The Dankort is the main Danish payment debit card. It is essentially identical to how Visacard and Mastercard are used in other countries, as far as I know, so security issues raised by me will probably also apply to them.

This talk will talk about the Dankort when used in online transactions.

This talk will contain

• The definition of security I am using; what is a security hole
• An analysis of the legal requirements as set out in Law of Payments (lov om betalinger) §128 stk. 1. and 2..
• An analysis of how the Dankort blatantly obviously does not live up to those requirements.
• An analysis of the answers (or lack of same) I have gotten from The Danish National Bank, The Danish Financial Supervisory Authority and Nets.

The talk will use the debit card payment system on bornhack.dk as an example of an insecure and payment process. (Sorry - I love you Bornhack organizers!)

---

Speakers for The Dankort is insecure and illegal:

---

Metadata for The Dankort is insecure and illegal

To be recorded: Yes

---

URLs for The Dankort is insecure and illegal

Recording: https://www.youtube.com/watch?v=hRFj8wKuE2M

---

Schedule for The Dankort is insecure and illegal

• Sunday, Aug 19th, 2018, 19:00 (CEST) - Sunday, Aug 19th, 2018, 20:00 (CEST) at Speakers Tent