Pin and Chips
Chips, Pins, and other stories
Steve makes some comments about Chip and Pin whihc I do take issue with. I agree that a sevret PIN is harder to duplicate than a signature that is in the public domain (and indeed attached to each card.) BUT if/when a PIN is comprimised then it is comprimised in its totality. And no one can tell between me entering the PIN and someone else.
To keep things simple, we are told to use the same PIN for each and every card, and now we enter our PIN all the time. Shop ques are not like ATM machines either. For an ATM other people tend to stand back, and one can abscur viewing of the keypad with their body. In a shop it is much more open, there is sometimes limited ability to reposition the terminal so that one feels no one else can see the finger presses, and then the shop probably has CCTV (and so we go off into the world of trusting *all* those employees)
But this is not my real issue. The real problem I have is that Chip and Pin means that the banks remove the responsibility for fruad, and push it onto the customer, although the security of the new system would not appear to be bullet proof, as it is still compatible with magnetic cards and signatures…. And if the banks feel less responsible, then there is little economic pressure on them to work to improve things (and all technology needs improving, the cost of forging chip and pin will fall eventually to the point at which it becomes profitable for the criminals)
Signatures were crap. But then the shops didnt seem to check them, and one would have thought that if the banks were being hurt by the fraud they would have tried to tighten that up….
For "amusement", check out Chip and Spin