Keith C. Perry on 7 Mar 2018 12:10:20 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] POS Malware Found at 160 Applebee’s Restaurant Locations


I'm not sure 'bout that one Rich...

If you authorize the value of a payment, my understanding of this "signed" transaction  is based on the what you are authorizing.  If you are saying that both of those could be changed before sending so that everything matches then I agree but that would be a very poor hack because the receipt you get would not match the transaction to your bank.  This be easy to challenge.  If something like that happened to even a few transactions it would be easy to spot and the software would be shut down.

I agree with Walt that this is something that is pretty much solved.  At least until a more artful way to committing crime in this regard is mainstreamed.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ 
Keith C. Perry, MS E.E. 
Managing Member, DAO Technologies LLC 
(O) +1.215.525.4165 x2033 
(M) +1.215.432.5167 
www.daotechnologies.com

----- Original Message -----
From: "Rich Freeman" <r-plug@thefreemanclan.net>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Sent: Wednesday, March 7, 2018 2:45:29 PM
Subject: Re: [PLUG]	POS Malware Found at 160 Applebee’s Restaurant Locations

On Wed, Mar 7, 2018 at 2:15 PM, Walt Mankowski <waltman@pobox.com> wrote:
> On Wed, Mar 07, 2018 at 12:46:26PM -0500, Rich Freeman wrote:
>> Even with
>> chip+PIN you're really only able to validate that a card+owner was
>> present, not that they signed the specific transaction being presented
>> to the bank.
>
> Congratulations! You've reinvented how chip cards work! With all due
> respect to ESR's technical chops, this is a solved problem.

Read what I said again.  I have no assurance that when I use chip+PIN
that the transaction I'm authorizing is the one I think I'm
authorizing.

The terminal could display "your total is $100", I could enter my PIN,
and then the terminal could send to my card a transaction for $10k
with the PIN, get the validation code, and send that to the bank.

Also, current chip+PIN doesn't provide a solution for online or phone
transactions.  Ideally a better solution would address this as well.

It would also eliminate the need for PCI compliance, because the
terminal wouldn't need to be secure.  Why we're keying PINs into
untrusted terminals in the first place seems like an anachronism.

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug