While it is valid that these details need not have been made public as thesis,the Bankers have made this known throughout the world by trying to arm twist the University!
University should have exercised restraint in publishing this thesis, put it on hold , should have attempted to find a solution with the help of Computer experts and then released the Data.
Academicians also have a social responsibility.
Businessmen also must be in constant interaction with the developers and the Academic community to update the softwares for it is in their own interest.
With all these updated systems softwares, look at what has happened in the case of the Citibank, India, where an employee had swindled Rs. 400 crores by circulating a forged Financial product brochure of the organisation.
Story:
University refuses to remove from its website a student’s thesis revealing flaw in chip-and-pin security system of bank cards.
A powerful bankers’ association has failed in its attempt to censor a student thesis after complaining that it revealed a loophole in bank card security.
The UK Cards Association, which represents major UK banks and building societies, asked Cambridge University to remove the thesis from its website, but the request was met with a blunt refusal.
The thesis by computer security student Omar Choudary, entitled “The smart card detective: a handheld EMV interceptor”, described a flaw in the chip-and-pin (personal identification number) security system that allows criminals to make fraudulent transactions with a stolen bank card using any pin they care to choose….
“It is the publication of this level of detail which we believe breaches the boundary of responsible disclosure. Essentially, it places in the public domain a blueprint for building a device which purports to exploit a loophole in the security of chip and PIN,” the letter states.http://www.reddit.com/tb/eu2cs
The Smart Card Detective:a hand-held EMV interceptorOmar S. Choudary