54.224.56.126

Security @ FIT

Security Research Group

PIN (and Chip) or Signature: Beating the Cheating?

Cvrček Daniel, Matyáš Václav, Krhovják Jan,

Klíčové slova

Anotace

Chip & PIN is the name of the new technology supposed to considerably decrease fraud related to payment cards. While this is definitely true from the banks' point of view, what is not so clear are implications for customers - the ultimate card users. Introduction of smartcards within the Chip & PIN deployment exercise is quite likely the most extensive deployment of computers in the human history, with security as a ma jor aspect. We first review some of the most critical issues related to the introduction of Chip & PIN card payment autho- rization, and then discuss our two-phase experiment.1 Our experiment examined, in two phases, whether the introduction of this authorization method is advantageous for an opportunistic thief and whether the cus- tomer truly benefits from the Chip & PIN technology with respect to this opportunistic thief. This is, to our best knowledge, the first presen- tation of non-trivial field experiment results on the ease of PIN in-shop observation to the general public.