From: norm@netcom.com (Norman Hardy)
To: Lucky Green <shamrock@netcom.com>
Message Hash: c953380278e38cff78acf58a2013e1c8aa1ed45560bc92ef35cc10222e7d7251
Message ID: <ae77aa9900021004b4a1@DialupEudora>
Reply To: N/A
UTC Datetime: 1996-10-02 08:09:17 UTC
Raw Date: Wed, 2 Oct 1996 16:09:17 +0800
From: norm@netcom.com (Norman Hardy)
Date: Wed, 2 Oct 1996 16:09:17 +0800
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Weaknesses in Smart Cards? (Re: FLA_wed)
Message-ID: <ae77aa9900021004b4a1@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain
At 10:04 PM 10/1/96, Lucky Green wrote:
>There is no way to know for sure, since Mondex won't release the specs,
>but just about everybody I talk with that knows at least something about
>their system agrees that if you crack a Mondex card, you will likely be
>able to mint money. Since Mondex allows transfers from card to card to
>card, it may be a long time indeed before the breech is disovered. If I
>were a Mondex issuer, I would be worried. Very worried.
>
>--Lucky
I can imagine a protocol that would allow the Mondex card to issue several
brands of card that would normally appear to be one uniform brand until
fraud was suspected or proven. Then only money passed thru the compromised
brand would be suspect. News of the counterfeit brand would be spread among
cards by a contagion algorithm. One morning your card would greet
you saying that $38 of your cash is counterfeit, or worse, that your card
could issue no money to other cards, but could be returned to the issuer
for a partial refund. I would not want to hide my Mondex card under the matress
for my old age.
I recall hearing something about Mondex that suggested to me that the
card rembered recent large receits and that money had fingerprints
so as to remember, to a degree, where it had been recently. When questioned
about the privacy issues they responded that of course only the authorities
would be able to retrieve such information.
Return to October 1996
Return to “norm@netcom.com (Norman Hardy)”
1996-10-02 (Wed, 2 Oct 1996 16:09:17 +0800) - Re: Weaknesses in Smart Cards? (Re: FLA_wed) - norm@netcom.com (Norman Hardy)