UK retail bank Lloyds TSB has reportedly admitted that there are security flaws inherent in the chip and PIN payment verification system that has replaced the old signature-based method.
The reputation of the chip and PIN system has come under sustained bombardment in recent days as oil company Shell took the dramatic step of suspending operation of the payment terminals at its UK forecourts.
Shell believes that some of its chip and PIN keypads were tampered with by criminals, which resulted in hundreds of consumers’ bank details falling into the hands of fraudsters.
Now it is being reported that Lloyds TSB, the UK’s fifth largest high street bank, has conceded that fraudsters have been able to clone users’ card details and PIN numbers at payment terminals before using them to plunder accounts from overseas ATMs.
It may be that the increased requirement for Britons to enter their PINs at locations other than cashpoints is contributing to the spike in such cases. Lloyds also says that the patchy deployment of chip and PIN technology at ATMs in mainland Europe is an additional problem.
Fraudsters rely on ATMs reading the magnetic strip on the back of the card to allow access to funds, but most ATMs in the UK now read the card’s embedded chip instead, which is near impossible to clone.