cambridge
• Life Science Interface Seminars
• School of Technology
• Security-related talks
• Trust & Technology Initiative - interesting events
• bld31

Note that ex-directory lists are not shown.