Interestingly, the signature could be argued to be better in some cases:

Under British law, a forged signature is never your fault, and the bank/merchant/card processor are liable (I can't remember exactly which, I think it depends). One of the reason that card issuers were so keen to switch to Chip&PIN/EMV is that the liability was turned over to the user. As they thought EMV was "unhackable", always a dangerous thought, it was always assumed that the user had told someone their PIN. It wasn't until relatively recently that the Cambridge University security research group showed that it was crackable, and the banks/etc started taking liability in some cases again.

>> One of the reason that card issuers were so keen to switch to Chip&PIN/EMV is that the liability was turned over to the user.

Not really true. The main reason was the switch in liability to the merchant, if the merchant accepted a transaction without using EMV and PIN.

AFAICT the Cambridge research isn't really that relevant, it doesn't really give you practical attacks, and it's not so much a crack on the chip security itself as it is a piece of Man-In-The-Middle hardware (IIRC, haven't read it for a couple of years).

Under UK law, with a credit card (debit is different), the liability is never with the user. The bank may claim that it was obviously you that did it, or that you gave away your PIN, but where credit is concerned they legally have to refund you the money pending an investigation.

Debit is less strongly protected and comes under banking rules and guidelines, and if you report unauthorised activity as fraud they will usually still take your side.

--edit-- I'm not trying to say EMV is bulletproof, nothing is bulletproof, but the primary method anyone's going to use to get your PIN is still social engineering, or possibly some sort of compromised terminal hardware, which they'd have to make from scratch because accredited devices disable themselves if they detect they've been tampered with.

Cambridge University Computer Science student here.

Not all of the research that has been done has been published, I've seen some very impressive demos!

In any case the published research absolutely does give you practical attacks e.g. http://www.cl.cam.ac.uk/research/security/banking/nopin/

or http://www.cl.cam.ac.uk/research/security/banking/intercepto...

I have no doubt you're right, and the banks absolutely should not reject fraud reports based on PIN.

I've had a read of the first paper there, the nopin one, and it reads like a really preventable flaw in the IAD, which (as it's issuer specific) could be very easily fixed without the involvement of terminal vendors. I agree with the conclusion that the TVR is a flawed concept though, I had always assumed (never having worked directly for an issuer) that there would be enough data in the IAD to marry up the terminal and card perspectives on what had happened.

And on the second one I'd be the first to agree that SDA and offline-plaintext PIN are a bad idea, I could have told you that when I did my first implementation in 2001!

--edit-- I had actually assumed that by now the cost differential between SDA/plaintext and DDA(or CDA)/encrypted cards would be so small that nobody would use the SDA cards any more. Guess I was wrong!

It's better for the user when it comes to challenging a fraudulent purchase, but in terms of security, it's worse. That was the point.

There is no such thing as just "security".

If the expected loss of funds for the user is lower, it is more secure - for the user.

Actually that's subjective. If the overall fraud is lower then (potentially, I'm sure this doesn't actually happen) fees, charges, interest rates etc could be lower for all users, therefore they would benefit from security that lowered the overall cost of fraud and the overall number of incidences of fraud, even if individuals that directly experience fraud are worse off.

Yes, but "security" isn't "overall cost", its about risk. I am more secure, even if my expected cost is higher, if I don't directly bear any risk of unconsented loss even if the overall incidence of fraud is higher and I am paying a distributed share of those costs.

You always bear some risk of unconsented loss.

With EMV the risk of an incident is much lower.

The risk of not being able to recover the money may be higher.

You're more secure.

--edit-- I say may be higher because AFAICT there are no good figures on this.

It was John Hargrave from zug.com, but I think zug is no longer with us.