Hacker News new | past | comments | ask | show | jobs | submit login

They do, but you can't get the card number from reading the chip. The protocol is a challenge-response one based on a private key stored within the chip.

https://en.wikipedia.org/wiki/Chip_Authentication_Program

You need to read the entire card number + cvc2 + expiry date with your camera. That's not skimming, that's just taking a photo of the card.




No, you can most certainly get the card number and expiry via the chip and even over contactless, as it’s a vital part of transaction routing/processing. There are Android apps that can do it.


If I could I'd delete my original comment since I did more research and you're right.

https://stackoverflow.com/questions/14861908/apdu-command-to...


Yeah, and it's easily solvable with a sticker or a dremel to scrape the number off


You can't dremel it out of the chip, though.


Well technically you can. The card won't be so usable after that though. ;)


Destroying the chip is easy, actually chiseling away the correct trapped electrons making up the PAN in the EEPROM is the challenge ;)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: