>-----Original Message----- >From: piclist-bounces@mit.edu [mailto:piclist-bounces@mit.edu] >Sent: 22 February 2005 14:12 >To: Microcontroller discussion list - Public. >Subject: Re: [AD]: Project offer any one interested? ATM scams > > >Robert, > >On Sun, 20 Feb 2005 21:50:54 -0700, Robert Rolf wrote: > >>...< >> What really peeves me is that much more secure systems >> than mag stripe technology exists (e.g. smartcards), >> but the banking industry isn't YET loosing enough money >> to justify the upgrade. > >UK banks obviously think it's worth it - credit/debit cards >have had chips in them (as well as the magstripe) >for a number of years. Both systems are running in parallel >at the moment, wit a lot of retailers still only >having a swipe-reader, but dual-format readers will refuse to >accept the swipe for a card that has a chip, and >the card has to be plugged in to read the chip. Until >recently this was still confirmed with a signature , >and they almost always do check it (it still amazes me that US >shops hand the card back before you sign the >slip, so checking the signature is obviously not common!). UK >banks are now introducing "Chip & PIN" whereby >at retail tills you plug your card into the reader and enter a >PIN - I believe they didn't think it was safe >to use a PIN on the swipe of the magstripe, for the reasons >being discussed. Interestingly the PIN used by >"Chip & PIN" isn't the same as the one used in ATMs (my >current debit card has a chip, and I use it with a PIN >in ATMs, including abroad, but it doesn't work as Chip & PIN >in retailers - the next replacement will, >though). Personaly I feel the PIN is less secure than a signature in many ways. Once someone has seen you type it in (and let's face it, it's not difficult), they then just have to relive you of the card via pickpocketing or mugging and they have no problems at all using it. No tricky signature to come under the scrutinty of a shop assistant and as a big bonus they can get cash directly from an ATM machine. Mike ======================================================================= This e-mail is intended for the person it is addressed to only. The information contained in it may be confidential and/or protected by law. If you are not the intended recipient of this message, you must not make any use of this information, or copy or show it to any person. Please contact us immediately to tell us that you have received this e-mail, and return the original to us. Any use, forwarding, printing or copying of this message is strictly prohibited. No part of this message can be considered a request for goods or services. ======================================================================= -- http://www.piclist.com PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist