Triple-DES Upgrade Adding Insecurities?
It's a provocative headline: "Triple DES Upgrades May Introduce New ATM Vulnerabilities." Basically, at the same time they're upgrading their encryption to triple-DES, they're also moving the communications links from dedicated lines to the Internet. And while the protocol encrypts PINs, it doesn't encrypt any of the other information, such as card numbers and expiration dates.
So it's the move from dedicated lines to the Internet that's adding the insecurities.
Posted on April 17, 2006 at 6:48 AM • 29 Comments