Re: ATM fraud and C&P

Go To Mortgage 101

Return To Group Index

From: Alex 
Newsgroups: uk.finance
Subject: Re: ATM fraud and C&P
Date: Sat, 13 Nov 2004 11:18:58 +0000

Mike Scott wrote:
> After looking at emvco's spec's, I'm none the wiser.  So could someone 
> enlighten me please as to the exchange between PIN terminal and card? 
> Which of them decides the PIN is valid, and what does the data flow 
> between them look like?

Some links here:

http://www.accesskeyboards.co.uk/EPOS%20System%20Upgrade.htm
ie.
http://www.accesskeyboards.co.uk/mag%20vs%20emv.htm

I understand that usually the pin will be entered on the small devices 
the customer will stick his card into. The pin will not leave this 
device - the device talks to the chip on your card and just tells the 
POS system whether or not the card has been accepted. The device can 
lock the card if it feels like it, requiring that the card be unlocked 
in a bank. I think it's possible for the card reader to palm off it's 
checking of the pin to the POS system but there is a minimum encryption 
standard (triple DES, I believe) for this.