[6248] in cryptography@c2.net mail archive
Re: Debit card fraud in Canada
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Mon Dec 13 12:06:42 1999
From: "Steven M. Bellovin" <smb@research.att.com>
To: Steve Reid <sreid@sea-to-sky.net>
Cc: cryptography@c2.net
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Mon, 13 Dec 1999 10:49:35 -0500
Message-Id: <19991213154941.17F5C41F16@SIGABA.research.att.com>
In message <19991213013547.A517@grok.localnet>, Steve Reid writes:
> A real-world example of the fact that cryptography is only part of the
> equation, and "tamper-proof" devices are not necessarily so.
>
> Article: http://www.globeandmail.ca/gam/National/19991210/UDEBIN.html
> Mirror: http://www.efc.ca/pages/media/globe.10dec99.html
I personally would like a clearer explanation of just what happened, and what
the "tamper-proof" devices were.
As I read the article, the attack involved subversion of the swipe card
readers. The modified versions apparently recorded both the mag stripe
information and the user's PIN. Are the readers supposed to be
tamper-resistant? Is the account information on the face of the card, as is
true for credit cards? If so, a simple visual recorder -- already used by
other thieves -- might suffice, and all the tamper-resistance in the world
won't help. Crypto, in other words, doesn't protect you if the attack is on
the crypto endpoint or on the cleartext.
This incident might be the trigger that will force smart card deployment. The
problem has always been that the threats were not severe enough to pay for the
conversion cost. Perhaps they now are.
--Steve Bellovin
