Jean-Paul,
>>>>> "jb" == Jean-Paul Billon <[EMAIL PROTECTED]> writes:
jb> Hi Dirk,
jb> Two remarks on your thoughts.
[...]
jb> I agree partly with you. If a dishonnest retailer wants to replace its
jb> certified terminals by uncertified and fake ones, the customer will not see
jb> the difference. This is far less easy however than just modifying a program
jb> on a PC. A certified terminal is a physical device you don't buy freely at
jb> the corner's shop (contrarily to a PC)! And to download inside a fake
jb> program that can simulate a real one to deceive both the card and the
jb> acquirer, if not impossible, is very difficult, because you need the
jb> downloading program and the signature keys from the acquirer... Moreover,
jb> in the case of electronic purses, a crucial part of the transaction
jb> security is performed by a special merchant card (SAM) inserted in the
jb> terminal, and you cannot modify such a smart card.
I think the point I'm trying to make here---and it applies to any technology
involving human consent to some transaction---is, that a dishonest dealer
could rewire the display of the terminal so that it would always show the
correct amount but internally he would charge twice or ten times as much (or
just a dollar more to make it less obvious). Unless you built a very solid,
sturdy, and tamperproof box for your terminal, there will always be a way of
fiddling with things like displays, keypads and so (and it really doesn't take
rocket science either).
Dirk
Visit the OpenCard Framework's WWW site at http://www.opencard.org/ for
access to documentation, code, presentations, and OCF announcements.
-----------------------------------------------------------------------------
To unsubscribe from the OCF Mailing list, send a mail to
"[EMAIL PROTECTED]" with the word "unsubscribe" in the BODY of the
message.
