> There is no real protection on card readers (most use Linux with a small shitty password). The protection comes from the contracts and regulations between the shops and the banks.
Wait wait wait... Aren't these EMV cards smart cards using the Java smart card technology? I thought these were heavily using encryption, including PKCS.
They're using challenge/response protected by the PIN no!? If I am not mistaken if you insert a card in a totally compromised reader you cannot clone the card: that alone is already quite an amazing feature compared to where we're coming from with the magnetic stripes ones (and the date to sunset for good magnetic stripes in the EU has already been set IIRC).
A fully compromised reader could trick you in stealing your PIN (so that an accomplice could then later on steal the card physically) and a compromised reader could also trick you into signing a 2 EUR transaction while it's actually wiring 2 000 EUR out of your account but I think that's about it!?
It comes to this: either the card can be cloned from a compromised reader or it cannot. I don't think that someone inserting it's card and getting its PIN intercepted means: "Bad guy can do countless transactions for days on until the account is empty".
If I'm right, that's a very far cry from "protection comes from the contracts and regulations between the shops and the bank".
AIUI a compromised reader can fake one big transaction or maybe a few transaction in quick succession but as soon as the owner pulls its card, they cannot do anything anymore?
Wait wait wait... Aren't these EMV cards smart cards using the Java smart card technology? I thought these were heavily using encryption, including PKCS.
They're using challenge/response protected by the PIN no!? If I am not mistaken if you insert a card in a totally compromised reader you cannot clone the card: that alone is already quite an amazing feature compared to where we're coming from with the magnetic stripes ones (and the date to sunset for good magnetic stripes in the EU has already been set IIRC).
A fully compromised reader could trick you in stealing your PIN (so that an accomplice could then later on steal the card physically) and a compromised reader could also trick you into signing a 2 EUR transaction while it's actually wiring 2 000 EUR out of your account but I think that's about it!?
It comes to this: either the card can be cloned from a compromised reader or it cannot. I don't think that someone inserting it's card and getting its PIN intercepted means: "Bad guy can do countless transactions for days on until the account is empty".
If I'm right, that's a very far cry from "protection comes from the contracts and regulations between the shops and the bank".
AIUI a compromised reader can fake one big transaction or maybe a few transaction in quick succession but as soon as the owner pulls its card, they cannot do anything anymore?