iTWire - PINs 'strongly protected' by Aussie ATM network

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

PINs 'strongly protected' by Aussie ATM network

PINs 'strongly protected' by Aussie ATM network

E-mail

by Stephen Withers
Tuesday, 21 April 2009
Page 1 of 2 Despite concerns emanating from the US about the security of ATM/EFTPOS networks, the relevant industry body claims best practices are applied in Australia. There have been no reports of such attacks in Australia, said a spokesperson. Featured Whitepaper 5 Best Practices for Smartphone Support Last week we looked at the allegation that criminal elements had found ways of getting inside the ATM network to steal account details and associated PINs. One method is to trick a hardware security module (HSM) into revealing the encryption key used to protect data in transit. HSMs are used around the world, so we wanted to find out whether customers of Australian banks and other financial institutions are at risk from this type of attack. Here's what Chris Hamilton, CEO of the Australian Payments Clearing Association (APCA; the body that manages and co-ordinates the EFTPOS and ATM system) had to say: "HSMs are secure cryptographic devices that are used worldwide, including in Australia, to protect cardholders' PINs. "APCA sets additional rules around the evaluation, configuration and management of these devices which are critical in protecting Australia's ATM and EFTPOS system against PIN-based attacks. "APCA's best practice arrangements for device evaluations provide strong protection for PINs. "Both the physical and logical security of HSMs must undergo evaluation by APCA accredited test laboratories against international security standards. "Only HSMs that have been approved by APCA can be deployed for use in Australia. "APCA's rules also set out stringent operational security standards for participating in Australia's ATM and EFTPOS system and regular audits are performed to ensure participants comply. "The rules for managing HSMs include specific requirements to protect against unauthorised software updates and to further protect PINs. "For example, decrypted PINs are only available inside a highly secure tamper-responsive module within the HSM for the minimal time required to process the transaction and are then actively deleted from memory. CONTINUED << First page < 1 2 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Heathrow Airport Terminal 5 Live with Progress Software

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking