just read on spiegel-online about a debit card scam where the crackers broke and entered into gardening centers at night and modified the debit card reading machines — and subsequently obtained a large number of debit card numbers and PINs. surprise, surprise… that must be one of the easiest ways of getting at those details: who is going to check the wiring in your local supermarket or gardening center? just splice a bluetooth node (or a long distance zigbee node, capable of covering 1km range) into the card reader cable, and, voila!
time to switch to real smart cards and do challenge–response based schemes.
