JStump Posted August 29, 2014 Author Report Share Posted August 29, 2014 I have a chip in one of mine but use it as a magstripe still. No NFC/prox cards from my bank yet.its actually a different chip than NFC I believe. These chips look like the pads on a micro sim or laundry card if you ever used a prepaid laundry card at the laundromat. Quote Link to comment Share on other sites More sharing options...
banditj13 Posted August 29, 2014 Report Share Posted August 29, 2014 (edited) The chip you are referring to is the EMV IC chip (Europay, MasterCard, Visa, Integrated Circuit) Oddly enough, the EMV IC concept was actually designed for exactly what this COIN card is doing, multiple accounts, single card. It basically evolved into a supposed "better" system for security and anti fraud. The physical chip in the new cards is an electric contact point. No different than a SIM-card. It still requires the insertion of the card into the reading device. The new "chips" themselves are passive, requiring no powering device such as a battery. They do not transmit radio frequency, and require direct electrical contact with the reading device. The COIN device is attempting to add more security methods, such as bluetooth presence awareness, that require the battery and thus, the limited life. The reason why the payment industry is stating that this method is more secure is 2 fold - first, the need for a direct electrical connection with the card makes near field scanning of data much more difficult (although rogue swiping is still a potential) - but along with the physical connection, comes the ability to add cryptographic algorithms all the way to the connection point of the card, instead of only at the transaction level. You can't encryption magnetic signals.Second, is the implementation of the "chip and PIN" system that is more common over seas. Chip and PIN requires the entry of a PIN with every transaction, rather than a simple swipe, or swipe and sign. We can see the somewhat obvious benefit of 2 factor security here... Card skimming, hardware cloning, PIN harvesting, hidden hardware MiTM... all still valid attacks... not to mention, the chip and PIN method of security only works for offline and local transactions... the online transactions are still just as vulnerable as they are now... Edited August 29, 2014 by banditj13 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.