Payment system security is hilariously bad

In Shopshifting: The potential for payment system abuse, Karsten Nohl and Fabian Briunlein showed attendees at Hamburg's Chaos Communications Congress just how poor the security in payment terminals is, and demonstrated several attacks that would let them harvest card numbers and PINs, make undetectable phantom charges and refunds to merchant accounts, and commit other mischief. (more")