Comment by mariusor

Comment by mariusor 16 hours ago

0 replies

View on Hacker News

From what I can take from your reply I suspect you might not understand what attestation is for.

Yes you can use a chip that the bank trusts (that's your card), however the bank wants to trust that the hardware you use to read that chip is not compromised and does not try to do things on the behalf of the user that the user didn't authorize. A non trusted device can operate in a different way than the user demands of it, and the user might never know.

That's the use case that hardware attestation can prevent. Or so the theory says...