Jump to content

This is pretty cool, one card to rule them all!


JStump

Recommended Posts

I have a chip in one of mine but use it as a magstripe still. No NFC/prox cards from my bank yet.

its actually a different chip than NFC I believe. These chips look like the pads on a micro sim or laundry card if you ever used a prepaid laundry card at the laundromat.
Link to comment
Share on other sites

The chip you are referring to is the EMV IC chip (Europay, MasterCard, Visa, Integrated Circuit)

 

Oddly enough, the EMV IC concept was actually designed for exactly what this COIN card is doing, multiple accounts, single card. It basically evolved into a supposed "better" system for security and anti fraud.

 

The physical chip in the new cards is an electric contact point. No different than a SIM-card. It still requires the insertion of the card into the reading device. 

The new "chips" themselves are passive, requiring no powering device such as a battery. They do not transmit radio frequency, and require direct electrical contact with the reading device.

 

The COIN device is attempting to add more security methods, such as bluetooth presence awareness, that require the battery and thus, the limited life.

 

The reason why the payment industry is stating that this method is more secure is 2 fold - first, the need for a direct electrical connection with the card makes near field scanning of data much more difficult (although rogue swiping is still a potential) - but along with the physical connection, comes the ability to add cryptographic algorithms all the way to the connection point of the card, instead of only at the transaction level. You can't encryption magnetic signals.

Second, is the implementation of the "chip and PIN" system that is more common over seas. Chip and PIN requires the entry of a PIN with every transaction, rather than a simple swipe, or swipe and sign. We can see the somewhat obvious benefit of 2 factor security here...

 

Card skimming, hardware cloning, PIN harvesting, hidden hardware MiTM... all still valid attacks... not to mention, the chip and PIN method of security only works for offline and local transactions... the online transactions are still just as vulnerable as they are now... 

Edited by banditj13
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...