Friday, January 08, 2010

Y2K+10 it finally caught up with us

Europe, particular Germany, Europe's largest economy has been shaken by a glitch in a security chip that is implemented in most ATM and some credit cards. This chip allows for additional security and is in some cases the only way for merchants to accept cash-less payments. Due to the weak security of the magnet stripe on the back of ATM and credit cards that chip was implemented. Up to midnight December 31st 2009 everything was fine. After that suddenly cards were rejected. Now after close to a week of confusion finally the riddle is solved, most ATM machines and merchants can now accept payments again. And this only because thousands of payment terminals and ATMs have been patched with new software.
Rumors say that the source for this disaster is a programmer at a french company producing the chips, confusing the format (hexadecimal or decimal) of the expiration year. Thinking that the year is in hexadecimal format, which did not matter for 09 but making the value 10 (hex) suddenly become a 16 (dec) in the decimal system. Since ATM cards usually have a lifetime/expiration of 5 years in Europe those cards were being rejected. According to various sources over 30 Million German ATM/credit cards have been affected. Even ATM cards in Australia seem to be impacted.

1SSA - Security Consulting, Training and Products