Researcher: Verifone Point-of-Sale Systems Vulnerable

New technologies such as the EMV algorithm ("Chip and Pin") and NFC were supposed to make payment at the cash register more secure, but new research casts doubt on that.

Researcher Karsten Nohl has demonstrated various weaknesses in the Artema Hybrid, a Verifone payment system installed throughout Germany. In a company blog, SR Labs identified confirmed the vulnerabilities could allow credit card cloning, alteration of transactions, and even fake transactions. The underlying problem is buffer overflows which, when exploited, could lead to malicious code execution.

EMV or Chip and Pin is rumored to be coming to America, one of the last holdout countries in the world, but recent research has shown chip and pin isn't ready. Nor is NFC. Now SR Labs is stating that the payment device isn't secure either.