{"guid":"import-ec1c4bafaa3e2f5449","title":"Security Failures in Smart Card Payment Systems","subtitle":"Tampering the Tamper-Proof","slug":"25c3-2953-en-security_failures_in_smart_card_payment_systems","link":"http://events.ccc.de/congress/2008/Fahrplan/events/2953.en.html","description":"PIN entry devices (PED) are used in the Chip \u0026 PIN (EMV) system to process customers' card details and PINs in stores world-wide. Because of the highly sensitive information they handle, PEDs are subject to an extensive security evaluation procedure. We have demonstrated that the tamper protection of two popular PEDs can be easily circumvented with a paperclip, some basic technical skills, and off-the-shelf electronics.\n","original_language":"eng","persons":["Steven J. Murdoch"],"view_count":55,"promoted":false,"date":"2008-12-27T01:00:00.000+01:00","release_date":"2008-12-30T01:00:00.000+01:00","updated_at":"2025-08-26T00:30:03.128+02:00","tags":["25c3"," Hacking"],"length":3528,"duration":3528,"thumb_url":"https://static.media.ccc.de/media/congress/2008/25c3-2953-en-security_failures_in_smart_card_payment_systems.jpg","poster_url":"https://static.media.ccc.de/media/congress/2008/25c3-2953-en-security_failures_in_smart_card_payment_systems_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2008/import-ec1c4bafaa3e2f5449-timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2008/import-ec1c4bafaa3e2f5449-thumbnails.vtt","frontend_link":"https://media.ccc.de/v/25c3-2953-en-security_failures_in_smart_card_payment_systems","url":"https://api.media.ccc.de/public/events/import-ec1c4bafaa3e2f5449","conference_title":"25C3: nothing to hide","conference_url":"https://api.media.ccc.de/public/conferences/25c3","related":[{"event_id":124,"event_guid":"import-4ef0accbc71134a330","weight":4},{"event_id":1064,"event_guid":"import-95d8bc2858a58621e6","weight":3},{"event_id":1661,"event_guid":"import-f96ec72f41d4dca7d6","weight":2},{"event_id":3694,"event_guid":"ef62eb53-cb69-42c6-aab0-bc9d3b0e1e92","weight":2}],"recordings":[{"size":451,"length":3528,"mime_type":"audio/ogg","language":"eng","filename":"25c3-2953-en-security_failures_in_smart_card_payment_systems.ogg","state":"downloaded","folder":"audio_only","high_quality":true,"width":720,"height":576,"updated_at":"2014-05-10T15:26:46.249+02:00","recording_url":"https://cdn.media.ccc.de/congress/2008/audio_only/25c3-2953-en-security_failures_in_smart_card_payment_systems.ogg","url":"https://api.media.ccc.de/public/recordings/2285","event_url":"https://api.media.ccc.de/public/events/import-ec1c4bafaa3e2f5449","conference_url":"https://api.media.ccc.de/public/conferences/25c3"},{"size":451,"length":3528,"mime_type":"video/mp4","language":"eng","filename":"25c3-2953-en-security_failures_in_smart_card_payment_systems.mp4","state":"downloaded","folder":"video_h264_720x576","high_quality":true,"width":720,"height":576,"updated_at":"2016-01-27T11:03:32.972+01:00","recording_url":"https://cdn.media.ccc.de/congress/2008/video_h264_720x576/25c3-2953-en-security_failures_in_smart_card_payment_systems.mp4","url":"https://api.media.ccc.de/public/recordings/2284","event_url":"https://api.media.ccc.de/public/events/import-ec1c4bafaa3e2f5449","conference_url":"https://api.media.ccc.de/public/conferences/25c3"}]}