It’s ironic when you think about it. The top card security goal of users is to keep from loosing their money due to fraud. Both the magstripe & EMV methods provide a solution to that: magstripe fraud is dealt with quickly and reimbursed by a good bank; EMV tries to prevent it, but no reimbursal. Attackers can defeat both magstripe and EMV. Hence, choosing between the two, the best way to achieve the primary security goal is (for now) to use magstripes, keep a backup card(s), & use the legal approach of banks covering losses for free.

Surprises some readers of my comment, no doubt, as I’ve posted many secure transaction schemes online in the past. However, the banks are scheming harder than ever to push merchants into adopting an insecure solution & dodging liability for their own failure to get the job done. I’ve successfully dodged the damages of credit card fraud at least once, pushing them on the bank, using the strategy I mention above. That WORKS, but EMV might not. Easy choice between the two.

Wow, this works just like “gun control” — doesn’t stop the criminals in the least, but strips all hope of defense from the innocent victims.

Selling the terminals on eBay looks like a weak spot, too. It’s too easy for compromised machines to be introduced that way.

I wished I had the time to list all the links to attack methods used by criminals to bypass Chip-&-Pin! One of them was a simple paper clip! I can’t remember the details though!

As I’ve said on many fora before – I still say the vastly cheaper combo of MagnePrint and PassWindow, and vastly superior in second factor security too! I have no affiliation with these companies – BTW.

There’s also the issue of how the info is saved, by whom and how long. A consumer can’t choose the back office business with access to their info, the best they can do is choose where to use their card.

The EMV protocol (the part using PIN verification with transaction authentication to the issuer) is almost sound. It it too bad that instead of obtaining the nonce (challenge or unique number) from the issuer it gets generated by the payment terminal. There lies the problem uncovered by the papder. If EMV had designed the protocol so that the nonce is provided by the issuer and encrypted with the card key (and thus can not be tempered by the terminal) they would have severly limited posibilities of terminal attacks such as this one.

Also keep in mind that the card is actually not cloned. Transactions are pre-computed for a given card (pre-play) so that they can be played subsequently, for a given amount, country and date. Pre-computation requires the card to be present in a hacked terminal. So security of chip & PIN with current protocol is still much better than chipless cards.

Now the biggest problem for us consumers is that the liability shift operated by the banks when introducing chip & PIN (blame the merchant for PINless, blame the consumer when PIN is used) puts us at a disadvantage. Let’s hope that publicized flaws like this allow consumers to better dispute fraudulent charges.