Email Address

Password

Date of Birth

Forgotten Password?

The UK's only Multi Agency Credit Report

Take a FREE 30-day no obligation trial. Call 0800 612 0421 9am-5pm, Monday to Friday for help.

Your Free
Credit Report

Your Free
Credit Score

Find A
Credit Card

Debt Advice Centre

Check Any Postcode

Free Identity Theft Check

FREE Multi Agency Credit Report

See more than twice the information compared to any other UK Credit Report

Our Credit Report Monitoring service features:

Multi Agency Credit Reports

FREE Credit Score & Rating

FREE Identity Theft Assistance

Independent, Impartial, Expert Advice

More about Multi Agency Credit Reports

Check Any Postcode

Check as many postcodes as you like, confidentially.

Postcode

Is Chip & PIN security vulnerable to criminals?

Posted in 'Identity Theft' by Richard Catlin

18 February 2010

Chip & PIN, the standard security measure for almost all face-to-face credit and debit card transactions in the UK, has been around for almost 7 years now and has helped to bring about a significant reduction in levels of fraud.

New research from the University of Cambridge has now cast doubts on the security afforded by Chip & PIN, raising fears that criminals could once again start to focus on stolen cards.

The first Chip & PIN transactions in the UK took place in Northampton in May 2003, before being rolled out across the country. The reduction in fraud relating to lost and stolen cards was almost instantaneous, with a £60 million drop between 2004 and 2005.

The reduction in face-to-face fraud has continued, but also seems to have prompted fraudsters to target alternative methods of deception - such as using UK cards in countries that are yet to fully implement Chip & PIN. Identity Theft has also increased at a worrying rate during the recession.

Without going into the details of where the security flaw lies, it involves tricking both the card reader, and the Chip embedded in the card, into thinking that the transaction has been authorised.

The original card is placed in a separate card reader and connected via a discreet cable to a copy of the stolen card. The extra kit sits in a backpack, with the cable running down the inside of a sleeve for concealment. The card then slots into the reader at the till as usual.

When card readers are set by the retailer automatically to ask for a PIN, this new deception technique is able to override that, and convince the machine that the transaction has instead been authorised using a signature. Although PIN entry has replaced signatures at all but a few retailers, card readers still retain signatures as an optional method of authentication.

At the same time, the card (and issuing bank) is tricked into believing that the PIN was entered correctly, and so the transaction is authorised there too.

The card industry has responded to the claims by saying that the security flaw is only theoretical, and that the technology remains safe, but the real risk of criminals exploiting it remains to be seen.

There are a few basic steps you can take to reduce your chances of falling victim to fraudsters, either through cloned or stolen cards, or identity theft. Our free Identity Theft Check Service will not only highlight which areas of your lifestyle put you at risk, but also give you advice on how you can best protect yourself when using credit cards both at home and abroad.

Check your risk for free now