[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CARD FRAUD AND COMPUTER EVIDENCE...an article to read




There's an amazing article in talk.politics.crypto called "CARD FRAUD
AND COMPUTER EVIDENCE" which I urge all of you to read. It's 300 lines
long, so I'm not attaching it here.

It's about a case in England that just concluded. A police constable
complained to his local bank (a "building society") that 6 ATM
withdrawals on his record were not made by him.

The bank checked its "security" procedures and concluded that all was
OK and that the man was lying. He was then charged with a crime and
the case went to trial.

The expert witness on computer security and cryptography, Ross
Anderson, the author of the article, has some chilling things to say
about the almost primitive level of security in the bank-ATM system.
He clearly believed the defendant (the constable) was sincere in his
claims and that someone had defeated the primitive security system.

If you don't read the article, I'll summarize the outcome here.
Spoilers follow, so exit now if you don't want to see them.

The man was found guilty of making a false claim (or whatever the
precise charge was). This despite his 19 years with the police (not a
ringing endorsement to some of us, but you know what I mean) and the
ample evidence that many avenues existed for others to have forged his
card and gotten his PIN. In fact, the bank had not bothered to
investigate several hundred previous anomalies....apparently because
these cases had never gotten into a courtroom!

The man is now facing the loss of his constable job, the loss of his
pension, the resulting loss of his house in all probability, and
whatever criminal penalties are handed out.

The lessons for Cypherpunks are not clear, but this story makes for a
compelling read. I suspect there are some real lessons.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
[email protected]       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power:2**859433 | Public Key: PGP and MailSafe available.