January 2010

Gemalto Counts Cost Of New Year Bug

ATM Queue

"Late Millennium bug" hits Germany leading to over 30 million debit and credit cards damaged and incapable of transactions.

The mishap was reported to have occurred as a result of a programming failure, which left the German credit and automated teller machine (ATM) cards unable to deal with the change in year from 2009 to 2010. About 20 million debit cards known as Girocards or EC cards in Germany and 3.5 million credit cards, were affected by this "Y2K"-like computer bug or a version of the millennium bug 2010 (reports The German Savings Banks and Giro Association or DSGV - Deutscher Sparkassen- und Giroverband).

The bug has left cardholders unable to use their payment cards in drawing cash from the cash machines or make payments throughout Germany and abroad. People were in a state of 'shock' when ATM machines refused to pay-out, as they rejected the plastic money.

Gemalto, the Amsterdam-based giant in security and smartcard solutions, has taken the blame, which apparently will cost around £270 million to put right. The smartcard blunder even caused Gemalto's shares to immediately drop by 3.3 percent.

As per addressing the problem, Gemalto wish to update the faulty cards in the field. It has started distributing a corrective software fix to banks. First the software is installed on their ATM machines. Once a faulty card is inserted into a modified ATM the card is automatically updated with the card fix.

The DSGV approved Gemalto's software fix on January 7, although it might take several weeks for the software to be fully installed by the German banks. The solution would hopefully avoid the need to replace cards that would otherwise be very expensive and time-consuming for the banks, thereby saving up to 263,567,210 GBP ($430 million) of additional cost.

At this stage, according to ZKA (Zentraler Kreditausschuss - the German Central Credit Committee), acceptance of the concerned cards by the ATM and point of sales terminals is widely re-established in the country.

Gemalto has estimated that the whole payment card fiasco could cost between €6 million to €10 million to place things right.

ATMs and payment terminals in shops have been reprogrammed so that only the magnetic stripe of the card can be read. According ZKA, approximately 60,000 ATMs in Germany have already started working again, with fewer than 64, 0000 machines yet to start functioning, as per the latest updates.

Gemalto's rival, Oberthur Technologies, whose chips are also fitted in German bank cards, said it had not been affected by Gemalto's hitch.

The BVR group of cooperative banks said the faulty software had affected about 4 million of the debit cards issued by its member banks, amounting to 15 percent of the total payment cards.

The private bank association BDB also reported problems with its 2.5 million cards. A spokeswoman with the privately-held Commerzbank said some of its cards had been affected but again many of its terminals had already been configured to accept the questionable cards.

Postbank, Germany's largest bank and the owner of the country's biggest retail banking network, however, did not disclose whether its cards had been impacted or not, the AFP reports.

According to a Deutsche Bank spokeswoman, its customers remained unaffected by the faulty payment card issue.

Ironically, the bug issue seems to cause damage to more recently-issued cards, which contain a computer chip designed to provide extra security, while the older cards with magnetic strips on the back seem to be unaffected.

Problems remain mainly with credit cards, so the customers are advised to use their debit cards for the time being. At present, there are about 93 million EC cards in circulation in Germany.

There has been a deep concern among German retailers about how the system failure will affect the broader economy. Many people are still unable to withdraw cash or pay, and some have even had their cards 'eaten' by the ATM, which declared the smartcards had expired. Now the German retail industry is calling on banks to compensate traders for lost earnings.

However, smartcard experts believe that on the whole retailers will not be affected as most of the systems that are running in the retail sector are still using the magnetic stripe instead of the microchip, which got corrupted.

It's the dominant public-sector savings banks and cooperative banks of Germany that were worst hit by this sudden glitch.

Other 2010 bugs!

SpamAssassin which included all versions of cPanel, started blocking huge amounts of legitimate email due to a bug in the spam detection rules with the 2010 date.

Just after midnight on New Year's Day, Symantec's Endpoint Protection Manager caused the next big storm, as it stopped working, stopped updating, and started acting weirdly, after been hit by its own 2010 date bug.

Even Kaspersky software experienced massive update problems on December 30th, according to support forums.

Thus all the above incidents highlight the big loophole of the computers to properly handle the 2010 date.

I really wonder how many other pieces of software are currently malfunctioning, and how many are still waiting to be reported! Computers perhaps need more sophisticated technology to bring in smooth online operations, with each passing year.

Gemalto will continue to re-program in the field some 30 million payment cards, using specially modified ATM machines, and although it appears to be a Herculean task, this solution would negate the need for card replacement and offer a ready answer for any similar future problem.

By Suparna Sen, Smartcard & Identity News


Unable to open RSS Feed https://www.smartcard.co.uk/RSS/scnrss.xml with error SSL certificate problem: certificate has expired, exiting

Video Interviews

Tim Jones talks on the wealth of networks

Christophe Dolique of Gemplus talks about ·SIM

Dominique Brule of Philips Semiconductors talks about Near Field Communication