|
|
|
|
|
|
by Nextgrid
1065 days ago
|
|
|
> still not 100% foolproof because the card itself doesn't have a display and Allow/Deny button. I'm assuming you are thinking about an attack where a compromised terminal processes an attacker-issued transaction (relayed from elsewhere) instead of the genuine one. It seems like a solution to this would be for the card to issue a challenge to the reader and only provide a very short timeframe to answer, so that relaying it elsewhere is impossible due to speed of light and all that. |
|
|