More and more card readers at POS terminals now support tap to pay means of making a payment. If we are not inserting the chip end of the card, how is it providing additional security?
Edit: wow, lots of great information, thank you folks for taking the time and explaining it like I’m 5.
In: 197
from a consumer/user perspective, it not very different, and not “additionally” secure. form a card-issuer perspective, it almost guarantees that the card was present and its crypto/code is not “tampered/copied/duplicated”. ( at least for a properly installed and configured POS system)
unfortunately, many POS systems are not properly configured…
the chip itself is almost foolproof (i.e. extremely sophisticated equipment, and very good engineer is required to dump it’s raw contents, then too, some data is beautifully obfuscated, so that dump itself is useless).
if you are curious, this has already been worked around using ‘creative’ methods. thieves no longer try to duplicate your cards, but will outright steal and modify to accept any PIN. i am intentionally using an old article as this ‘hack’ has already been addressed by VISA and MasterCard POS systems. but there are others, lesser known hacks still around.
[https://arstechnica.com/tech-policy/2015/10/how-a-criminal-ring-defeated-the-secure-chip-and-pin-credit-cards/](https://arstechnica.com/tech-policy/2015/10/how-a-criminal-ring-defeated-the-secure-chip-and-pin-credit-cards/)
Latest Answers