Anderson's book Security Engineering is standard text in the field. The first edition, and a few chapters of the second, are available online.
Anderson's graduate students make a habit of breaking almost every smartcard system that comes out. In 2010, they published a man-in-the-middle attack on EMV or chip-and-pin, an authentication system very widely used in banking.
- Steven J. Murdoch, Saar Drimer, Ross Anderson and Mike Bond (2010), EMV PIN verification “wedge” vulnerability