By Andy McCue, 18 March 2005 17:15
NEWS Leading UK retailers have dismissed the threat that CCTV cameras pose to the security of the new chip and PIN bank card payment system.
The security issue has been raised by customers concerned that existing in-store CCTV cameras focused on checkout tills will inadvertently record them keying in their PIN numbers when using chip and PIN cards to pay for goods.
That footage could potentially be used by corrupt staff in collusion with card thieves to steal customers' bank card and PIN numbers.
Although most stores have CCTV cameras covering the checkout area to monitor for fraud, several silicon.com readers have expressed concern over the ability of those CCTV cameras to also inadvertently capture customers' PIN numbers.
But those claims have been dismissed by leading UK retailers contacted by silicon.com.
A spokesman for supermarket chain Tesco said: "Generally the customer will be standing in front of the PIN terminal so we don't see that it poses a risk."
Sainsbury's, however, failed to respond to repeated requests for comment on whether it had carried out any assessment of the risk posed by CCTV cameras to chip and PIN in its stores and whether any security advice or guidance had been issued to its staff.
Paul Smith, director at the retail industry body the British Retail Consortium, described it as a form of "electronic shoulder-surfing" but said that retailers can minimise the risk by taking sensible precautions and positioning the PIN pads away from cameras.
"Even if the number was captured it is no good in isolation. You still have to have that in conjunction with the card to complete any transaction," he said.
The advice of the chip and PIN organisation, which is backed by card payments body APACS, is that retailers should take adequate steps to ensure the security of customers' PIN numbers is not compromised.
A note on its website to retailers says: "You need to make sure your CCTV cameras cannot see the PIN being entered."
In the meantime contact us here at silicon.com if you believe you've been a victim of chip and PIN fraud and we'll look into it for you
Comments
There are 21 comments. Join the discussion
1. Jamie Bishop
Chip and pin should be abolished, similar trials in Spain and the USA lead to an increase in theft and muggings outside of the stores. Some were fatal.
In my opinion chip and pin is about shifting the responsibility for losses due to fraud from banks to retail stores (which means YOU will be paying for the banking industry's mismanagement and poor security record through increased grocery prices).
It's safer to carry cash these days, at least once the money is stolen they cannot continue to empty your account.
2. concerned shopper
Am i the only one seeing the real problem here?
Its the people in the que at the checkout standing behind the person keying in their pin number that are the problem. Unless you pull the keypad close to your chest when typing, its all TOO EASY for someone standing behind you to obtain your number and follow you out of the shop. Why cant anyone see this?
3. Charles Wood
Retailers are bound to support this chip and pin concept. It quietly and sneakily moves the burden of proof from them, and their operators to you as the customer...and you have no choice in the matter.
Wait until you have been embarrassed a few times in a large queue, I already have this problem when my diabetes is a problem.
4. anonymous
I am quite a tall person and have been testing too see how easy it is to capture peoples pin numbers in many retail stores. It is disturbing that well over 50% of the time I can see what the person is typing and should I be inclined could misuse that information I could easily do so. Chip & Pin is clealy a poor solution and open to more methods of fraud as describbed in this article. When I go to the US and they dont eve check a signature anymore some low transactions you have to wonder where this is all heading. Clearly a picture ID, signature and pin would be the best solution.
5. Jaime
Forget CCTV as a threat, just look out for the chap over your shoulder casually observing you type your pin from behind, the point at which you've very little protection from prying eyes!
Whilst I enjoy the speed and ease of use of this new system, I personally believe the whole system totally flawed from that perspective.
6. anonymous
It is commonly assumed you need to see the pad to get a number. Not so, just watching up/down & side to side hand movements is enough for most numbers...
Think about it!!!
Too crude a system by far, You can deduce numbers 10-20 feet away!
7. anonymous
Personally I worry more that the shields around the pin entry keyboards are quite useless at shielding your keystrokes from the gaze of other shoppers in the crowded till queues.
How long will it be before skilled pick pockets realize what an golden opportunity they have been handed. This is the single most stupid piece of security I have ever seen. Not only that, but most people will now change all of their pins to the same code as it will be impossible to remember different ones. So when the pickpocket takes your wallet after spying on your keystrokes, he can go aon a card shopping spree with your entire suite of credit/debit cards. Brilliant... who's idea was this? It has to warrant a nomination for the Darwin award!
8. anonymous
If you think someone is too close to you when entering your PIN at a checkout, just ask them politley to move to a distance you are comfortable with. If they dont, then dont key in you PIN. The queue will soon get fed up with them
9. anonymous
CCTV in stores are not the only cameras that stores use. Quite often they have pin hole cameras in the ceiling directly over a particular till. This is so they can monitor the behaviour of their staff. Whether they charge for each items whan freinds shop etc. These same cameras would be able to see a plan view of customers entering their PIN. Bets if you learn to enter your PIN with your spare hand held over the operating one
10. Roger Huffadine
Having sent loads of correspondence from Homebase and Marks and Spencer together with a 'request for assessment' finally -
I have a ruling from the Information Commissioner who says that if security staff in stores using CCTV which can also see PINs are suitably trained and aware of the privacy issues then they comply with the data protection act.
I have written back to the IC saying
"Broadly it appears that your interpretation of the Data Protection Act does not make it an offence for a ‘suitably trained person’ to record PIN numbers. There would only be a breach of the Act if it can be shown that the recorded information was used in a way that contravenes the Act.
Put bluntly you confirm that because I have read the Act and understand its contents, making me suitably trained, the Act permits me to covertly electronically record peoples PIN numbers. It is the responsibility of the owner of the PIN to prevent me from covertly capturing that information."
I am awaiting a reply - but to be fair they will only just have received my letter.
11. Roger Huffadine
Oh yes - and the APACS comment is great except that they have no powers to enforce their guidelines so retailers can do as they please. That is the APACS position as it was given to me a couple of months ago.
12. Richard Burstow
I for one am most annoyed by the lack of sheilding around nearly every PIN entry device I have seen. Not only does this leave the entry of PINs open to fraud from TV cameras, but also by thieves loitering near tills! The extra plastic would cost pence and add considerably to security! Wake up and smell the coffee you retailers!
13. Dave
I avoid having the same PIN number on all my cards or having to remember them, by using a fairly simple system. The general principle is to memorise one single multi-digit number, which is then combined with certain digits on a given card to produce a unique PIN for that card.
Having set all my card PINs now using this strategy, I have no need for any secret notes of numbers and they're all different. I only need to glance at the card before I use it to know the PIN.
The selection of master number and method of combination (add, subtract, multiply) with the card no is up to the individual. All you need is the ability to perform a little mental arithmetic accurately.
14. Mike Hart
At an ATM you can be careful not to disclose your PIN, but in a busy shop with only those tiny 'shields' on the terminal, it is just about impossible!
You might as well have your PIN tattooed on your forehead!
No-one who is serious about security would find this acceptable. The only good thing that results from this is that it moves the onus of identity checking (sig. camparison) away from otherwise well-meaning retailers and onto the card companies, where the responsibility belongs!
15. Steve Cupples
Data Protection Act Laws will cover this, any cctv system operator is obligated to abide by DPA Laws and keep any recorded data secure at all times and have it destroyed after a reasonable time. There may be arguments as to whether capturing data of pin codes is excessive under this legislation but of more concern is that in my experience as a DPA Consultant the majority of cctv systems are nowhere near compliant.
16. Russ Lewis
People do like to make a fuss ...
Your commentators all seem to think that Chip'n Pin is new and worrying. Please be assured that this is not new and that there is less to worry about than leaving your signature all over the place. (It can be scanned & used in ID theft, for example.)
In France, where I've lived for the past 15 years, Chip'n Pin has been part of daily life for all those 15 years & it wins hands down over physically signing slips.
17. John Wilson
Improvement, what improvement?
It's all very well for some to say that Chip and PIN is an improvement, but in the small print of card agreements it says that the user is responsible for keeping their PIN secure.
One wonders how long it will be before Card companies start asking people whose cards have been misused, "And are you sure that no one could have seen your PIN being entered in a shop"
I also disagree with the reader who said CCTV stuff is simply covered by the DPA. What about small shops that have installed their own cameras? In some cases the owners are probably only vaguely aware of the existence of the DPA (if at all), and do you seriously think they can vouch for the honesty of all their staff beyond dispute?
18. MikeW
Belgium has had this system for years - in fact it's better since you can store small amounts of cash on the card as well, hence saving you from having to carry it around.
The 'cash' can be refunded if the card is stolen, since it's traceable.
Works in phones, train ticket machines, vending machines, supermarkets ...
19. anonymous
What do the banks say about this, we are constantly told to look after our pin and not let others know it.
If it is recorded on CCTV, even with all of the alleged security around tapes or viewing does this not still infringe on the banks orders not to let people know.
Could they use it to say you should have made sure that no one would see it.
20. anonymous
Why all the fuss, we've been using PIN securely for years at ATM's without all this bleating. If you can't shield your PIN input from others then you are as much at risk on the High Street as in a store. It has to be better than a signature which anyone could forge or may not be checked properly at the pint of purchase. I am glad that I have more control over my cars and I take all the neccessary steps to ensure that they are secure.
21. cerberus264
It was always going to be less secure than forging an average signature. Since they originally proposed this scheme, they have sexed it up to be better and more secure. What a load of bo***cks!
Once a thief has my PIN, not only can they use my card to purchase goods, they can actually draw cash at any cashpoint (if they'd obtained my card by theft or copied it).
And whats with those poxy little shields to supposedly stop someone seeing your PIN? ...Call that security!! They're havin a laugh. Mark my words - When the next set of crime statistics come out, they 'll realise what a mistake they've made.