The core element in the security of CB bank cards is the chip. It is a sort of strongbox, highly secured through cryptography. This "strongbox" contains data for which the level of protection must be maximum. In particular, these include: the cryptographic keys specific to each card, the confidential code which forms a unique pair with the number of the card, and the attempts counter, which allows the card to be blocked after three erroneous codes.
The technical characteristics of the chip are constantly evolving. Under the auspices of CB, the manufacturers of electronic components for CB cards must also submit their products to "state-of-the-art" security tests to independent laboratories approved by the national information-systems security agency (ANSSI).
As it is an industry that is constantly developing, your next card’s chip will be even more secure than the one in your current card.
One of the factors in securing remote transactions is the three-digit number written on the back of the card, in the signature panel. Associated with other characteristics of the card (number and expiry date), it forms a combination specific to each card.
All of these elements constitute card-personalisation data, calculated by the cryptographic tools of each issuing bank; they are then sent to the card-personalisation workshops approved by CB and regularly audited. These workshops have a level of protection, both physical and logical, that is equivalent to those that manufacture notes for the Banque de France.
Cryptography is a discipline that is used here to perform card authentication, to contribute to the confidentiality of the dialogue between the card and the payment terminal or ATM, and to supply a transaction "signature" from the chip. For this, it uses encryption algorithms and secret keys whose configuration is constantly evolving to remain at the state of the art.
For an even greater degree of security, the cryptography used in the CB system is based on a "DDA" or Dynamic Data Authentication technique. It consists of incorporating, into the chip-terminal exchanges, variable elements specific to each transaction thus identified as unique, so that this identifier cannot be copied or replayed.