About The Blog

Debate at the intersection of business, technology and culture in the world of digital money, both commercial and government, a blog born from the Digital Money Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« Now here's a practical smart card application | Main | Virtual armour, real armour »

Tamper resistance and PIN pads

By Dave Birch posted May 11 2006 at 1:09 PM

The recent announcement about the Shell garage skimming fraud must have sent a chill through the hearts of many parts of the card industry.

It certainly seems to have upset pin pad supplier Trintech who, in direct contradiction to what I was taught on my PR crisis management course, are ignoring press enquiries about the issue.

An APACS spokesman says, "machines should be tamper-resistant. That didn't happen on this occasion and has led to the criminals being able to perpetrate old-style mag stripe fraud but in a 'new' location."

This mystifies me. Devices of this nature have to go through rigorous certification processes - so if there was an issue with tamper resistance, why wasn't it caught at that stage?

The only bit of good news is that this wasn't a Chip and PIN fraud. It was a PIN and magnetic stripe fraud and presumably until cards no longer carry magstripes that will continue to be a risk.


TrackBack URL for this entry:

Listed below are links to weblogs that reference Tamper resistance and PIN pads:


Seems to me there is an inherent defect with the idea of 'tamper proof' PIN pads.

Firstly, a cleverly designed keypad overlay would mean that no tampering was needed. Press the overlay, the PIN is captured, but at the same time the key press is mechanically sent through to the real key pad. The many different devices out there would make a well designed key pad overlay difficult to spot.

Secondly, a device that looked like a real pad but merely captured the PIN could be used. Then the customer is told "sorry that device has been playing up, use this one". No tampering at all required here either.

The issue, as Jane Adams has said, is the magstripe, and that is not going away for a very long time.

Indeed - although it strikes me that there's a subtext of blame shifting there. Shell should have procedures to deal with equipment repair - forecourt assistants frankly can't be expected to judge what is and isn't fishy.

It looks like the devices may have been taken away by "repairworkers." Tamper-resistance isn't really up to that.

(Click below ... although that is the un-ssl version.)

The comments to this entry are closed.