Alain Job is suing UK bank Halifax, claiming that a fraudster withdrew £2,100 from his account at cash machines despite the fact he did not lose his card and changed his PIN as soon as he received it.
The bank refused to refund the money, claiming that its chip-and-PIN system is secure.
The case is the first of its kind and could set a precedent for whether or not the security of the credit card chip technology is vulnerable.
If it were proved Job’s card had been cloned or hacked, it could be the bank’s responsibility to pay.
Job is optimistic about winning.
“I want the opinion of a judge on this,” he said.
In the US, the burden of proof in such cases falls on banks. Ever since a precedent-setting case in the 1990s, banks have been obliged to provide CCTV evidence of a cardholder making a withdrawal or give the money back.
But in the UK, banks can produce evidence from their computer systems to show that a withdrawal appears to have been made by a customer, said Ross Anderson, a security expert at Cambridge University.
Halifax said it was confident it would win the case.
“We will be defending the action quite strongly. This is not about the money it is a point of principle,” said a spokesman.
Chip-and-PIN security goes on trial
By
Tom Young
on
Apr 30, 2009 1:54PM

A trial that could prove to be a test case for the security of chip-and-PIN card technology starts today in the UK.
Got a news tip for our journalists? Share it with us anonymously here.
Sponsored Whitepapers
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see