Community

Join the Community

23,690
Expert opinions
40,549
Total members
349
New members (last 30 days)
200
New opinions (last 30 days)
29,184
Total comments
Join Sign in

Finextra video interview on CAP vulnerabilities

  0 Be the first to comment
Steven Murdoch
Steven Murdoch
Royal Society University Research Fellow
University College London
Location
London
Followers
1
Opinions
9
Unfollow

Today, Finextra published a video interview with me, discussing my research on banks using card readers for online banking, which was recently featured on TV.

In this interview, I discuss some of the more technical aspects of the attacks on card readers, including the one demonstrated on TV (which requires compromising a Chip & PIN terminal), as well as others which instead require that the victim’s PC be compromised, but which can be carried out on a larger scale.

I also compare the approaches taken by the banking community to protocol design, with that of the Internet community. Financial organizations typically develop protocols internally, and so are subject to public scrutiny late in deployment, if at all. This is in contrast with Internet protocols which are commonly first discussed within industry and academia, then the specification is made public, and only then is it implemented. As a consequence, vulnerabilities in banking security systems are often more expensive to fix...

Read more at Light Blue Touchpaper...

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

4600
 

Share

 
 
 
 
 

Channels

/security
 

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...

Join group

220 opinions 44 members

Comments: (0)

Steven Murdoch
Steven Murdoch
Royal Society University Research Fellow
University College London
Member since
01 Jul 2009
Location
London
Followers
1
Following
0
Opinions
9
Unfollow

Chip and Skim: cloning EMV cards with the pre-play attack

UK Cards Association attempt to supress Cambridge research

Reliability of Chip and PIN evidence in banking disputes

Chip and PIN is broken

Verified by Visa and MasterCard SecureCode

See all Opinions from Steven

More expert opinions

Rory Galvin

Rory Galvin Found and CEO at Navirum

For Advisors, Succession Isn’t An Event - It’s a Strategy

1

Sanju Biswas

Sanju Biswas Marketing Head at Abhiloans

Top 10 AI Courses to Boost Your Career in 2025

1

Onkar Chachad

Onkar Chachad Product Specialist at Veefin

e-Mandate Registration and Processing in India | Setting a Global Benchmark

Sireesh Patnaik

Sireesh Patnaik Chief Product and Technology Officer (CPTO) at Pennant Technologies

Building an Enterprise-Grade Agentic Framework for Financial Institutions

See all opinions

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

23,690
Expert opinions
40,549
Total members
349
New members (last 30 days)
200
New opinions (last 30 days)
29,184
Total comments
Join Sign in

Trending

Md Rezaul Karim

Md Rezaul Karim Director Business Development at Dandelion Payments

Outbound Payments and Remittance from Bangladesh: Balancing Control with Growth

Paul Shumsky

Paul Shumsky CEO & Founder at @Finpace.tech

Why Traditional Mobile Banking Apps Are Reaching Their Limits and How Agentic UI Will Replace Them

Oleg Boiko

Oleg Boiko Founder at Finstar Financial Group

Partnership as a Strategic Asset

Sam Boboev

Sam Boboev Founder at Fintech Wrap Up

Deep Dive: The Rise of Spend Management Fintechs in the EU and UK

Now Hiring

All companies

Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.

Please read our Privacy Policy.

Accept