Mifare, Oyster and ITSO Cards Hacked Smart Card & Identity News
Mifare, Oyster and ITSO Cards Hacked Smart Card & Identity News
Mifare, Oyster and ITSO Cards Hacked Smart Card & Identity News
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
In Germany, almost all banks <strong>and</strong> bank organisations have converted to modern PIN production methods.<br />
Here the following techniques are used:<br />
1. Thermo Sealing® - The single form is printed on special paper,<br />
folded <strong>and</strong> thermo sealed <strong>and</strong> therewith becomes a casing ready for<br />
dispatch, but which can also be put in envelopes. This method<br />
means up to 60% less paper, no elaborate h<strong>and</strong>ling, <strong>and</strong> no<br />
outdated technology, significantly less time, effort <strong>and</strong> waste. Data<br />
security is provided through a perfect thermo lock which cannot be<br />
opened without visible damage.<br />
2. Single label – The back side of the printed paper has a special<br />
matrix making the PIN invisible. One or more security labels can<br />
be attached to the letter. These labels can have special security<br />
features like void effects or holograms <strong>and</strong> can either be peel-off<br />
labels or special scratch labels where the customer uses his<br />
fingernail or a coin to visualize his PIN. All these labels are<br />
designed to show attempts of manipulation. The final product<br />
could be either in the same size of the old fashioned “Dot.Matrix”<br />
solution or an A4 letter size which is folded.<br />
Scratch label with<br />
void effect Peel-off label Double label with<br />
hologram<br />
3. Double label – The letter is printed <strong>and</strong> the first label is applied. Then the<br />
PIN is printed on the label. Immediately after printing the PIN the<br />
second label is applied so that the PIN becomes invisible. This s<strong>and</strong>wich<br />
technology has the highest security level of all processes used today.<br />
4. Combination of Thermo Sealing® <strong>and</strong> label – In this case the PIN is<br />
hidden by a security label <strong>and</strong> then the product is sealed. This<br />
solution offers double protection of the PIN <strong>and</strong> is the most<br />
widespread form of PIN protection in Germany.<br />
A key point in using such systems is the security of the process. All described systems were supplied by Otto<br />
Künnecke – specialists for card mailing <strong>and</strong> high security systems.<br />
The machines use special black covers <strong>and</strong> a special security lock which does not enable the operator to open<br />
any cover. In case of machine problems the covers can only be opened by an operator <strong>and</strong> a supervisor. The<br />
machines can be integrated in existing HSM surroundings or could be equipped with special encryption <strong>and</strong><br />
decryption hard <strong>and</strong> software. When designing a PIN mailer one key point is that the file sent to the printer<br />
encrypts, the PIN at the latest stage <strong>and</strong> that these PINs are not visible in any software, audit files or at any<br />
device in this process.<br />
OK offers modularly extendable systems in different security levels. Due to high dem<strong>and</strong> <strong>and</strong> the excellent<br />
cost-benefit-ratio these applications are marketed worldwide. Several banks from all parts of the world want<br />
to follow the German example <strong>and</strong> use more modern, secure <strong>and</strong> economic PIN letters. The OK systems are<br />
available with <strong>and</strong> without security software like HSM.<br />
<strong>Smart</strong> <strong>Card</strong> & <strong>Identity</strong> <strong>News</strong> • January 2008<br />
10