Suggest features to improve banking security

Make photos on the back of all credit/debit obligatory. Some cards offer this already. OK, so it's not foolproof, but it should be a simple and easy thing to do which might make a (small) impact.

Allan

Being mugged for your atm card and being forced at knifepoint/gunpoint to reveal your pin must only account for a very tiny proportion of card fraud.

That's a cute idea!

The trouble is, you still have to give the CVV number when you order online or over the phone, so villains harvesting cards that way will still get it. My suggestion would be to use a scheme like the one banks (or at least the Cooperative Bank) use to verify security codes for telephone banking - the person at the other end just asks you for two digits of the number, and presumably doesn't see the rest on their screen or anything. Thus, they have enough to validate you, but not enough to impersonate you, since the same two digits probably won't come up again (at least, not immediately). I'd suggest a 6-digit security code, with you being prompted for three digits of it. You'd need to educate card users that they should NEVER EVER give out more than three digits.

The ideal, of course, would be a way of proving you know the PIN without actually having to give any of it out, or even any information which could be used to reconstruct it; that's theoretically possible, but the only actual methods i'm aware of involve either multiplying hundred-digit prime numbers or repeatedly computing polynomials over a Galois field, neither of which are terribly easy to do in your head.

tom

And get Amex to stop printing this number on the front of the card where it is easily copied.

As I've discussed before I *really* want a different PIN for purchases and use in an ATM.

I almost never put my Credit Card in an ATM, but it worries me stupid that someone may sholder surf my PIN in a shop, pick my pocket and then immediately go and put my card in an ATM.

And such a really simple change could stop me worring.

tim

Retinal scanning as being rolled out in Japan.

Daytona

I want a CC where you can't use it in an ATM. Banks are not going to issue one of these they are loving the idea that people now know their CC pin to withdraw money.

I'm surprised we haven't seen any 0% incentive offers on the first ATM withdrawal to get people used to using their CC in an ATM.

I enquired about this late last year because I could see the weakness now I knew and used my PIN.

Barclaycard Visa disabled the cash-advance facility on my card while leaving it OK for other transactions. It will not work for cash advances at ATM's or over the counter.

Co-op Visa have flatly refused to provide me with the same facility - but they have agreed to place a note on my file to the effect that I will never use the card for cash-advances and they must treat all such transactions as fraudulent.

I suggest you ask your card issuer for something similar.

In message , Wireless Reader writes

Agreeing to place a note on your file and agreeing to ACT on that note are two quite separate things.

I quite underatand that - but it was the best they would agree to - and I think on the face of it provides some additional protection to the account.

As a legal measure it may well have some value.

Daytona

This is actually allowed in the EMV spec., but banks won't offer it because of the risk of customer confusion.

so that sort of person won't choose to have it will they.

I don't like nanny making decisions for me.

tim

Well surely there is an easy solution for that, enable the card to support 2 pins and set them the same by default, the customer can then change them.