The claim here is that certain merchant terminals (not ATM’s as earlier claimed) are not capable of recognising cloned chip cards.
Millions at risk from chip and Pin | This is Money
Security experts say there is a one in five chance that a terminal in a shop or garage will not spot a ‘cloned’ card. It means criminals who copy people’s cards can go on shopping sprees and spend thousands of pounds. The alarming gap in security is being blamed on the issuing banks, for choosing the cheapest version of the new cards. Banks in France and some other countries are already using a more secure system.
The cloning seems ridiculously easy.
Some experts warned soon after the launch of the system in February that criminals could clone the new cards using equipment readily available over the Internet and costing only some £300 or £400.
And the results are horrendous!
Last month the Daily Mail revealed that criminals had stolen more than £1m after using copied cards to withdraw money from cash machines abroad.
This is because repeated transactions at these terminals no longer register with banks’ head offices as a suspicious pattern of withdrawals.
The root cause appears to lie in the choice of technology by certain banks.
Now it emerges that there may be a similar absence of protection on transactions in this country. The reason is that more than 140m credit, debit and charge cards issued in the UK over the last few years use a technology known as SDA, which stands for ‘static data authentication’.
This is the cheapest option that could have been chosen by the big five banks, which made profits of £33bn last year, and other card issuers. Banks abroad, however, prefer the safer option of the DDA system, which stands for ‘dynamic data authentication’.
Relevance to Bankwatch:
Nothing is simple. The criminals are very capable, and shortcuts in this space will be devastating.
Bankwatch 