Smart card aims to fight fraud
Peter Tomlinson
pwt at iosis.co.uk
Wed, 13 Mar 2002 19:18:52 -0000
Having looked on the PrivaSys web site at the URL given on the list, I
cannot see any sign of card contacts (which would have to be on the front,
i.e. the keypad side). But looking round the rest of that web site, it just
looks to me like a spoof. Anyway, I have asked one of the big suppliers to
investigate.
Peter
----- Original Message -----
From: "Peter Fairbrother" <peter.fairbrother@ntlworld.com>
To: <ukcrypto@chiark.greenend.org.uk>
Sent: Wednesday, March 13, 2002 3:29 PM
Subject: Re: Smart card aims to fight fraud
> > Charles Lindsey wrote:
>
> > On Tue, 12 Mar 2002 23:13:02 -0000
> > "Peter Tomlinson" <pwt@iosis.co.uk> said...
> >
> >>
> >> I think this is a spoof.
> >
> > I don't see why, given the assumption that it is meant to plug in to the
> > merchant's machine like the new-fangled smart credit cards, and not to
> > operate via the magnetic stripe.
>
> That's not what their website says -
>
> "The PIN decrypts the cardholder's account number, which is displayed on
the
> LCD and written to the magnetic stripe."
>
> Good trick, if they can do it. Maybe they just disable the mag stripe
unless
> the correct PIN is entered, but -
>
> "Correct PIN entry dynamically changes the card's LCD and magnetic stripe
to
> include the Dynamic Authentication Code."
>
> Perhaps they have small electromagnets in the stripe that are only
activated
> for a minute or so.
>
> Raises all sorts of interesting possibilities...
>
> -- Peter Fairbrother
>
>
>