How Secure are Microchips
Banks across the world spend a lot of time and money to protect the information of their customers. An irony, the easiest way for hackers to get information is through their card. The cards have magnetic strips that protect the information of the cardholders, which holds the imprinted digits and signature field, but now things have moved to chips, followed by PIN as safety.
The chip in the card provides greater security than magnetic stripe cards, but one need not be surprised to know that criminals laid their hands on it and broke the security. The bank has been doing enough R&D to protect bank cards from falling into the wrong hands. Till now the protection of cards comprised of printed digits and a signature field, but now what stands between your card and the criminals is OTP and PIN numbers.
In 2010, an independent researcher C Tarnovsky demonstrated the vulnerability in the secure chip product by the name of SLE66 series security. The vulnerability exists in products shipped by Gemalto based on Infineon SLE66/SLE78 since October 2014 into Estonia and Spain Identity card project.
Recently ID cards of Estonia and Spain citizens shipped by Gemalto using Infineon’s secure chip platform were security compromised. The vulnerability was discovered in a generation of RSA keys used and adopted in cryptographic smart-cards and other secure hardware chips.
This was a threat to most government’s electronic institutions like passport, driving license, National ID card, and they feared if these processes can be compromised with. A German semiconductor company which supplied all the facilities with regards to government documents and banking products was compromised.
Third countries like Bangladesh are the most vulnerable and they should keep a check on all these developments of security breaches. Their residents have been found compromising national ID, Electronic Passport, and other facilities.
Researchers have a simple tip for cardholders who want to stay safe. First, never enter the PIN twice during any transaction. If you see an error or that the card is not accepting your request, the best thing to do is to cancel the transaction and insert the card again. Then enter your pin. Second, paying through an app on your phone can be more secure than using your card.
Julia Sowells178 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.