By Martin Brampton, 15 June 2004 09:00
COMMENT New chip-and-PIN cards require you to punch in numeric codes rather than sign your name. The problem with this emerging technology, according to Martin Brampton? Keeping track of all those PINs.
The banks have started to send me chip-and-PIN cards along with colour brochures explaining how wonderful this new technology will be, and how it will not cause me any difficulties at all. Am I alone in worrying that the reality may not be so rosy?
Like everybody else, I have a bank card that is used to get cash from a hole in the wall. To do that, I have long had to remember a PIN and to try to keep the card safe. But I also have a number of credit cards. Usually, I have taken the PIN notifications for credit cards and thrown them away unopened.
Now I know that psychologists assure us there is no practical limit on how much we can remember, so it is not that putting another number in my memory will simply force another one out. But I do know from experience that when I don't use a password or PIN for a while, I simply forget it. Or, just as bad, I fail to remember which of several it might be. And most PIN-based systems allow a limited number of tries before preventing you from logging in.
In fact, I can remember the PIN for a credit card that I no longer have. What use is that, you may ask? Well, it stuck in my mind because I thought it was the year in which Columbus discovered America. That is the kind of thing you are supposed to use to help remember numbers. It can easily backfire, though. I am not confident that I really know when Columbus discovered America, so if I forgot the number and attempted to look in a history book, the answer might not be my PIN.
One thing the banks offer to make life easier is the ability to change PINs. Well, they make it a bit easier. It may involve a certain amount of travelling around, as some banks stipulate that you can only change a PIN at a branch of the bank, not through just any old cash machine.
Being a modern man, I naturally rely on internet banking. It works so well that I have never visited a branch of my current bank and have only telephoned a couple of times in five years. Everything else has been done through the internet.
Since my excellent internet bank has only a few branches, it will be something of an expedition to find one. And I will have to better organised than usual, if I am to arrive at the machine armed with all the relevant cards and their various PINs.
Still, if I persevere, in time I can have every card set with the same PIN. Of course, there are still the PINs for my mobile phone and some of the online services I use. Well, maybe I could get them all into line eventually.
A new worry occurs to me, then. If I have everything secured by a single PIN, how will I fare if a malicious person finds out that number? The banks assure me that the keypads I will have to use for chip-and-PIN cards are designed so that nobody else can see what I am keying. Published pictures look rather less reassuring and I remember stories about thieves who have installed miniature video cameras on cash machines.
I suppose if there is a danger that somebody knows my PIN, then all the cards could be cancelled. Will I be able to remember all the things the PIN applies to, though? If things go wrong, one the first things the banks ask is whether anyone knows my PIN. What will I say if I am not sure?
Maybe I am poorly organised and everybody else will manage these PINs without difficulty. One thing that makes me doubt that is the way people use the ever-popular PDA. The single most common PDA application is one that stores a selection of PINs, usually in plain text with no password protection - hardly the perfect solution to the problem.
Comments
There are 61 comments. Join the discussion
1. Darrall
Complete brain freeze. I forgot my PINs.....I don't know whether it was excess of alcohol the day before or the mere fact that I have too may cards. It was rather embarissing when I couldn't put my PIN in @ Tescos for no less than three cards. Eventually they just let me sign my receipt; but not without having to smile stupidly whilst trying to compare me with my driving license photo taken 6 years previous.
2. Mike Perrett
Despite the issues raised in the article, I can't help feeling that chip and pin is a better solution. After all a thief has to go to some lengths to find out my pin, whereas my signiature is written on the reverse side.
Just how difficult is it to remember a pin anyway. Not that hard considering you probably remember so much other stuff: phone numbers, birthdays, passwords, addresses and so forth.
If you do forget your pin then you can fail back to the old signature anyway. Seems a non issue to me.
As for a PDA app to store pins - how stupid can you get? I would never, ever do something so daft.
3. Rachel Fletcher
I have to say I fully agree.
Although most shops are able to bypass the pin number and select "Customer Signature" as an alternative when you can't remember them, this failed miserably on my last visit to a well known supermarket chain and after several tries at the till and the customer services I ended up using another card from another bank which did not have a chip and pin AND that's the one number I can remember.
I tell you what though, I've stopped setting the burglar alarm as well since setting it off a couple of times trying the card codes instead of the alarm code!!
4. anonymous
Totally agree. I think Chip and PIN is definitely the way forward but as for remembering all these PINs and security passwords its practically a science just to get your bank balance.
My favourite security question for an account I very rarely check is 'A memorable place' - by the time I'm 80 this could be a difficult question to get right.
5. Chip anpin
"...keypads I will have to use for chip-and-PIN cards are designed so that nobody else can see what I am keying...."
That's bilge!
I stood at the end of a supermarket checkout and could clearly see my collegue's PIN. This PIN is also the one he uses at cash points. But I am sure that thieves won't have thought of this and the whole system is perfectly safe :-)
6. John Lambert
Phew, I thought it was just me. I've forgotten the PINs for my credit cards and just use the one for my cashcard. I don't want or need another PIN or password. I'm amazed that I remember as many passwords as I do; many of the people I support at work really struggle with passwords.
7. Ian Livermore
Being a IT UK Retailer we should be happy at any new technology such as chip-and-pin, however this is proving the worst idea ever.
The male customers neither know their pin codes or care, however up to now all the women have, so the first problem is it makes us men look useless. More importantly though a simple picture on the card would have done, simple and safe.
To cut down on mail order fraud can also be resolved by credit card companies allowing their customer home addresses being give to the retailer prior to goods being despatched.
8. rick harper
Most cards are numbered with four blocks of four numbers. Just select a simple rule - say the last number from each group - and you can generate a memorable four digit PIN for each card that will be different for each card. It works for me.
Mind you I agree about the difficulty finding a branch where you can change the PIN...
9. Bruce Sandeman
just pin the pins!
;o)
use another pin to encrypt your pins on your pinning pda and your pinned up and ready to pin all your money away!
of course the person looking over your shoulder is more likely to read the pin from your pda than from you typing it in... oh pin it all!
maybe we should secure cards with a retina scan, of course then people wil start nicking eyes... oh dear.... o(
aha, I have the solution, everywhere you go where a big black cape and stick a big piece of paper on the inside with all your pins written on it. Whenever you need to type your pin in, stick the cape over your head (and the pin machine) and read your pin and type it in. sorted. maybe...... the likelyhood is that people will think you're one of the wariths from LOTR but never mind...
10. Bill Williams
I counted my passwords and PINs recently. By the time I had added my login at work, PIN for ID card, VPN password, Exchange password, passwords and PINs for internet banking, shopping, debit and credit cards, my home alarm and mobile, voice mail, BT Call Minder ... well you will see why I rapidly counted to 40 before I got bored. So here is another unconnected piece of information to remember. Now if the great Government ID card would provide me a secure, personal, single sign on everywhere, that might be good (until I lost it)
11. Harold Fuchs
The way this has been implemented in the UK is a complete nonsense. Similar cards have been in use all over Europe for 10 years or more. In all the countries I have seen them used in, the machine on which you enter your PIN has a shield to prevent anyone seeing what you key in. Not in the UK. Crass.
12. anonymous
As suppliers to this market, we too can see issues surrounding this technology. Your readers may not be aware that both the card readers and their asociated pin pads need to undergo rigorous and complex testing costing many hundreds of thousands of pounds. Due to this significant overhead, there is unsurprisingly a shortage of both devices and the manpower to test and install them, all the way through the supply chain. Interestingly, although the legitimate devices are tested to this level there is no way that a member of the public, when asked to insert their card and enter their pin number, knows whether the terminal is certified or a fraudsters trap.
January 2005 is 6 months away and we are already being quoted lead times of 16 weeks for Chip & PIN terminals. I bet the fraudsters already have theirs!
13. Steve Clark
Is it really a problem, or just too difficult to think about?
There is no need to remember a lot of numbers. To have so many as to necessitate writing them down is pointless.
It is far more secure to have a number that you do not need to write down.
Numbering systems are as much a personal thing as the number itself. It's not that difficult.
Here is an idea similar to what I use:
Basically use the same number for all PINs but extended slightly to give added level of security for different levels of risk. Thereby leaving yourself 3 numbers to remember. e.g.:
1. Credit & Debit Cards. (1***)
2. Internet money exchange. (2***)
3. Personal information. (3***)
4. Basic Internet things that require a LOGIN/Password. (4***)
I know a few people who use phone numbers of fictitious people (last 4 digits=PIN) but the thieves know this too so if they steal everything beware.
If you really have to Write it down what about exchanging a few number for letters? O=0,I-1, E=3, A=4, S=5, G=6, B=8, Q=9 gives you 8465 of options.
Some people will doubtless need to take more care when entering a PIN.
Most important is not to divulge the number to anybody else. Many people do for example say to a relative "here's my card, go and get me £50, the PIN is 1234". If there is any fraud at all, one of the first questions to be asked is "who else knows the number". If you keep it secure the Bank will have to swallow the cost of the fraud.
I reckon that Signature and PIN is about as secure as you will get until we use biometrics.
You can change your PIN in a NatWest or Royal Bank of Scotland ATM. Of course you may need one of their cards first, but it is a better service.
14. anonymous
Like Martin I use a single PIN for most purposes but have a different one for my new chip-and-pin credit card. Why? because I use my main credit card in public every day, and sometime someone will see me enter the PIN. I want to know ONLY that credit card can be compromised.
Whenever one of my many other occasionally used credit cards or storecards goes to chip-and-pin it will be ruthlessly discarded. Convenience is everything to me. Sorry M&S, I can't afford to have any more PINs!
15. Lord John
I actually wonder what the fuss is about. They have had this system in Europe for some years now, and using older cards is the exception rather than the rule.
However the problem I see is the little old lady with poor eye sight who is left handed trying to key in her PIN on small keys she can't read on a keypad positioned for right handed people.
16. anonymous
I seem to remember reading some of the usual literature relating to the 'safety' of pin nos which we could input in secrecy, well if not that, then the cashier would do it for us DOH!
17. Nic
Today I walked past two lovely old dears having a chat about chip and pin, they seemed happy enough to embrace the technology.
18. anonymous
Hello,
Have I missed something?
My recently issued chip & pin card still has space for my signature, is it the intention that at some point signatures will not be valid authorization for card transactions and every retailer will _have_ to adopt this technology?
Is there a deadline for this?
Otherwise, all any respectable fraudster has to do is say "Hello Mr Shop Keeper, silly me, I've forgotten my PIN, do you mind if I sign for this?”
Cheers
19. Paul Mansfield
chip and pin is another attempt to solve a social/user problem with technology - i.e. to overcome people's casual handling of their cards (like letting them out of their site so that they can be skimmed) by adding a technological feature.
It's rare for this to work - the effective way is to make people WANT to be more careful with their cards.
The technological sledge hammer is the equivalent of fitting a horse with a GPS tracking device so that when you leave the stable door unlocked at least you can find out where the horse ran off to!
20. anonymous
Oh silly me!
I didn't read the related article by Sylvia Carr.
21. Brian George Charlwood
Martin is absolutely right about this technology. It's far easier for miscreants to get sight of your PIN than it is to instantly copy a signature. Why hasn't this rubbish been bypassed and gone straight on to iris or fingerprint recognition? Besides, it won't be long before governements decide that it is 'in the public's interest' to have a smart chip embedded in the skull. It may have looked like science fiction in 'Total Recall' but then the public thought the same of George Orwell's '1984' - we've now got the National Lottery and CCTV's/Traffic Light-Speeding-Tax Disk Recognition cameras littering the landscape, plus Satellite Survellaince littering the sky.
22. anonymous
These cards are obviously really secure my new card was being used by someone over the internet before the bank reckoned they had sent it to me which was also before the pin to go with the chip was sent as well!!
23. John Drummond
Having once mistakenly drawn money from an ATM using my credit card instead of my cash card, and paid £1.50 for the privilege, I quickly changed the PIN to a different number and forgot it. So I am with you on this one; we will need to remember far too many PINs.
But I think the existing method in restaurants is very insecure so maybe we just have to grin and bear it.
24. Mark Cooper
I pride myself on the fact that I am one of those lucky people who can remember telephone numbers, although I forget everything else, such as my own birthday or those of immediate relatives.
I think it was Douglas Adams in one of the 'HitchHikers Guide' novels who said that the average person has the ability to memorize up to 12 (? - I may be wrong) telephone numbers before the addition of another number 'pops the stack' so that one number has to replace another.
PIN numbers, therefore, should pose little difficulty.
Unfortunately, I'm also of the age where one gets the occasional CRAFT moment (Can't Remember A F***ing Thing), when despite my best efforts I can't remember the name of my own dog, let alone my PIN number.
I dread to think what is undoubtedly going to happen when I have just such a moment when I'm at a checkout or need to withdraw cash. Fortunately, this hasn't happened yet, but it must only be a matter of time.
I can just picture myself at the old folks home at the end of the month:
"Now then Mr. C., if you could just type your PIN number we can keep you for another month, otherwise it's a park bench for you tonight!".
I know that we need ways to combat fraud and that progress is inevitable. I'm all in favour of progress. I just happen to fall into the age group that will be 'field testing' this particular innovation and at times, I must confess, it scares the pants off me.
25. Dozza
GPS tracking for horses sounds like a cool idea. They get stolen and - unlike cars - can be very hard to replace. When's it available?
26. anonymous
I have also contacted my banks about the lack of privacy for the keypads and they tell me that its the retailers problem, the retailers then tell me its what the banks want, So I don't use a pin for retail, try that on busy day with lots of people in the queue.
I would also like to have the ability for two PIN numbers, one for retail and one for ATM use.
27. Sandra Quinn
I was interested to read your article (Devil's Advocate: The problem with chip-and-PIN, 15 June 2004) regarding the rollout of chip and PIN.
Chip and PIN is a huge project – probably the largest in the UK since decimalisation. It means upgrading more than 120 million plastic cards, 850,000 tills in shops and 40,000 cash machines and training some 2.7 million retail staff. Our target is that the majority of our card transactions in the UK will be by chip and PIN by 2005.
You are quite right to point out that remembering PINs is crucial. To help customers with this, we’ve put systems in place so that people can change the PINs on their cards to something they find easier to remember – perhaps their wedding anniversary, or a child’s birthday.
As well as rolling out chip and PIN the banks are also on track to offer reciprocal PIN services at ATMs. This means that cardholders will be able to change their PIN at cash machines not owned by their bank, giving them a greater choice of places to change their PIN.
The majority of us already use PINs at cash machines. However, a few shoppers will need to use a PIN for the first time and many more may need to remember a PIN on a credit card for the first time. The good news is that our trial last year in Northampton showed that customers adapted to the new system very quickly. In fact they loved it. And in France and other countries people have been using PINs for a number of years, and as their cardholders use it without any problems we are very confident we will too.
Any cardholders who want more information on chip and PIN should visit our website www.chipandpin.co.uk
28. anonymous
Might be a greater problem in a busy pub or club. A lot harder to protect against shoulder-surfers then. Instances of mugging at closing time may well increase as a result of this.
Macdonoalds Drive Through accept card payment with neither signature nor PIN.
29. Mark SPLINTER
Security does not prevent fraud. End of story.
30. Alan Moody
Why on earth can we not have ONE CARD with one pin but with all the relevant card companies details on it so that in use you would only have to choose which company to make the transaction through? Or am I thinking logically again?
31. Mike McPherson
Consumer solutions to protect PINs, passwords, you’re SSN, employee numbers, and (ahem) you’re soon to be issued "Patriot Number":
1) “Mandylion's Personal Password Manager” http://www.mandylionlabs.com/products.htm. Used by federal agencies, limited to 10 or less ASCII 255 characters, provide auto generation and expiration features (check out the free password cipher strength excel spreadsheet at http://www.mandylionlabs.com/PRCCalc/BruteForceCalc.htm# (enable pop-ups first).
2) “Trek's Thumbdrive Secure”. This product uses your thumbprint for authentication – so it’s really is a thumbdrive ) http://www.thumbdrive.com/prd_info.htm.
Although effective, these products tailor more to the technically savvy and not to the majority of the uninformed populace. The upside is they are small enough to fit on a keychain, around your neck, etc.
32. A Campbell
Old technolgy for the old world dinasours :-)
We in New Zealand have not had to sign for Debit / Credit Crards for 10 years, pin's are wonderful technolgoy and are now trialling biometric finger imprints. Get with the computer age and all its wonders :-)
33. Hugh Grant
Have One Card with all your PIN's on! when the machine asks for your PIN stick in the PIN card and let the machine choose the PIN for the transaction. Good eh? Almost as good as Mr Moody's idea!
34. Mike Minton
-I disagree.
Far from being an emerging technology, this type of PIN and card operation has been in use for a long time. I used to live in Australia in the early nineties and it was well established, working well and accepted by everyone I met. I used it regularly myself and felt it was far more secure than the UK signature based method of transactions. Your choice of PIN is up to you, there are many ways of remembering them from alpha numeric grids to key phrases. If you want the benefits of modern technology, don't be afraid of the changes involved. Just remember, in a few years time poeple may well be extolling the virtues of this system whilst bemoaning the introduction of the next!!
35. Harlan Harris
Encrypt your PINs on your Palm. For years I've been using an application for Palm OS devices (including the Handspring Treo 270 I use now) called Secret!. It password-encrypts whatever I want, and has a Windows PalmDesktop conduit. I store all sorts of things -- registration codes for software, PINs for my ATM and credit cards, passwords for web sites I don't visit very often, etc. Comes in lots of handy!
36. Paul Koan
"Chip and Pin" is a widely used technology in many countries that have not had a breakdown in society since its introduction.
It works well, and is at least if not more secure than sigs.
If you are running out of things to write about Martin, then don't write. These half baked "counterpoint for the sake of it" pieces are a waste of everyones time.
Much like my comments I guess.
37. anonymous
Very well said - maybe the banks should remember the old saying "Be careful what you wish for, you may well get it" or my favourite "The law of unintended concequences".
38. Charles Wood
we use internet banking and had for 2 years been logging on with my wifes account log ons. One day the banks system went down and, forgetting the fact I was not female I rang their telephone service. They immediately stopped the service. They did terrible damage to my business for the 6 days it took to get the security re-issed. Now imagine you are in Dallas trying to pay a large hotel bill just before you go for the plane....security helps banks. It hardly ever helps you as an individual.
39. anonymous
Remembering PIN's is a big problem - I have a few ideas:
1) Write the PIN on your arm in heat-sensitive invisible ink. When you need to use your card, simply put your arm on a radiator or near a gas fire, and the ink will become visible allowing your to read the PIN you require. How
2) Write all your PIN's in very small letters on a piece of paper, laminate it in plastic, thread some cotton on the plastic and wear it next to your chest like a medallion.
3) Write, or ask a trustworthy friend to write, your PIN's on your tongue in reverse mirror writing, using waterproof indelible ink. When you need to use your card, simply look into a convenient mirror or other reflective surface, and stick your tongue out. You will then see your PIN's on your tongue reflected so that you can read them easily.
I hope that your find these suggestions helpful. Thank-you.
40. David Hawkins
Absolutely spot on!
There has got to be a better way.
But what is it?
41. anonymous
Use a fixed PIN plus a recipe based on the card's own digits.
For example, have 1952 as your "virtual" PIN for all cards, then to use a given card, choose (e.g.) digits 1 and 9 from the card's long number and replace "19" from the "1952" with those digits, and set the real card PIN to this value.
Or some such rigmarole.
Once you have made up your recipe and chosen your PIN, you can just look at the card to get the "real" PIN digits.
In this way, all cards will have different real PINs, but you don't have anything extra to remember, regardless of how many cards you have - as long as you set the PIN up in accordance with the scheme.
(OK the card's in the machine at this point ... work out your PIN before you stick it in !)
42. anonymous
Why anyone who doesn't use their credit card at a cash machine should want a PIN is beyond me.
Are readers of this form aware that there is such a thing as a 'Chip & Signature Card?' I've got one - Instead of being instructed to enter a PIN, the new type terminal produces as transaction slip to sign per norm.
Think about it, if your a victim of fraud where a PIN is used, it can takes weeks to sort out and you may have difficulty proving you weren't negligent with your PIN and could end up coughing up for the whole cost of the fraud. If a signature is used then you can always say "sorry that's not my signature."
How long will it take crooks to catch on to the fact the get hold of a PIN & Card, use it before it's reported lost or stolen and they will never be challenged. Even worse, what's to stop them cloning the magstrip on a UK Chip & PIN card, and then using the cloned card & PIN abroad or at a non-compliant chip & PIN ATM?
Safety in Numbers, for whom?
43. jennifer
when I lived in america, PIN payments were the best thing I ever did. Fast, easy, no faffing. If you have too many PINs to remember, maybe you have too many cards? Credit card culture strikes again. The terminals I used in ASDA were well shielded and very quick. Can't wait to go back.
44. Deanna
I'm totally in favour of chip and pin. It's much harder for someone to discover my pin AND steal the right card, than to simply pinch any card and look at the signature on the back. I have to say, though, that this brilliantly secure innovation is completely nullified by the fact that said thief can have three guesses then say "oops, sorry, forgotten my pin, can I sign instead?" and use the aforementioned signature gleaned from the back of the card.
45. Tom
It seems obvious to me that a PIN offers far greater security than a signature as this can easily be copied and the retailers never check them anyway! The chip also offers a lot greater security than a magnetic stripe which can also easily be copied - at least with the chip the fraudsters would need the card too.
Although countries overseas have been using similar systems for some time, they are not as advanced as the current systems (based on global EMV specifications). These specifications mean that there will be a global solution to the problem of card fraud, based on chip technology and PIN codes which can be verified by the card, not sent over a network for verification. All in all, a much more robust and secure system than anything previously implemented and one that will strike a major blow in the battle against fraud.
46. anonymous
I received my new credit card a month before it became valid. The pin number arrived separately in a security envelope. Somehow, I managed to lose the bit of paper before the card became valid and was therefore unable to go to a cash point machine to change the pin number to the one I use for my cash card. I then had to get the bank to re-send me the pin number. In the meantime, I couldn't use my new credit card anywhere that uses the chip and pin security. My motto is - ignore the bank's instructions and write the number down in a safe place!
47. anonymous
What is the big deal with chip and pin? I can't understand why the banks have had to issue new cards, I used my old "switch card" three years ago in Amsterdam airport duty free as "chip and pin" - or is it yet another excuse banks will use for the need for massive profits?
As far as I am concerned I'd rather have an incompetant, badly trained shop assistant try to check my signature than a thug with an iron bar demand my card and pin number before he / she could use it without by or leave!
48. Paul Mckeown
What happened to the experiment the banks did to put your photograph on cards? I'm sure the Royal Bank are doing this or at least did. Wouldn't that be a better way to figure out that the person using the card is the right one? As someone else pointed out, once the mugger with the iron bar beats your PIN no out of you, then he's got complete access to your account. Doesn't sound very secure to me.
49. anonymous
Urban posing, old style: car keys on pub table, credit card handed to waiter to swipe out back.
Urban posing, new style: mobile lent to strangers, credit card and PIN given to waiter to key in out back.
Yep, it's a social thing....
50. Cenydd
One PIN problem!
I want to make the matter worse!! I would like a seperate PIN for purchases and cash points. that way if someone does look over my shoulder, or set up a camera to grab my PIN they can only use it while shopping.
This may seem redundant, but most shops these days have security cameras, making catching the criminals easier. They would have to try this more risky ploy rather than simply walking up to a cash point and emptying my account!
51. anonymous
I've only had my new chip and pin card three weeks and it has already been fraudulently used,seven transactions had been made in two days for three hundred pounds ,i only found out when i had a letter from my credit card company asking if the transactions that had been made genuine,it was used fraudulently two days after i had used it in a gents retail shop ,so i think it must have been skimmed.
52. anonymous
to anon in Wales:
your card was skimmed because it still has the fully functional mag stripe on it, nothing to do with the chip and pin technology.
mag stripe is a 40 year old technology which can be replicated easily, hence the move to chip technology. however with global deadlines for the migration stretching to 2010 and beyond mag will be around for some time yet. As for biometrics, great idea, but the infrastructure costs are still too great, cheaper to implement systems such as sending an SMS to the cardholder when a transaction is authorised (and the holder being able to send back in real time a "block" message if the transaction is not of their doing would solve this issue).
53. anonymous
To Anon Wales & Anon Sales Director.
Was it a Credit or Debit Card?
I'd bet it was a debit card and used at retail point of sale, and with that amount of transactions the fraudster may having been getting small amouts of cashback.
If this is the case you have nothing to worry about with regards to liability on two accounts: One, your card remained in your possession. Two you can ask the retailer to supply the transaction slip with the fraudulent signature. Your in the clear.
However, If someone cloned you card & used your PIN at a non-chip reading cash-point then lets hope your card issuer believes your card was cloned and you weren't negligent with your PIN.
Egg & Nationwide - Well done. They actually mention Chip & Signature Cards on their websites.
54. anthony wilde
Well ... I know this is a ludite idea - but why dont we lobby the Government for better consumer protection - and go back to using CASH
Its easy, its simple - and mostly quicker for most things - like petrol
Its my quest to rid myself of as many ID's as possible - as pretty soon I wont be able to keep up with them:
I have them for Amazon, MSN, Hotmail, Dabs, Yahoo, FT, IMIWEB, Barclays, Barclaycard, Egg, several web dev sites, then Pins for about 10 cards - even insurance companies have them now
Ive got passwords for laptops, work computers, local admin passwords, web accounts for remote servers, home domain, even THE TV has a PIN!!!!
e-mail me if you have any ideas to help market a solution
55. anonymous
To Anon Sales Director,
The SMS to confirm/deny a transaction is great - shame that the phone companies don't guarantee delivery of SMS messages in any kind of time scale, so the message could turn up now, sometime today, tomorrow, in the next three days.
I think we'll be seeing more and more of biometric systems soon. There is a company up here in Newcastle that have recently installed a biometric system in the VIP entrance to a new club. Members have their finger print scanned to enter and facial recognition and finger printing inside the bar. They also have fingerprint systems on door locks and safety-deposit boxes I believe. From what I understand, its extremely accurate.
56. anonymous
I am more than concerned about chip and pin, CCTV operators in large department stores have access to cameras with point/tilt/zoom capability. These cameras can zoom right in at the till. The biggest concern for me is, retailers and loss-prevention staff can gain access to our credit card numbers on back office equipment. How do we as customers get round this?
57. John H.
My partner has recently had her credit cards (two of, one chip `n pin and one magnetic tape) and her cashcard abused. These were in a foldable card wallet along with AA,Donor cards etc. which were lost or more likely stolen. Within 24hrs nearly £1200.00 in cash and railways tickets had been withdrawn or purchased!.
Although the PIN for the cashcard was known to my partner, the PIN`s for the two Credit cards were not. The numbers were at home in cryptic form and were not with the cards when they disappeared.
I would like anyone out there to explain how the thieves managed to withdraw cash from all three cards (albeit it took three attempts on the Visa Gold) without knowing the Pins!!? As mentioned, one of the credit cards was a new Chip `n Pin type and had only been used once, months prior for a purchase. I cannot believe they are as secure as they say. I have heard rumours of an illegal Database containing the PIN numbers of millions of cards which can only be abused when the card itself is available (to the thieves of course). Is there any truth in this?.
John H.
58. Ben
Chip and Pin is all well and good but the magnetic strip apparently still holds your account details. I have recently been subject to ATM card "skimming" or whatever the correct term is and this is what they have done. They then do not need your PIN or Signature to buy online.
59. anonymous
Yet another reason for not wanting a PIN with a credit card:
Bradford & Bingley warn against credit card cash
http://www.fairinvestment.co.uk/news-Bradford-&-Bingley-warn-against-credit-card-cash-7306796.html
If you've not got a PIN, then you can't be a victim of PIN based fraud.
"Safety in Numbers,' my 3%$%," as Mr. Royale would say
60. Stephen Baxter
I understand that the Chip technology as opposed to the Marnetic Stripe technology in that the chip can be written whilst in the card reader. I know from direct experience that the manufacturing plants where the chips are made are very secure. As secure as that used for manufacturing military products. Claerly the banks have made a business decision over the technology to go for. It's well proven in France and some other Geographies. My career has spanned both Semiconductors and Banking. I'm sticking with chip and pin.
61. Colin Powell
August 2008: the Nationwide Building Society ("Proud to be Different" ... ) have also jumped onto the Chip & PIN bandwagon.
At the moment I'm required to memorise a password, an account number, and a 6-digit 'PIN' number from which 3 random numbers are requested for online transactions - and for me that seems quite enough stuff to remember.
Now I'm required to carry a card reader around with me, and memorise even more PIN numbers ....
There are just too many things to go wrong here - and there's a temptation to write these damned PIN numbers down somewhere - or risk losing access to one's own money.
Not only does this recent change feel like the 'tail wagging the dog' (after all - it is MY money !!)A retrograde step - I'm not impressed.