Thread: So you think your 'Chip & Pin' card is safe
View Single Post
Old 10-03-2008, 06:52   #27
entwisi
God Member
 
entwisi's Avatar
 

Join Date: Apr 2004
Location: Up Bash
Posts: 7,827
Blog Entries: 3
Liked: 44 times
Rep Power: 4389
Re: So you think your 'Chip & Pin' card is safe
Quote:
Originally Posted by Less View Post
Perhaps we will get someone that knows all about everything coming on and telling us this wouldn't happen with LINUX!
Dig at me eh Less, oh, most ATMs run Windows..........

Sorry I haven't responded earlier but I was away for a couple of days with work(Madrid was very nice BTW ).


Chip and pin is more secure than signature for one huge reason. When you pay you must know the pin, the number of times that I paid with a card where the signature strip was worn away and was never challenged was untrue. Even if you have some dodgy cashier and his mate, unless they know your pin they can't authorise the payment. i.e. you have taken the check away from a human who can be lazy/influenced and given it to a machine who can't be swayed.

When you pay, it is your responisibility to make sure your pin is safe. I cover the pin pad with my left hand so no-one can see what number I'm typing and have even been known to ask someone to move who was shoulder surfing. Don't pretend your own lax standards are the banks fault, they aren't

The pinpad on ATMs are fully hardware encrypted so even if you could 'read' the data being passed internally within the ATM its useless to you. The security for the loading of keys is industry standard and extremely secure. To the point that there was a cock up at one bank who 'accidentally' connected a test machine to their mainframe, All Banks had new encryption keys loaded within 24 hours. The current best time to crack the level we encrypt to is thought to be in the region of 200 years( In fact one of the lesser known uses of Sony PS3s is that they can be grid'd to make suprememly powerful number crunching cells for scientific research).

As with all things, security is as good as the weakest link in the chain, that is usually flesh based. Lets be honest, if a bloke threatened you with a knife/gun at an ATM you'd give him the money/pin/card/whatever.


Less, I think you need to find a new bank. I've never heard of someone charging to use the teller service. Can I recommend Barclays, a good bank who only employ the highest calibre of people
__________________
Ian

Technical God, No 1 Geek And Linux Guru

Have you seen my Flickr pictures?
entwisi is offline   Reply With Quote