1 post • joined 5 Jun 2009
@Cameron, Fraser, et al.
Bank main-frames which are responsible for the validation of your PIN use tamper-proof hardware security modules (HSMs) such as the IBM 4758 (http://www-03.ibm.com/security/cryptocards/pcicc/overproduct.shtml) and the keypad on any half-decent ATM will be part of a similar device. Furthermore, the network interconnects between an ATM and the bank's mainframe contain similar devices.
Their aim is to ensure that your PIN number, etc cannot be discovered *even if the host machine is infested with malware*. However, this does not prevent the mag-stripe data from being copied since that info is not considered sensitive. It would therefore seem that the goal of this scam is to clone the mag-stripe of cards and use them in "card not present" frauds.
- Breaking Fad 4K-ing excellent TV is on its way ... in its own sweet time, natch
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland
- First Irish boy band U2. Now Apple pushes ANOTHER thing into iPhones, iPods, iPads
- Top Gear Tigers and Bingo Boilers: Farewell then, Phones4U
- Updated iOS 8 Healthkit gets a bug SO Apple KILLS it. That's real healthcare!