Cheap pinpad smart card reader with "PIN firewall"

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Cheap pinpad smart card reader with "PIN firewall"

Martin Paljak-4
Hello,

I just discovered that there is a new and cheap (20€) pinpad reader
publicly available in Estonia, with the advertised name of "Gemalto
CT710". It has a PIN firewall, which prohibits ISO7816-4 PIN related
commands (VERIFY etc) from the host, meaning that even if your host is
infected with malware it can't re-use an already stolen PIN or
activate keys without manual PIN entry on the reader keypad. Only
three readers have this feature in the big CCID Reader Matrix at this
time.

Unfortunately it is only possible to buy it through an Estonian
internet bank, but if anyone is interested in one, drop me a line and
I can arrange shipping to at least EU.

https://pood.elion.ee/productInfo/54/id-kaardi-lugeja-gemalto-pinpad-ct710/3700060102047

Best,

--
Martin
+372 515 6495

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Cheap pinpad smart card reader with "PIN firewall"

Martin Paljak-4
On Tue, Oct 15, 2013 at 3:13 PM, Martin Paljak <[hidden email]> wrote:
> Hello,
>
> I just discovered that there is a new and cheap (20€) pinpad reader
> publicly available in Estonia, with the advertised name of "Gemalto
> CT710".


Here are some pictures of the specimen I just bought:  http://imgur.com/a/4aHp6

The reader is logically identical to this one:
http://pcsclite.alioth.debian.org/ccid/shouldwork.html#0x08E60x34C2

Best,
Martin

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Cheap pinpad smart card reader with "PIN firewall"

Alex Samorukov
In reply to this post by Martin Paljak-4
On 10/15/2013 02:13 PM, Martin Paljak wrote:

> I just discovered that there is a new and cheap (20€) pinpad reader
> publicly available in Estonia, with the advertised name of "Gemalto
> CT710". It has a PIN firewall, which prohibits ISO7816-4 PIN related
> commands (VERIFY etc) from the host, meaning that even if your host is
> infected with malware it can't re-use an already stolen PIN or
> activate keys without manual PIN entry on the reader keypad. Only
> three readers have this feature in the big CCID Reader Matrix at this
> time.
>
> Unfortunately it is only possible to buy it through an Estonian
> internet bank, but if anyone is interested in one, drop me a line and
> I can arrange shipping to at least EU.
>
> https://pood.elion.ee/productInfo/54/id-kaardi-lugeja-gemalto-pinpad-ct710/3700060102047
Hi Martin,

Do you know if it works fine with OpenSC? I am interested in such device
(i`m living in EU, Czech Republic).


------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Cheap pinpad smart card reader with "PIN firewall"

Martin Paljak-4
It should, depending on the card. Some language related changes are
needed to use for example Russian or Estonian language instead of
English for PIN entry texts, but other than that, it should be a
pretty standard CCID reader with PC/SC v2 part 10 pinpad support.
--
Martin
+372 515 6495


On Wed, Oct 16, 2013 at 12:46 PM, Alex Samorukov <[hidden email]> wrote:

> On 10/15/2013 02:13 PM, Martin Paljak wrote:
>>
>> I just discovered that there is a new and cheap (20€) pinpad reader
>> publicly available in Estonia, with the advertised name of "Gemalto
>> CT710". It has a PIN firewall, which prohibits ISO7816-4 PIN related
>> commands (VERIFY etc) from the host, meaning that even if your host is
>> infected with malware it can't re-use an already stolen PIN or
>> activate keys without manual PIN entry on the reader keypad. Only
>> three readers have this feature in the big CCID Reader Matrix at this
>> time.
>>
>> Unfortunately it is only possible to buy it through an Estonian
>> internet bank, but if anyone is interested in one, drop me a line and
>> I can arrange shipping to at least EU.
>>
>>
>> https://pood.elion.ee/productInfo/54/id-kaardi-lugeja-gemalto-pinpad-ct710/3700060102047
>
> Hi Martin,
>
> Do you know if it works fine with OpenSC? I am interested in such device
> (i`m living in EU, Czech Republic).
>

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel