9,157 research outputs found
Network issues and payment systems
Highways, railroads, pipelinesâwe see or hear about these types of physical networks almost every day. But information systems, such as the Internet, and payment systems, such as ATMs and credit cards, also involve networks. Hence, understanding the economics of networks and the unique features of network-dependent industries is crucial to modern life. In this article, James McAndrews outlines some of the unique features of network-dependent industries. He also analyzes some related payment-system issues and demonstrates that determining appropriate public policy would be difficult without a knowledge of the economics of payment networks.Payment systems
Chip and Skim: cloning EMV cards with the pre-play attack
EMV, also known as "Chip and PIN", is the leading system for card payments
worldwide. It is used throughout Europe and much of Asia, and is starting to be
introduced in North America too. Payment cards contain a chip so they can
execute an authentication protocol. This protocol requires point-of-sale (POS)
terminals or ATMs to generate a nonce, called the unpredictable number, for
each transaction to ensure it is fresh. We have discovered that some EMV
implementers have merely used counters, timestamps or home-grown algorithms to
supply this number. This exposes them to a "pre-play" attack which is
indistinguishable from card cloning from the standpoint of the logs available
to the card-issuing bank, and can be carried out even if it is impossible to
clone a card physically (in the sense of extracting the key material and
loading it into another card). Card cloning is the very type of fraud that EMV
was supposed to prevent. We describe how we detected the vulnerability, a
survey methodology we developed to chart the scope of the weakness, evidence
from ATM and terminal experiments in the field, and our implementation of
proof-of-concept attacks. We found flaws in widely-used ATMs from the largest
manufacturers. We can now explain at least some of the increasing number of
frauds in which victims are refused refunds by banks which claim that EMV cards
cannot be cloned and that a customer involved in a dispute must therefore be
mistaken or complicit. Pre-play attacks may also be carried out by malware in
an ATM or POS terminal, or by a man-in-the-middle between the terminal and the
acquirer. We explore the design and implementation mistakes that enabled the
flaw to evade detection until now: shortcomings of the EMV specification, of
the EMV kernel certification process, of implementation testing, formal
analysis, or monitoring customer complaints. Finally we discuss
countermeasures
Annual report 2013
Podeu consultar la versiĂł en catalĂ a: http://hdl.handle.net/11703/8810
Annual report 2012
Podeu consultar la versiĂł en catalĂ a: http://hdl.handle.net/11703/8810
Activity 2006
Podeu consultar la versiĂł en catalĂ a: http://hdl.handle.net/11703/8809
Blackouts: a sociology of electrical power failure
Electricity fuels our existence. It powers water purification, waste, food, transportation and communication systems. Modern social life is impossible to imagine without it. This article looks at what happens when the power goes off. It scrutinises the causes and consequences of accidental electrical power cuts. It begins by identifying the reasons for power failure. In doing so, power generation systems are identified as critical infrastructures. They are more fragile than is commonly supposed, and the argument is made that they are getting frailer. Irrespective of cause, blackouts display similar effects. These social patterns are identified. They include measurable economic losses and less easily quantified social costs. Financial damage, food safety, crime, transport issues and problems caused by diesel generators are all discussed. This is more than a record of failures past. It is contended that blackouts are dress rehearsals for the future in which they will appear with greater frequency and greater severity. Increasing numbers of blackouts are anticipated due to growing uncertainties in supply and growing certainties in demand. Supply will become ever more precarious because of peak oil, political instability, infrastructural neglect, global warming and the shift to renewable energy resources. Demand will become stronger because of population growth, rising levels of affluence and the consumer âaddictionsâ which accompany this
Efficiency and costs of payments: some new evidence from Finland
This paper deals with optimal payment systems. The issue boils down to how large are the costs of different payment media, which can be interpreted as a question of the efficiency of the means of payment. However, there are other qualifications related to the choice of payment media. Here, at least three issues can be distinguished. First is the question of optimal payment medium for each individual payment (size, location, EFTPOS etc.). This choice is not independent of the individual characteristics of the payer and payee. Secondly, there is the question of cost effectiveness of payments for different institutions and sectors. The final issue concerns the social optimum for each payment medium. These issues have been particularly controversial in the case of cash, which is still the dominant payment medium in most euro countries. Part of the controversy arises from the fact that the costs and benefits of different payment media affect different market participants in quite different ways, so that a possible social optimum might not correspond eg to the optima for different firms. The paper contains a short review of calculation methods and empirical results for a sample of countries. It also provides new evidence from Finland, which is to an extent one of the front-runners in payment technology and institutional design in payment systems. This shows up in relatively low overall costs of payments. Our estimate of total costs of payment media is 0.3 per cent of GDP, which is very low by international standards.payment media; cash; payment systems; costs of payments
- âŠ