they need to make card-not-present (CNP) transactions more secure and I am aware of a bank mentioned in this thread is trialling something that should solve the problem. See http://www.electrans.com/homepay-chip-and-pin-at-home/what-is-homepay/
Colin
PS - it nails down the 3 criteria necessary for a secure transaction .... card holder present, card present, and location.
That looks like a standard CAP card reader with a mini-USB plug.
In 2009, a team working under esteemed Univ of Cambridge security engineer and Icelandic anti-banking hero, Ross Anderson, presented a critical paper about these card readers.
Anderson's team claimed that the (secret) CAP protocol and the implementations of the protocol that they found in these card readers are a load of smelly old pants:
Abstract.
The Chip Authentication Programme (CAP) has been introduced by banks in Europe to deal with the soaring losses due to online banking fraud. A handheld reader is used together with the customer’s debit card to generate one-time codes for both login and transaction authentication. The CAP protocol is not public, and was rolled out without any public scrutiny. We reverse engineered the UK variant of card readers and smart cards and here provide the first public description of the protocol. We found numerous weaknesses that are due to design errors such as reusing authentication tokens, overloading data semantics, and failing to ensure freshness of responses. The overall strategic error was excessive optimisation. There are also policy implications. The move from signature to PIN for authorising point-of-sale transactions shifted liability from banks to customers; CAP introduces the same problem for online banking. It may also expose customers to physical harm.
(https://forum.kitz.co.uk/proxy.php?request=http%3A%2F%2Fimg252.imageshack.us%2Fimg252%2F6040%2Fcardfraud.png&hash=b9c49b4970350a439c7e14fc252984cbd9a61c48)
http://www.cl.cam.ac.uk/~rja14/
http://www.lightbluetouchpaper.org/2009/10/26/card-reader-vulnerabilitie/
http://www.cl.cam.ac.uk/~sjm217/papers/fc09optimised.pdf
The onus is on the bank to prove you gave the key out, very hard to do so customers should still get refunded.
The Chip & Pin scheme has nothing to do with improving security.
It is the Banks' attempt to shift the burden of proof onto the Customer in cases of fraud.
Liability shift
Canadian Imperial Bank of Commerce (CIBC) spokesman Rob McLeod said in relation to a $81,276 fraud case: “our records show that this was a chip-and-PIN transaction. This means [the customer] personal card and personal PIN number were used in carrying out this transaction. As a result, [the customer] is liable for the transaction.”
The Globe and Mail, 14 Jun 2011
https://media.defcon.org/dc-19/presentations/Barisani-Bianco-Laurie-Franken/DEFCON-19-Barisani-Bianco-Laurie-Franken.pdf
To avoid liability for fraudulent transactions, the Banks are routinely telling the courts that Chip & Pin is uncrackable. Any frauds, say the Banks, must, by definition, be due to customer negligence.
But that is manifestly untrue.
There are countless weaknesses in Chip & Pin, and in its implementations.
Here's another published paper from 2010, from Professor Anderson's team working on Chip & Pin flaws:
http://www.cl.cam.ac.uk/~sjm217/papers/oakland10chipbroken.pdf
(https://forum.kitz.co.uk/proxy.php?request=http%3A%2F%2Fimg39.imageshack.us%2Fimg39%2F2940%2Fcardpay2.png&hash=fe50cb345027834398f78ea83a0f630e4572e1e5)
Many more flaws remain hidden, thanks to the Banks themselves. The Courts are often used to gag academics like Anderson who were going to reveal more weaknesses in the scheme.
Nothing to hide, nothing to fear?
Embedded devices are inherently untrustworthy. They offer numerous vectors of attack. Who makes the final build of the embedded firmware? Who audits the firmware images for "inconsistencies" before they are rolled out? Who burns the firmware to ROM? Where is that done? In some faceless fab facility, out of sight and away from scrutiny?
Many software backdoors are deliberately introduced by organised criminals who have weaseled their way into the build process. These backdoors are left dormant to be exploited only rarely to minimise detection.
This is not a problem that is unique to banking. Politics also has a magnetic quality for criminals.
The electronic voting machines introduced in the 2001 US Presidential Election were highly dubious. The directors of Diebold, the makers of one machine, were openly stating their support for presidential candidate George W. Bush.
And indeed, the Diebold machine was found to be riddled with flaws. Some of the flaws were almost certainly introduced deliberately.
Ultimately, it was shown that an attacker could log into the machine over 802.11 where the vote tallies for the candidates could be altered without leaving any audit trail.
In 2006, academics in the Netherlands made a mockery of the flaws in their voting machines by reflashing the firmware over a hacked wireless connection to the machine. Instead of TouchScreen Voting Software, voters were presented with a chess game on the screen!
It would be funny if it wasn't so serious.
http://wijvertrouwenstemcomputersniet.nl/English