Fraudsters 'can hijack chip and pin details in-store'
Chip and pin card details could be hacked by fraudsters while shoppers make purchases, British researchers found.
It is possible to hijack chip and pin details if the payment machine has been doctored, a Cambridge University team said.
They managed to intercept a cardholder’s details during a legitimate transaction in a bookshop.
The researchers then used those details to carry out further unauthorised purchases with a fake card.
It was the first time the team from Cambridge University’s computer laboratory had proved glitches in chip and pin security during an in-store transaction, according to BBC One’s Watchdog.
The Cambridge team managed to read a legitimate user’s chip and pin details via a tampered in-store terminal.
Those details could be sent wirelessly by an in-store accomplice to fraudsters who used them to make purchases elsewhere from a fake card using the victim’s account details.
The scam only works if unscrupulous staff insert the tampered machines and alert accomplices outside the store.
Watchdog producer Alan Holland said: “We have used this as a way to show that the system is not infallible.
“These academics are clever but there are thieves out there who are going to be equally clever but more driven.
“It is not particularly expensive to do and it hasn’t been that complex as an electronic process.”
Cambridge researcher Steven Murdoch said: “We can read all the details from a Chip and PIN card to make a purchase.
“I’ve just bought £50 worth of goods with this fake card, but the money has actually come off someone else’s card.”
CONNECT WITH US TODAY
Be the first to know the latest news and updates
