>> One of the reason that card issuers were so keen to switch to Chip&PIN/EMV is that the liability was turned over to the user.
Not really true.
The main reason was the switch in liability to the merchant, if the merchant accepted a transaction without using EMV and PIN.
AFAICT the Cambridge research isn't really that relevant, it doesn't really give you practical attacks, and it's not so much a crack on the chip security itself as it is a piece of Man-In-The-Middle hardware (IIRC, haven't read it for a couple of years).
Under UK law, with a credit card (debit is different), the liability is never with the user. The bank may claim that it was obviously you that did it, or that you gave away your PIN, but where credit is concerned they legally have to refund you the money pending an investigation.
Debit is less strongly protected and comes under banking rules and guidelines, and if you report unauthorised activity as fraud they will usually still take your side.
--edit-- I'm not trying to say EMV is bulletproof, nothing is bulletproof, but the primary method anyone's going to use to get your PIN is still social engineering, or possibly some sort of compromised terminal hardware, which they'd have to make from scratch because accredited devices disable themselves if they detect they've been tampered with.
I have no doubt you're right, and the banks absolutely should not reject fraud reports based on PIN.
I've had a read of the first paper there, the nopin one, and it reads like a really preventable flaw in the IAD, which (as it's issuer specific) could be very easily fixed without the involvement of terminal vendors. I agree with the conclusion that the TVR is a flawed concept though, I had always assumed (never having worked directly for an issuer) that there would be enough data in the IAD to marry up the terminal and card perspectives on what had happened.
And on the second one I'd be the first to agree that SDA and offline-plaintext PIN are a bad idea, I could have told you that when I did my first implementation in 2001!
--edit-- I had actually assumed that by now the cost differential between SDA/plaintext and DDA(or CDA)/encrypted cards would be so small that nobody would use the SDA cards any more. Guess I was wrong!
Not really true. The main reason was the switch in liability to the merchant, if the merchant accepted a transaction without using EMV and PIN.
AFAICT the Cambridge research isn't really that relevant, it doesn't really give you practical attacks, and it's not so much a crack on the chip security itself as it is a piece of Man-In-The-Middle hardware (IIRC, haven't read it for a couple of years).
Under UK law, with a credit card (debit is different), the liability is never with the user. The bank may claim that it was obviously you that did it, or that you gave away your PIN, but where credit is concerned they legally have to refund you the money pending an investigation.
Debit is less strongly protected and comes under banking rules and guidelines, and if you report unauthorised activity as fraud they will usually still take your side.
--edit-- I'm not trying to say EMV is bulletproof, nothing is bulletproof, but the primary method anyone's going to use to get your PIN is still social engineering, or possibly some sort of compromised terminal hardware, which they'd have to make from scratch because accredited devices disable themselves if they detect they've been tampered with.