Credit Cards/Chip and Pin/ATM withdrawls

pin to the card (in which case the card cannot prove to the machine it already knew the pin without just saying "yes").

Fortunately the people who designed the system *can* think of other, more secure alternatives.

If you get hold of a book on modern computer cryptography, you will be amazed at the various methods that exis.

Not so. All you would need would be a "dodgy card" that also had a wireless transmitter on the card that sent the PIN to the thief as soon as the terminal sends it the PIN. The thief then uses the real card that he has stolen.

The system would be a tad more secure than merely having a fixed "OK" or "Not OK" message, as others have pointed out.

At 16:52:28 on 06/01/2006, Cynic delighted uk.finance by announcing:

This is getting ridiculous now. The fraudster has to find a specific target, create an exact replica of one of the target's cards (complete with said miniaturised transmitter), somehow then switch the cards without the target's knowledge, then follow the target around until the card's used, then go off and withdraw a few hundred pounds before the cardholder (hopefully) contacts the bank that day to ask why their card's suddenly stopped working.

Oh, and we've still got the problem of not actually getting to the PIN entry stage unless we already know the bank's secret key, in which case why are we going to all this trouble when we can just clone a card?

Even a *very* dozy sales clerk might notice such a thing.

You might get away with a card with contacts controlled by an on-card wireless link. But so far, the hackers have not been able to break Sky TV's encryption by trying to emulate one of their smartcards, and I should think a credit card would be even better protected.

"Alex" wrote

My Morgan Stanley (Mastercard), for another.

Many months ago (early 2005, I think), they tried asking me to *write* (!) a chosen PIN on a piece of paper, and post it back to them! How daft is that?!

I haven't heard anything else, since I didn't reply...

"Alex" wrote

Mine doesn't expire until later in the summer. I wonder if they'll issue a chipped card before then?

At 16:54:46 on 06/01/2006, Cynic delighted uk.finance by announcing:

Erm, me being one of them. But that doesn't really answer the question does it? We're talking hypothetically here since for either method the fraudster must already know the bank's secret key to get past card authentication and to the PIN entry stage, and there's then no point going to the trouble of a PIN collector card when they can create a card with their own PIN.

Doh! I've been told that several times over the years, but it never sticks.

Still, I know nobody with an American Express.

It isn't if you don't include enough information for someone other than the bank to know who you are.

At 17:41:09 on 06/01/2006, Peter Hucker delighted uk.finance by announcing:

Perhaps not. But you know *of* at least one.

Actually I missed out a didn't.

the danger is, you have been advised against it by them.

Therefore, *should* something untoward happen, which may in no way involve your PIN being discovered, (but might), they will say 'we told you not to do that' and make it much more difficult for you to get your money back.

"Peter Hucker" wrote

That assumes that the reply gets to the bank safely.

What if it's intercepted just after I post it, by someone who saw me post it? They read it then put it back in the post...

Quite apart from the fact that I'd need to travel away from my immediate locality so that someone couldn't guess it was mine just from the postbox used...

I don't remember being told. I've seen things saying don't choose obvious things like 1234, but I have never been told not to make them all the same.

You are the second most pessimistic guy I have seen. And I saw you last night. You are being watched.

At 22:42:36 on 06/01/2006, Peter Hucker delighted uk.finance by announcing:

ITYM paranoid.

Cynic wrote: ...

I was thinking more of use at an ATM. But on reflection I seem to recall the sense from this thread they're currently still using the stripe.

Mind you, given that the expectation is increasingly for the /customer/ to insert the card into the PIN terminal, a careful crook might well be able to get away with a short ribbon cable to his sleeve.

Perhaps. But there's a /much/ bigger vested interest in cracking a bank card than there is for sky's cards; I would expect the criminal effort to be correspondingly greater.

"Alex" wrote

If sending "plain text" PINs through the post is not a legitimate concern, then why don't the banks simply send PINs "plain text" in their notifications?

If you're going to send the PIN "plain text" in the post, you might as well not bother covering the keypad when you enter the PIN at a terminal...!!

Both.