there's some more comment on the ongoing Chip & PIN implementation in the UK at Schneier on Security and Financial Cryptography , with some interesting points being made about how this move co-incides with one to shift the liability for fraudulent transactions from banks to retailers where the terminals haven't been upgraded.
Interesting to note that I've recently received a credit card with an expiry in 2006 which doesn't have a chip on it... I wonder if retailers will start refusing to accept cards without chip&PIN in order to avoid liability.


raesene

Security Geek, Penetration Testing, Docker, Ruby, Hillwalking