SlideShare uma empresa Scribd logo

Cracking Chip & PIN

onthewight
onthewight

Chris Jarman, one of the original technical architects of the Chip & Pin scheme, explains its development and how various hacks have been attempted.

Tecnologia
1 de 8
Risk Management First lesson of Banking – no Risk, no Profit. Financial Security models are always a balance. No System is Secure but it can be judged Secure Enough. Bankers have been evaluating risk and profit since the days of barter. No Security model exists in isolation. Chip & PIN builds on a considerable existing security framework
Business Objectives Driven by simple commercial proposition Augmented by reputational elements Incorporate behavioural evolution Needs to account for and predict technology. Needs to be viable for all parties. Subject to review and planned to continuously evolve.
Crypto Basis of Trust RSA Public Key Scheme Static Data Authentication Dynamic Data Authentication Triple (Double Length) DES Online mutual Authentication PIN What you have: Token What you know: Crypto engine / Keys / PIN
Attack Scenarios Forced attack / threat e.g. Theft Card not present / non PIN verified e.g. Internet Mobile Commerce International e.g. Fallback
Attack Scenarios Hard Attack of Crypto – RSA or 3*DES Exploit Procedural Elements e.g. Relay Transaction flow logistics e.g. Terminal Minder Disintermediate parties e.g. Wedge Technology Element e.g. Differential Power Analysis
Investment / Reward 800 Million cards and growing. Fraud is a commercial business. Cost / Benefit model based. Requires significant resource dedication. Limited skill set availability. Requires greater resource to exploit. Active detection methods can rapidly terminate activity.
Chip & PIN Today Overall scheme security remains intact and strong Hard card attack scenarios provide poor business case Soft card attack scenarios exploit interfaces and provide little business case Largest exposure remains non-chip usage New channels building in support to leverage chip and PIN – e.g. HomePay reader at home Still fit for purpose !!
Chip & PIN @ Home HomePay ,[object Object]

Recomendados

Point of Sale Insecurity: A Threat to Your Business
Point of Sale Insecurity: A Threat to Your BusinessPoint of Sale Insecurity: A Threat to Your Business
Point of Sale Insecurity: A Threat to Your BusinessSurfWatch Labs
 
Cyber Threat Management
Cyber Threat Management Cyber Threat Management
Cyber Threat Management Rishi Kant
 
Cybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To KnowCybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To KnowShantam Goel
 
E-Banking Web Security
E-Banking Web SecurityE-Banking Web Security
E-Banking Web SecurityDragos Lungu
 
Tech trends in Banking Industry
Tech trends in Banking IndustryTech trends in Banking Industry
Tech trends in Banking IndustrySoham Pablo
 
Login cat tekmonks - v5 (mini)
Login cat tekmonks - v5 (mini)Login cat tekmonks - v5 (mini)
Login cat tekmonks - v5 (mini)Rohit Kapoor
 
Ec2009 ch10 e commerce security
Ec2009 ch10 e commerce securityEc2009 ch10 e commerce security
Ec2009 ch10 e commerce securityNuth Otanasap
 
Pre-PostBreach_Are_Your_Ready
Pre-PostBreach_Are_Your_ReadyPre-PostBreach_Are_Your_Ready
Pre-PostBreach_Are_Your_ReadyPete Pouridis
 

Recomendados

Point of Sale Insecurity: A Threat to Your Business
Point of Sale Insecurity: A Threat to Your BusinessPoint of Sale Insecurity: A Threat to Your Business
Point of Sale Insecurity: A Threat to Your BusinessSurfWatch Labs
 
Cyber Threat Management
Cyber Threat Management Cyber Threat Management
Cyber Threat Management Rishi Kant
 
Cybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To KnowCybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To KnowShantam Goel
 
E-Banking Web Security
E-Banking Web SecurityE-Banking Web Security
E-Banking Web SecurityDragos Lungu
 
Tech trends in Banking Industry
Tech trends in Banking IndustryTech trends in Banking Industry
Tech trends in Banking IndustrySoham Pablo
 
Login cat tekmonks - v5 (mini)
Login cat tekmonks - v5 (mini)Login cat tekmonks - v5 (mini)
Login cat tekmonks - v5 (mini)Rohit Kapoor
 
Ec2009 ch10 e commerce security
Ec2009 ch10 e commerce securityEc2009 ch10 e commerce security
Ec2009 ch10 e commerce securityNuth Otanasap
 
Pre-PostBreach_Are_Your_Ready
Pre-PostBreach_Are_Your_ReadyPre-PostBreach_Are_Your_Ready
Pre-PostBreach_Are_Your_ReadyPete Pouridis
 
IWC 2013 Budget Presentation
IWC 2013 Budget PresentationIWC 2013 Budget Presentation
IWC 2013 Budget Presentationonthewight
 
Didáctica de la historia en la educación infantil
Didáctica de la historia en la educación infantilDidáctica de la historia en la educación infantil
Didáctica de la historia en la educación infantilcitlallicabrera
 
Propuesta metodológica sesion 2
Propuesta metodológica sesion 2Propuesta metodológica sesion 2
Propuesta metodológica sesion 2citlallicabrera
 
Transportation Plan
Transportation PlanTransportation Plan
Transportation PlanTodd Phillips
 
Tx Gradebook Orientation
Tx Gradebook OrientationTx Gradebook Orientation
Tx Gradebook OrientationJennifer Lopez
 
Slide presentation
Slide presentationSlide presentation
Slide presentationANelly01
 
Custom personalized bedding
Custom personalized beddingCustom personalized bedding
Custom personalized beddingdezine01
 
ISA LA Instrumentation2009handout
ISA LA Instrumentation2009handoutISA LA Instrumentation2009handout
ISA LA Instrumentation2009handoutPhil Sallaway
 
Technology cart distribution notes
Technology cart distribution notesTechnology cart distribution notes
Technology cart distribution notesJennifer Lopez
 
LG Soluciones para Hotelería
LG Soluciones para HoteleríaLG Soluciones para Hotelería
LG Soluciones para HoteleríaLG Electronics Chile
 
2
22
2pkmedia
 
Sesion 3 actividad 1
Sesion 3 actividad 1Sesion 3 actividad 1
Sesion 3 actividad 1citlallicabrera
 
12 komunikace a tvorba znalostí
12 komunikace a tvorba znalostí12 komunikace a tvorba znalostí
12 komunikace a tvorba znalostíKISKAcross
 
Campus navigator
Campus navigatorCampus navigator
Campus navigatorOluyomi Ojo
 
PracticeTEchnology
PracticeTEchnologyPracticeTEchnology
PracticeTEchnologyANelly01
 
Gi Laboratory Nurse Bedside
Gi Laboratory Nurse BedsideGi Laboratory Nurse Bedside
Gi Laboratory Nurse Bedsidejzinkel
 
Creating groups in gradebook
Creating groups in gradebookCreating groups in gradebook
Creating groups in gradebookJennifer Lopez
 
La escuela unitaria
La escuela unitariaLa escuela unitaria
La escuela unitariaAylincristal
 
Jaro 2011 rozvoj kreativity - vyroba kocici busty
Jaro 2011 rozvoj kreativity - vyroba kocici bustyJaro 2011 rozvoj kreativity - vyroba kocici busty
Jaro 2011 rozvoj kreativity - vyroba kocici bustyKISKAcross
 
IWC 2013 Budget Presentation (revised)
IWC 2013 Budget Presentation (revised)IWC 2013 Budget Presentation (revised)
IWC 2013 Budget Presentation (revised)onthewight
 
Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Anil Jain
 
End-to-End Encryption for Credit Card Processing
End-to-End Encryption for Credit Card ProcessingEnd-to-End Encryption for Credit Card Processing
End-to-End Encryption for Credit Card ProcessingLennon808
 

Mais conteúdo relacionado

Destaque

IWC 2013 Budget Presentation
IWC 2013 Budget PresentationIWC 2013 Budget Presentation
IWC 2013 Budget Presentationonthewight
 
Didáctica de la historia en la educación infantil
Didáctica de la historia en la educación infantilDidáctica de la historia en la educación infantil
Didáctica de la historia en la educación infantilcitlallicabrera
 
Propuesta metodológica sesion 2
Propuesta metodológica sesion 2Propuesta metodológica sesion 2
Propuesta metodológica sesion 2citlallicabrera
 
Tx Gradebook Orientation
Tx Gradebook OrientationTx Gradebook Orientation
Tx Gradebook OrientationJennifer Lopez
 
Slide presentation
Slide presentationSlide presentation
Slide presentationANelly01
 
Custom personalized bedding
Custom personalized beddingCustom personalized bedding
Custom personalized beddingdezine01
 
ISA LA Instrumentation2009handout
ISA LA Instrumentation2009handoutISA LA Instrumentation2009handout
ISA LA Instrumentation2009handoutPhil Sallaway
 
Technology cart distribution notes
Technology cart distribution notesTechnology cart distribution notes
Technology cart distribution notesJennifer Lopez
 
12 komunikace a tvorba znalostí
12 komunikace a tvorba znalostí12 komunikace a tvorba znalostí
12 komunikace a tvorba znalostíKISKAcross
 
Campus navigator
Campus navigatorCampus navigator
Campus navigatorOluyomi Ojo
 
PracticeTEchnology
PracticeTEchnologyPracticeTEchnology
PracticeTEchnologyANelly01
 
Gi Laboratory Nurse Bedside
Gi Laboratory Nurse BedsideGi Laboratory Nurse Bedside
Gi Laboratory Nurse Bedsidejzinkel
 
Creating groups in gradebook
Creating groups in gradebookCreating groups in gradebook
Creating groups in gradebookJennifer Lopez
 
La escuela unitaria
La escuela unitariaLa escuela unitaria
La escuela unitariaAylincristal
 
Jaro 2011 rozvoj kreativity - vyroba kocici busty
Jaro 2011 rozvoj kreativity - vyroba kocici bustyJaro 2011 rozvoj kreativity - vyroba kocici busty
Jaro 2011 rozvoj kreativity - vyroba kocici bustyKISKAcross
 
IWC 2013 Budget Presentation (revised)
IWC 2013 Budget Presentation (revised)IWC 2013 Budget Presentation (revised)
IWC 2013 Budget Presentation (revised)onthewight
 

Destaque (20)

IWC 2013 Budget Presentation
IWC 2013 Budget PresentationIWC 2013 Budget Presentation
IWC 2013 Budget Presentation
 
Didáctica de la historia en la educación infantil
Didáctica de la historia en la educación infantilDidáctica de la historia en la educación infantil
Didáctica de la historia en la educación infantil
 
Propuesta metodológica sesion 2
Propuesta metodológica sesion 2Propuesta metodológica sesion 2
Propuesta metodológica sesion 2
 
Transportation Plan
Transportation PlanTransportation Plan
Transportation Plan
 
Tx Gradebook Orientation
Tx Gradebook OrientationTx Gradebook Orientation
Tx Gradebook Orientation
 
Slide presentation
Slide presentationSlide presentation
Slide presentation
 
Custom personalized bedding
Custom personalized beddingCustom personalized bedding
Custom personalized bedding
 
ISA LA Instrumentation2009handout
ISA LA Instrumentation2009handoutISA LA Instrumentation2009handout
ISA LA Instrumentation2009handout
 
Technology cart distribution notes
Technology cart distribution notesTechnology cart distribution notes
Technology cart distribution notes
 
LG Soluciones para Hotelería
LG Soluciones para HoteleríaLG Soluciones para Hotelería
LG Soluciones para Hotelería
 
2
22
2
 
Sesion 3 actividad 1
Sesion 3 actividad 1Sesion 3 actividad 1
Sesion 3 actividad 1
 
12 komunikace a tvorba znalostí
12 komunikace a tvorba znalostí12 komunikace a tvorba znalostí
12 komunikace a tvorba znalostí
 
Campus navigator
Campus navigatorCampus navigator
Campus navigator
 
PracticeTEchnology
PracticeTEchnologyPracticeTEchnology
PracticeTEchnology
 
Gi Laboratory Nurse Bedside
Gi Laboratory Nurse BedsideGi Laboratory Nurse Bedside
Gi Laboratory Nurse Bedside
 
Creating groups in gradebook
Creating groups in gradebookCreating groups in gradebook
Creating groups in gradebook
 
La escuela unitaria
La escuela unitariaLa escuela unitaria
La escuela unitaria
 
Jaro 2011 rozvoj kreativity - vyroba kocici busty
Jaro 2011 rozvoj kreativity - vyroba kocici bustyJaro 2011 rozvoj kreativity - vyroba kocici busty
Jaro 2011 rozvoj kreativity - vyroba kocici busty
 
IWC 2013 Budget Presentation (revised)
IWC 2013 Budget Presentation (revised)IWC 2013 Budget Presentation (revised)
IWC 2013 Budget Presentation (revised)
 

Semelhante a Cracking Chip & PIN

Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Anil Jain
 
End-to-End Encryption for Credit Card Processing
End-to-End Encryption for Credit Card ProcessingEnd-to-End Encryption for Credit Card Processing
End-to-End Encryption for Credit Card ProcessingLennon808
 
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011Andris Soroka
 
Graph Gurus Episode 34: Graph Databases are Changing the Fraud Detection and ...
Graph Gurus Episode 34: Graph Databases are Changing the Fraud Detection and ...Graph Gurus Episode 34: Graph Databases are Changing the Fraud Detection and ...
Graph Gurus Episode 34: Graph Databases are Changing the Fraud Detection and ...TigerGraph
 
Experiment
ExperimentExperiment
Experimentjbashask
 
Replace The Current Antiquated Credit Card System
Replace The Current Antiquated Credit Card SystemReplace The Current Antiquated Credit Card System
Replace The Current Antiquated Credit Card SystemWarren Smith
 
Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2SafeNet
 
System Z Mainframe Security For An Enterprise
System Z Mainframe Security For An EnterpriseSystem Z Mainframe Security For An Enterprise
System Z Mainframe Security For An EnterpriseJim Porell
 
Hacking Point of Sale
Hacking Point of SaleHacking Point of Sale
Hacking Point of SaleTripwire
 
Hw09 Large Scale Transaction Analysis
Hw09 Large Scale Transaction AnalysisHw09 Large Scale Transaction Analysis
Hw09 Large Scale Transaction AnalysisCloudera, Inc.
 
FinTech Belgium – Fintech Belgium MeetUp on Cybersecurity – F.Lecocq – Digitr...
FinTech Belgium – Fintech Belgium MeetUp on Cybersecurity – F.Lecocq – Digitr...FinTech Belgium – Fintech Belgium MeetUp on Cybersecurity – F.Lecocq – Digitr...
FinTech Belgium – Fintech Belgium MeetUp on Cybersecurity – F.Lecocq – Digitr...FinTech Belgium
 
Smart card emv for dummies
Smart card emv for dummiesSmart card emv for dummies
Smart card emv for dummiesBACKSEATRIDER
 
E-commerce security using asymmetric key algorithm
E-commerce security using asymmetric key algorithmE-commerce security using asymmetric key algorithm
E-commerce security using asymmetric key algorithmgauravv7536
 
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengManaging & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengKnowledge Group
 
PCI Compliance (for developers)
PCI Compliance (for developers)PCI Compliance (for developers)
PCI Compliance (for developers)Maksim Djackov
 
From Bad to Worse: How to Stay Protected from a Mega Data Breach
From Bad to Worse: How to Stay Protected from a Mega Data BreachFrom Bad to Worse: How to Stay Protected from a Mega Data Breach
From Bad to Worse: How to Stay Protected from a Mega Data BreachPaymetric, Inc.
 

Semelhante a Cracking Chip & PIN (20)

Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017
 
End-to-End Encryption for Credit Card Processing
End-to-End Encryption for Credit Card ProcessingEnd-to-End Encryption for Credit Card Processing
End-to-End Encryption for Credit Card Processing
 
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011
 
Graph Gurus Episode 34: Graph Databases are Changing the Fraud Detection and ...
Graph Gurus Episode 34: Graph Databases are Changing the Fraud Detection and ...Graph Gurus Episode 34: Graph Databases are Changing the Fraud Detection and ...
Graph Gurus Episode 34: Graph Databases are Changing the Fraud Detection and ...
 
Experiment
ExperimentExperiment
Experiment
 
Sect r35 b
Sect r35 bSect r35 b
Sect r35 b
 
Replace The Current Antiquated Credit Card System
Replace The Current Antiquated Credit Card SystemReplace The Current Antiquated Credit Card System
Replace The Current Antiquated Credit Card System
 
Falcon 012009
Falcon 012009Falcon 012009
Falcon 012009
 
Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2
 
System Z Mainframe Security For An Enterprise
System Z Mainframe Security For An EnterpriseSystem Z Mainframe Security For An Enterprise
System Z Mainframe Security For An Enterprise
 
Hacking Point of Sale
Hacking Point of SaleHacking Point of Sale
Hacking Point of Sale
 
Hw09 Large Scale Transaction Analysis
Hw09 Large Scale Transaction AnalysisHw09 Large Scale Transaction Analysis
Hw09 Large Scale Transaction Analysis
 
FinTech Belgium – Fintech Belgium MeetUp on Cybersecurity – F.Lecocq – Digitr...
FinTech Belgium – Fintech Belgium MeetUp on Cybersecurity – F.Lecocq – Digitr...FinTech Belgium – Fintech Belgium MeetUp on Cybersecurity – F.Lecocq – Digitr...
FinTech Belgium – Fintech Belgium MeetUp on Cybersecurity – F.Lecocq – Digitr...
 
Smart card emv for dummies
Smart card emv for dummiesSmart card emv for dummies
Smart card emv for dummies
 
E banking security
E banking securityE banking security
E banking security
 
E-commerce security using asymmetric key algorithm
E-commerce security using asymmetric key algorithmE-commerce security using asymmetric key algorithm
E-commerce security using asymmetric key algorithm
 
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengManaging & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee Seng
 
PCI Compliance (for developers)
PCI Compliance (for developers)PCI Compliance (for developers)
PCI Compliance (for developers)
 
From Bad to Worse: How to Stay Protected from a Mega Data Breach
From Bad to Worse: How to Stay Protected from a Mega Data BreachFrom Bad to Worse: How to Stay Protected from a Mega Data Breach
From Bad to Worse: How to Stay Protected from a Mega Data Breach
 
B Hkorba
B HkorbaB Hkorba
B Hkorba
 

Mais de onthewight

Dr Robin Wilson - Monitoring the environment from space
Dr Robin Wilson - Monitoring the environment from spaceDr Robin Wilson - Monitoring the environment from space
Dr Robin Wilson - Monitoring the environment from spaceonthewight
 
Dr Stephen Prior - Drones and other Unmanned Air Vehicles - Cafe Sci Isle of ...
Dr Stephen Prior - Drones and other Unmanned Air Vehicles - Cafe Sci Isle of ...Dr Stephen Prior - Drones and other Unmanned Air Vehicles - Cafe Sci Isle of ...
Dr Stephen Prior - Drones and other Unmanned Air Vehicles - Cafe Sci Isle of ...onthewight
 
David Prendergast - Innovative Physics - From AI to Fukushima - Isle of Wight...
David Prendergast - Innovative Physics - From AI to Fukushima - Isle of Wight...David Prendergast - Innovative Physics - From AI to Fukushima - Isle of Wight...
David Prendergast - Innovative Physics - From AI to Fukushima - Isle of Wight...onthewight
 
Prof Paul White - The behaviour of marine mammals - Cafe Scientifique - Mar 2018
Prof Paul White - The behaviour of marine mammals - Cafe Scientifique - Mar 2018Prof Paul White - The behaviour of marine mammals - Cafe Scientifique - Mar 2018
Prof Paul White - The behaviour of marine mammals - Cafe Scientifique - Mar 2018onthewight
 
Dr Michelle Hale - Importance Of Marine Phytoplankton In Controlling Climate ...
Dr Michelle Hale - Importance Of Marine Phytoplankton In Controlling Climate ...Dr Michelle Hale - Importance Of Marine Phytoplankton In Controlling Climate ...
Dr Michelle Hale - Importance Of Marine Phytoplankton In Controlling Climate ...onthewight
 
Dr Catherine Mercer and Dr Frank Ratcliff - The 100,000 Genome Project - Jan ...
Dr Catherine Mercer and Dr Frank Ratcliff - The 100,000 Genome Project - Jan ...Dr Catherine Mercer and Dr Frank Ratcliff - The 100,000 Genome Project - Jan ...
Dr Catherine Mercer and Dr Frank Ratcliff - The 100,000 Genome Project - Jan ...onthewight
 
Dr. Jon Whitehurst - Bats, Maths and Maps - Isle of Wight Cafe Sci - Nov 2016
Dr. Jon Whitehurst - Bats, Maths and Maps - Isle of Wight Cafe Sci - Nov 2016Dr. Jon Whitehurst - Bats, Maths and Maps - Isle of Wight Cafe Sci - Nov 2016
Dr. Jon Whitehurst - Bats, Maths and Maps - Isle of Wight Cafe Sci - Nov 2016onthewight
 
NAHT explain Progress 8
NAHT explain Progress 8NAHT explain Progress 8
NAHT explain Progress 8onthewight
 
Dr Richard Crowder - Termites, Bees and Robots - 14 Mar 2016 - Isle of Wight ...
Dr Richard Crowder - Termites, Bees and Robots - 14 Mar 2016 - Isle of Wight ...Dr Richard Crowder - Termites, Bees and Robots - 14 Mar 2016 - Isle of Wight ...
Dr Richard Crowder - Termites, Bees and Robots - 14 Mar 2016 - Isle of Wight ...onthewight
 
News Rewired Presentation - OnTheWight's experience with Automated Articles -...
News Rewired Presentation - OnTheWight's experience with Automated Articles -...News Rewired Presentation - OnTheWight's experience with Automated Articles -...
News Rewired Presentation - OnTheWight's experience with Automated Articles -...onthewight
 
Dr Jen Gupta - Understanding nature’s death ray guns - 13 Oct 2015
Dr Jen Gupta - Understanding nature’s death ray guns - 13 Oct 2015Dr Jen Gupta - Understanding nature’s death ray guns - 13 Oct 2015
Dr Jen Gupta - Understanding nature’s death ray guns - 13 Oct 2015onthewight
 
Professor John Coleman, Phonetics Department, Oxford University, talk "Voices...
Professor John Coleman, Phonetics Department, Oxford University, talk "Voices...Professor John Coleman, Phonetics Department, Oxford University, talk "Voices...
Professor John Coleman, Phonetics Department, Oxford University, talk "Voices...onthewight
 
Innovation at OnTheWight - Presented at What's next for Community Journalism ...
Innovation at OnTheWight - Presented at What's next for Community Journalism ...Innovation at OnTheWight - Presented at What's next for Community Journalism ...
Innovation at OnTheWight - Presented at What's next for Community Journalism ...onthewight
 
Prof Arnold Taylor: The significant experiments of Robert Hooke - 8 June 2015
Prof Arnold Taylor: The significant experiments of Robert Hooke - 8 June 2015Prof Arnold Taylor: The significant experiments of Robert Hooke - 8 June 2015
Prof Arnold Taylor: The significant experiments of Robert Hooke - 8 June 2015onthewight
 
Prof Steve F King 'The standard models in particle physics'
Prof Steve F King 'The standard models in particle physics'Prof Steve F King 'The standard models in particle physics'
Prof Steve F King 'The standard models in particle physics'onthewight
 
Intriguing Neutrinos: The Deep Secrets of Nature’s Ghosts by Dr Elisabeth Falk
Intriguing Neutrinos: The Deep Secrets of Nature’s Ghosts by Dr Elisabeth FalkIntriguing Neutrinos: The Deep Secrets of Nature’s Ghosts by Dr Elisabeth Falk
Intriguing Neutrinos: The Deep Secrets of Nature’s Ghosts by Dr Elisabeth Falkonthewight
 
Nanodevices for the detection of disease by Maurits de Planque
Nanodevices for the detection of disease by Maurits de PlanqueNanodevices for the detection of disease by Maurits de Planque
Nanodevices for the detection of disease by Maurits de Planqueonthewight
 
East Cowes - Proposed development - Solent Gateways - Dec 2014
East Cowes - Proposed development - Solent Gateways - Dec 2014East Cowes - Proposed development - Solent Gateways - Dec 2014
East Cowes - Proposed development - Solent Gateways - Dec 2014onthewight
 
Prof Graham Mills - The Fate of Pharmaceutical Residues in the Aquatic Enviro...
Prof Graham Mills - The Fate of Pharmaceutical Residues in the Aquatic Enviro...Prof Graham Mills - The Fate of Pharmaceutical Residues in the Aquatic Enviro...
Prof Graham Mills - The Fate of Pharmaceutical Residues in the Aquatic Enviro...onthewight
 
Dr Luke Myers - Tidal Power Isle of Wight - Cafe Scientifique - Sept 2014
Dr Luke Myers - Tidal Power Isle of Wight - Cafe Scientifique - Sept 2014Dr Luke Myers - Tidal Power Isle of Wight - Cafe Scientifique - Sept 2014
Dr Luke Myers - Tidal Power Isle of Wight - Cafe Scientifique - Sept 2014onthewight
 

Mais de onthewight (20)

Dr Robin Wilson - Monitoring the environment from space
Dr Robin Wilson - Monitoring the environment from spaceDr Robin Wilson - Monitoring the environment from space
Dr Robin Wilson - Monitoring the environment from space
 
Dr Stephen Prior - Drones and other Unmanned Air Vehicles - Cafe Sci Isle of ...
Dr Stephen Prior - Drones and other Unmanned Air Vehicles - Cafe Sci Isle of ...Dr Stephen Prior - Drones and other Unmanned Air Vehicles - Cafe Sci Isle of ...
Dr Stephen Prior - Drones and other Unmanned Air Vehicles - Cafe Sci Isle of ...
 
David Prendergast - Innovative Physics - From AI to Fukushima - Isle of Wight...
David Prendergast - Innovative Physics - From AI to Fukushima - Isle of Wight...David Prendergast - Innovative Physics - From AI to Fukushima - Isle of Wight...
David Prendergast - Innovative Physics - From AI to Fukushima - Isle of Wight...
 
Prof Paul White - The behaviour of marine mammals - Cafe Scientifique - Mar 2018
Prof Paul White - The behaviour of marine mammals - Cafe Scientifique - Mar 2018Prof Paul White - The behaviour of marine mammals - Cafe Scientifique - Mar 2018
Prof Paul White - The behaviour of marine mammals - Cafe Scientifique - Mar 2018
 
Dr Michelle Hale - Importance Of Marine Phytoplankton In Controlling Climate ...
Dr Michelle Hale - Importance Of Marine Phytoplankton In Controlling Climate ...Dr Michelle Hale - Importance Of Marine Phytoplankton In Controlling Climate ...
Dr Michelle Hale - Importance Of Marine Phytoplankton In Controlling Climate ...
 
Dr Catherine Mercer and Dr Frank Ratcliff - The 100,000 Genome Project - Jan ...
Dr Catherine Mercer and Dr Frank Ratcliff - The 100,000 Genome Project - Jan ...Dr Catherine Mercer and Dr Frank Ratcliff - The 100,000 Genome Project - Jan ...
Dr Catherine Mercer and Dr Frank Ratcliff - The 100,000 Genome Project - Jan ...
 
Dr. Jon Whitehurst - Bats, Maths and Maps - Isle of Wight Cafe Sci - Nov 2016
Dr. Jon Whitehurst - Bats, Maths and Maps - Isle of Wight Cafe Sci - Nov 2016Dr. Jon Whitehurst - Bats, Maths and Maps - Isle of Wight Cafe Sci - Nov 2016
Dr. Jon Whitehurst - Bats, Maths and Maps - Isle of Wight Cafe Sci - Nov 2016
 
NAHT explain Progress 8
NAHT explain Progress 8NAHT explain Progress 8
NAHT explain Progress 8
 
Dr Richard Crowder - Termites, Bees and Robots - 14 Mar 2016 - Isle of Wight ...
Dr Richard Crowder - Termites, Bees and Robots - 14 Mar 2016 - Isle of Wight ...Dr Richard Crowder - Termites, Bees and Robots - 14 Mar 2016 - Isle of Wight ...
Dr Richard Crowder - Termites, Bees and Robots - 14 Mar 2016 - Isle of Wight ...
 
News Rewired Presentation - OnTheWight's experience with Automated Articles -...
News Rewired Presentation - OnTheWight's experience with Automated Articles -...News Rewired Presentation - OnTheWight's experience with Automated Articles -...
News Rewired Presentation - OnTheWight's experience with Automated Articles -...
 
Dr Jen Gupta - Understanding nature’s death ray guns - 13 Oct 2015
Dr Jen Gupta - Understanding nature’s death ray guns - 13 Oct 2015Dr Jen Gupta - Understanding nature’s death ray guns - 13 Oct 2015
Dr Jen Gupta - Understanding nature’s death ray guns - 13 Oct 2015
 
Professor John Coleman, Phonetics Department, Oxford University, talk "Voices...
Professor John Coleman, Phonetics Department, Oxford University, talk "Voices...Professor John Coleman, Phonetics Department, Oxford University, talk "Voices...
Professor John Coleman, Phonetics Department, Oxford University, talk "Voices...
 
Innovation at OnTheWight - Presented at What's next for Community Journalism ...
Innovation at OnTheWight - Presented at What's next for Community Journalism ...Innovation at OnTheWight - Presented at What's next for Community Journalism ...
Innovation at OnTheWight - Presented at What's next for Community Journalism ...
 
Prof Arnold Taylor: The significant experiments of Robert Hooke - 8 June 2015
Prof Arnold Taylor: The significant experiments of Robert Hooke - 8 June 2015Prof Arnold Taylor: The significant experiments of Robert Hooke - 8 June 2015
Prof Arnold Taylor: The significant experiments of Robert Hooke - 8 June 2015
 
Prof Steve F King 'The standard models in particle physics'
Prof Steve F King 'The standard models in particle physics'Prof Steve F King 'The standard models in particle physics'
Prof Steve F King 'The standard models in particle physics'
 
Intriguing Neutrinos: The Deep Secrets of Nature’s Ghosts by Dr Elisabeth Falk
Intriguing Neutrinos: The Deep Secrets of Nature’s Ghosts by Dr Elisabeth FalkIntriguing Neutrinos: The Deep Secrets of Nature’s Ghosts by Dr Elisabeth Falk
Intriguing Neutrinos: The Deep Secrets of Nature’s Ghosts by Dr Elisabeth Falk
 
Nanodevices for the detection of disease by Maurits de Planque
Nanodevices for the detection of disease by Maurits de PlanqueNanodevices for the detection of disease by Maurits de Planque
Nanodevices for the detection of disease by Maurits de Planque
 
East Cowes - Proposed development - Solent Gateways - Dec 2014
East Cowes - Proposed development - Solent Gateways - Dec 2014East Cowes - Proposed development - Solent Gateways - Dec 2014
East Cowes - Proposed development - Solent Gateways - Dec 2014
 
Prof Graham Mills - The Fate of Pharmaceutical Residues in the Aquatic Enviro...
Prof Graham Mills - The Fate of Pharmaceutical Residues in the Aquatic Enviro...Prof Graham Mills - The Fate of Pharmaceutical Residues in the Aquatic Enviro...
Prof Graham Mills - The Fate of Pharmaceutical Residues in the Aquatic Enviro...
 
Dr Luke Myers - Tidal Power Isle of Wight - Cafe Scientifique - Sept 2014
Dr Luke Myers - Tidal Power Isle of Wight - Cafe Scientifique - Sept 2014Dr Luke Myers - Tidal Power Isle of Wight - Cafe Scientifique - Sept 2014
Dr Luke Myers - Tidal Power Isle of Wight - Cafe Scientifique - Sept 2014
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Último (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Cracking Chip & PIN

  • 1. Risk Management First lesson of Banking – no Risk, no Profit. Financial Security models are always a balance. No System is Secure but it can be judged Secure Enough. Bankers have been evaluating risk and profit since the days of barter. No Security model exists in isolation. Chip & PIN builds on a considerable existing security framework
  • 2. Business Objectives Driven by simple commercial proposition Augmented by reputational elements Incorporate behavioural evolution Needs to account for and predict technology. Needs to be viable for all parties. Subject to review and planned to continuously evolve.
  • 3. Crypto Basis of Trust RSA Public Key Scheme Static Data Authentication Dynamic Data Authentication Triple (Double Length) DES Online mutual Authentication PIN What you have: Token What you know: Crypto engine / Keys / PIN
  • 4. Attack Scenarios Forced attack / threat e.g. Theft Card not present / non PIN verified e.g. Internet Mobile Commerce International e.g. Fallback
  • 5. Attack Scenarios Hard Attack of Crypto – RSA or 3*DES Exploit Procedural Elements e.g. Relay Transaction flow logistics e.g. Terminal Minder Disintermediate parties e.g. Wedge Technology Element e.g. Differential Power Analysis
  • 6. Investment / Reward 800 Million cards and growing. Fraud is a commercial business. Cost / Benefit model based. Requires significant resource dedication. Limited skill set availability. Requires greater resource to exploit. Active detection methods can rapidly terminate activity.
  • 7. Chip & PIN Today Overall scheme security remains intact and strong Hard card attack scenarios provide poor business case Soft card attack scenarios exploit interfaces and provide little business case Largest exposure remains non-chip usage New channels building in support to leverage chip and PIN – e.g. HomePay reader at home Still fit for purpose !!
  • 8.
  • 9. Remote authentication to remote services such as home banking
  • 10. P2P, B2B, and G2P payment processing