Chip-and-PIN security goes on trial

By

A trial that could prove to be a test case for the security of chip-and-PIN card technology starts today in the UK.

Alain Job is suing UK bank Halifax, claiming that a fraudster withdrew £2,100 from his account at cash machines despite the fact he did not lose his card and changed his PIN as soon as he received it.

The bank refused to refund the money, claiming that its chip-and-PIN system is secure.

The case is the first of its kind and could set a precedent for whether or not the security of the credit card chip technology is vulnerable.

If it were proved Job’s card had been cloned or hacked, it could be the bank’s responsibility to pay.

Job is optimistic about winning.

“I want the opinion of a judge on this,” he said.

In the US, the burden of proof in such cases falls on banks. Ever ­since a precedent-setting case in the 1990s, banks have been obliged to provide CCTV evidence of a cardholder making a withdrawal or give the money back.

But in the UK, banks can produce evidence from their computer systems to show that a withdrawal appears to have been made by a customer, said Ross Anderson, a security expert at Cambridge University.

Halifax said it was confident it would win the case.

“We will be defending the action quite strongly. This is not about the money ­it is a point of principle,” said a spokesman.

Chip-and-PIN security goes on trial
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2010 Computing
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?