Chip-and-PIN security goes on trial

By

A trial that could prove to be a test case for the security of chip-and-PIN card technology starts today in the UK.

Alain Job is suing UK bank Halifax, claiming that a fraudster withdrew £2,100 from his account at cash machines despite the fact he did not lose his card and changed his PIN as soon as he received it.

The bank refused to refund the money, claiming that its chip-and-PIN system is secure.

The case is the first of its kind and could set a precedent for whether or not the security of the credit card chip technology is vulnerable.

If it were proved Job’s card had been cloned or hacked, it could be the bank’s responsibility to pay.

Job is optimistic about winning.

“I want the opinion of a judge on this,” he said.

In the US, the burden of proof in such cases falls on banks. Ever ­since a precedent-setting case in the 1990s, banks have been obliged to provide CCTV evidence of a cardholder making a withdrawal or give the money back.

But in the UK, banks can produce evidence from their computer systems to show that a withdrawal appears to have been made by a customer, said Ross Anderson, a security expert at Cambridge University.

Halifax said it was confident it would win the case.

“We will be defending the action quite strongly. This is not about the money ­it is a point of principle,” said a spokesman.

Chip-and-PIN security goes on trial
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2010 Computing
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Log In

  |  Forgot your password?