Experts reveal how chip and pin is open to fraud

Computer researchers claim to have found flaws in the chip and pin system through which criminals are using stolen cards.

The group from the University of Cambridge's Computer Laboratory found that a wedge can be inserted between the stolen card and a terminal which makes it seem to the machine that the pin was correct, when in fact any can be used.

Dr Steven Murdoch, one of the researchers, said: "We have tested this attack against cards issued by most major UK banks. All have been found to be vulnerable."

Victims of this type of chip and pin fraud may encounter problems obtaining refunds from banks as receipts state "Verified by Pin".

Ross Anderson, a Cambridge professor of security engineering, said: "Over the past five years, thousands of cardholders have had stolen chip and pin cards used by criminals. The banks often tell customers that their pin was used and so it's their fault.

"Yet we've shown that it's easy to use a card without knowing the pin - and the receipt will say the transaction was Verified by Pin' even though it wasn't.

"This is not just a failure of bank technology. It's a failure of bank regulation."