Slashdot Mirror

← Back to Stories (view on slashdot.org)

2010 Bug Plagues Germany

Posted by CmdrTaco on from the well-that-was-ten-years-late dept.

krou writes "According the Guardian, some 30 million chip and pin cards in Germany have been affected by a programming failure, which saw the microchips in cards unable to recognize the year change. The bug has left millions of credit and debit card users unable to withdraw money or make purchases, and has stranded many on holiday. French card manufacturer Gemalto accepted responsibility for the fault, 'which it is estimated will cost €300m (£270m) to rectify.' They claim cards in other countries made by Gemalto are unaffected."

2 of 233 comments (clear)

  1. Effected? by LSD-OBS · · Score: 3, Informative

    Come on, editors.

    --
    Today's weirdness is tomorrow's reason why. -- Hunter S. Thompson
  2. Re:Untested software by owlstead · · Score: 3, Informative

    Essentially, that opens another huge security gap (which might have been there for a long time but went unnoticed so far).

    It does not necessarily open up a "huge security gap", that's sensationalism. It does add significant "surface" to attack.

    GlobalPlatform cards (used by Visa/Mastercard) have always contained methods to update the Java Card (or other OS) applications on the card. Of course, this requires either signed code or a master key set. One expects this interface to be well tested and certified - and normally they are.

    Normally bank cards (and ID cards/passports) don't get updated in the field. I would not be surprised when upgrading the cards would meet serious problems.