Comment Re:Sorry, it's horribly insecure, (Score 1) 731
PEDs (pin entering devices) are heavily regulated and certified by visa and mastercard (PCI standards) so it's nearly impossible to intercept the pin before being encrypted. It is done in hardware by special purpose cryptoprocessors. Track2 data however can be stolen.
The problem lies that issuing banks should not accept transactions which are not authenticated by the chip as genuine. This is usually hard because of legacy infrastructure that can't handle it, or that they don't want to lose the transaction. After all, lost revenue might be higher than the fraud loses.
If all measures are applied as they are specified, fraud should be very close to zero. Believe me, the people who specified these standards and protocols are quite smart. However banks are very slow moving beasts and replacing all the infrastructure and re-training everyone to hard to understand concepts is costly enough that some fraud can be tolerated