Last March, the same security group at Cambridge University demonstrated a chip-and-PIN terminal interceptor technology capable of listening in on the communication between the card and the terminal and then modifying the transaction. "Our current demonstration simply created a legitimately looking, fake terminal that emulates a real one," Drimer said.

Sandra Quinn, a spokeswoman for APACS, a U.K. trade association for the payment industry, said the demonstration highlights a hypothetical situation -- not one that is easily replicated in a retail environment.

"What essentially the computer experts at Cambridge University have managed to do is take a terminal out of its natural environment and replace its innards and make it play computer games," she said. While such tampering might be possible in a laboratory setting, it is not a realistic threat to retailers, according to Quinn. The same has proved true of the interceptor technology demonstrated last year, she said.

At the same time, such hacks show that chip-and-PIN terminals are not fail-safe, she acknowledged. "We only said they were tamper-resistant, not tamper-proof," Quinn said.

Quinn noted that since the U.K. began rolling out chip-and-PIN-based technologies in 2003, retail fraud at the point-of-sale system has been dropping. "Chip and PIN has been highly successful in fighting retail-based fraud, which fell 43% in the first half of 2006," compared with the same period in 2005, she said. For the first half of 2006, retail fraud occurring at point-of-sale systems dropped to just over $81.7 million, in comparison with more than $142 million in 2005.