Mick

iTrader: (1)

Just talking with the missus about the chip and PIN cards - it seems that the reason they contribute to lower fraud figures is because the consumer and the retailer bear the cost of the fraud instaed of the banks... No wonder the banks are keen...

Found this article http://www.vigay.com/misc/chipandpin.html which seems a pretty good summary...

Ten reasons Chip 'n' Pin cards are bad
Originally written by Paul Vigay, 1st Jan 2005
What is Chip and PIN?
According to a leaflet from Abbey
"Chip and PIN is a new, more secure card payment method that's gradually being introduced by banks and shops across the UK. When you use your card to buy something in a shop you key in your Personal Identification Number (PIN) instead of signing a receipt. This is the same PIN you use at a cash machine to take out cash.
Shops in your area may be using it already and it will be common at all major retailers by 2005."
It goes on to say,
"Chip and PIN is designed to reduce card fraud and the hassle it causes. Built-in microchip technology protects the data on your card from being copied or altered."
1. They're not secure
For a start, there are infinite subtle variations of personal signature, which are all unique. There are only 10,000 (10x10x10x10) combinations of PIN code due to using a four-digit number. From a technical point of view, this is roughly 13bit encryption (2^13 different permutations), whereas current eBanking and shopping on the internet uses 128bit encryption (2^128 different permutations and because security is exponential to the number of bits, this is many billions times more secure) so it seems that highstreet shopping has suddenly become billions of times LESS secure than online shopping.
2. They create sloppy security
Because all cards are moving to Chip and PIN, and many people have several cards, it's highly likely that most people will use the same PIN number for all their cards - how many different PIN numbers can YOU remember? This means that if someone loses their wallet containing more than one card, they can all be compromised.
Another worrying scenario I've been alerted to, is that many old people simply can't remember, or don't know how to use their PIN. One recent example involved an elderly women paying for goods in a local post office. When the cashier asked her to place her card in the card reader and enter her PIN, she became flustered when it didn't appear to work. She tried to enter the PIN a couple of times, to no avail. The cashier asked her if she'd entered the code correctly, to which she replied, "I have. It's 8288 and I've entered it a couple of times". The cashier immediately told her not to tell anyone the PIN - but it was too late - any muggers or potential card thieves already knew her number in case they wanted to grab her handbag outside.
Another scenario which was recently pointed out to me is that a lot of large supermarkets now have CCTVs pointing at the tills - for their own security. These can often record people entering their PIN numbers so is another area of insecurity.
Other people who either can't remember their numbers or don't know the implications of sloppy security have been known to write the number down on a piece of paper, even storing it in their wallet or purse! Of course, banks have been warning of the dangers of this for years, but until now people have been free to not worry about remembering PINs because they can simply sign for goods. I predict a return to cheque books for many people, which will inevitably lead to longer queues and delays in shops.
See an article on 'easy to remember' PIN codes on Bruce Schneier's website.
3. They will lead to higher crime
As mentioned above, because of the insecurity of the PIN code, they will be an easy target for pick-pockets or muggers. Some more muggers may also threaten people with violence until they reveal their PIN code - before carrying out fraudulent transactions - perfectly legitimate from the banks verification view. Previously, you'd still have to fake someone's signature if you wanted to fraudulently use their card. Plus, because the PIN reader machine is often on the customer side of the counter in shops, the card doesn't even have to be passed to the shop assistant for verification, so you could steal and use a card from a member of the opposite sex - a simple security check which is now removed, by having people enter their own PIN into the machine.
And don't forget that it's relatively easy for someone to look over your shoulder and see what digits you enter into the terminal. This will become worse as people become more accustomed, and thus blasé to checking who's behind them.
As always, because the public erroneously perceive the cards to be more secure when in reality, they're less secure, this will lead to more crime because the rewards will be higher for card thieves and fakers.
A topical article has just appeared on Silicon.com talking of precisely the dangers I predicted.
4. They shift the cost of fraud from the bank to the consumer
Because the PIN code is deemed to be secure, and because it's digital, you have no evidence to prove your innocence in the case of fraudulent or incorrect charges being made to your card. This is one of the main reasons for the banks implementing Chip and PIN cards - because it removes the cost of fraud (already many millions of pounds a year) and shifts it to the consumer or small business/shop.
In the event of disputed transactions previously, you could point out that you didn't sign for anything, or your signature is a fake (signatures being much more secure, each one being unique).
5. They're harder for you to prove your innocence in cases of transaction dispute
Once a valid PIN number has been entered for the transaction, you have virtually no way to prove the transaction wasn't valid. The onus has shifted your responsibility to guilt unless you can prove your innocence. Because the system is entirely digital, with no input from the customer, how do you prove to the bank that it wasn't you that entered a valid PIN code? You'll be treated the same as a criminal who has to prove an alibi or provide evidence they were geographically somewhere else when the transaction took place. Previously you only had to prove the signature wasn't yours - and signatures are much more secure, each one being unique instead of one in 9999.
6. They will lull people into a false sense of security
Again, the general public are being baffled by science or technology. Because the average consumer doesn't understand digital encryption or electronic security methods, they tend to rely more on what the bank and media feed them via leaflets or technospeak.
Even now, I get people thinking that I'm scare mongering by writing this article, but that's generally caused by their own ignorance of how the system works or how you've been convinced into the false security by the banks propaganda.
If you're unsure, I urge you to do your own research. Try some of the following websites for more information:-
· Resellers liable for fraudulent transactions (BBC News)
· The story of how French smartcards were cracked back in 1999 (multiple sources)
· Hackers succeed in cracking Siemens digital card signature (The Register)
· Card Confusion (IT Week)
· The Dangers of Identity Fraud (Credit Card Magazine)
· Market Comment (Yahoo Business)

7. They're more inconvenient or embarrassing
As experienced by the elderly lady in the post office, mentioned above, you're now being forced to remember your PIN code, even if you never previously used it for obtaining cash from a cash machine. If you have a new Chip and PIN card you now have to use it, so if you can't remember your PIN or you don't understand how the technology operates, an extra feeling of embarrassment when faced with paying for things will lead to people feeling flustered or confused, especially if your transaction is declined through simple operator error or even machine malfunction.
Again, if you feel intimidated or embarrassed at making a mistake, I'd advise you to go back to using cheques or cash to pay for goods and services.
8. They are a stepping stone to worse things to come
Because Chip and PIN cards are destined to fail to provide the level of security or remove bank card fraud, I foresee a situation where the government steps in and suggests that an ideal solution would be to combine Chip and PIN cards with National ID cards, and thus they are merely a stepping stone to more draconian and Orwellian schemes to come. You've possibly heard of implantable micro-chips - currently being developed and tested. However, the public is not ready for this, so the government can't take huge jumps, purely because the public would see through their motives and agenda. Thus, they have to make little steps at a time. That way people won't perceive so much change occurring - until they stop to examine how far things have progressed in a relatively short period of time.
Of course, once Chip and PIN or ID cards have been seen to fail, the government can start imposing 'more secure' or 'better' schemes for security. They'll admit defeat and once security loopholes and breaches have been publicised, the government will be able to offer an alternative 'solution'; How about implantable chips with your details stored on them - no card to lose or get stolen and you can just swipe your finger on a sensor to pay for goods! Always with you - and we can even put your medical records on it, just in case you're involved in an accident and doctors need your information urgently! Just look for the excuses in order to manipulate the next stepping stone of global control and your eroded freedom and privacy.
9. They will cost retailers and small businesses more money
As already mentioned above, and confirmed by BBC News resellers who aren't already (as of 1st Jan 2005) equipped to accept Chip and PIN cards by installing up-to-date card readers, are now liable for losses incurred through fraudulent transactions.
Again, as predicted, resellers and consumers are bearing the cost of fraud, rather than the banks.
10. Less peace of mind
For all the reasons stated above, the introduction of Chip and PIN cards will lead to more confusion, less security, more fraud and crime and less peace of mind for end consumers.
I would urge you to boycott them and use alternative methods of payment, such as cash and/or cheques.
(see also reasons to refuse National ID Cards)
Copyright and Distribution
Please feel free to copy and distribute this article as widely as you can, or alternatively just link back to this page.
Comments and suggestions for improvement are welcome.


Anybody got any views?

Mick

Suresh

I've been using them daily for at least the last 10 years without a single problem that I can remember. Don't be scared!

Suresh

flynnstudio

plus everyone has their pin in their wallet FFS!!!

Step 8 - concerns me - the relatively 'cosy-feeling' Chip and Pin system is paying for a vast global e-verification infrastructure. Once that's in ALL that needs to be changed is the little £100 pin/card reader that's on the counter for a 'proximity implant reader'

They could have done all this and more with a little Digital signature recognition reader (like the DHL/Parcel Force guy has in his PDA). You write your signature onto the display and it checks it against the stored one - simple. The FACT they didn't do this is enough reason to be concerned. Plus the signature DOESN't even need to be on the back of the card - it's NEVER forgable cos no one but you ever sees it!!!!!
i'd advise everyone to 'spread' word of this 'better solution : Digital Signature! - it will cut the implant route off 'at the pass' (also saves you from enuring the crims gouging your implanted chip out of your hand with a knife in a back street

dharbige

Point 1:
This is bollocks. The PIN is not used to encrypt data, and cannot be compared with an encryption key. The reason why keys have to be so long is that you have an infinite number of "attempts" to use them, so there have to be an unrealistic number of combinations. PIN numbers can only be tried 5 times, sometimes only 3, so 10,000 combinations are sufficient.

Point 2:
If somebody lost their wallet containing all their signature based cards, they would all be compromised WITHOUT knowing the PIN.
The PIN is no use without the card. The card is little use without the PIN. My point is that with a C&P card, you need the card AND the PIN to perform a transaction. With the old cards you didn't need either!

Point 3:
How is this different from getting mugged for your cashpoint card and PIN? Muggers didn't have to forge your signature to make a withdrawal from a cash machine. And if the card is reported stolen, I don't see why the writer of the article assumes the bank is going to insist that the transaction is "perfectly legitimate". Finally, basing your argument that C&P cards are less secure and the assumption that they are less secure is quite frankly rediculous.

Point 4:
The nature of C&P transactions means that the bank has proof that a card was valid, and that the correct PIN was used for every transaction performed at a C&P terminal. Fraudulent transactions are virtually impossible in this environment (except where the card and the PIN have been stolen). "Card Not Present" fraud is unaffected by C&P, so will be neither better nor worse than signature based cards. Oh, and signatures are NOT more secure, as they are fairly easy to copy, and the person "checking" it is not qualified or trained (and sometimes not inclined) to do so.

Point 5:
The only instance where this argument holds water is immediately after your card AND PIN have been stolen, and before you report the card stolen.
I don't know what a bank's policy would be in this case

Point 6:
Isn't a point at all.

Point 7:
WTF? It's embarrassing to use a PIN??

Point 8:
The author doesn't know what he's talking about. Banks will be very reluctant to lose the branding of their cards, which makes combining credit/debit cards with ID cards unlikely. But so what if they do? Carry 1 card instead of 2/3/4? Where's the down side? The EMV application that C&P uses already supports the use of other forms of ID instead of PIN, such as fingerprint scans. What's wrong with this?

Point 9:
Yes, if retailers don't support C&P (which is a much more secure system than signatures), they are automatically liable for any fraud which occurs IF that fraud could have been prevented by C&P. I don't have a problem with this.
On the flip side of the coin, retailers who DO support C&P cannot be liable for fraud from non-chip cards, as the card issuer would automatically be liable.
I cannot see how this means the consumer is bearing the cost.

Point 10:
Again, not a point.


Chip & PIN is WAY more secure than mag-stripe.
The cards are virtually impossible to clone. Mag-stripe cards are very easy to clone.
The card itself is useless without the PIN. Mag-stripe cards can be used without any valid ID at all (especially once cloned).
The PIN is useless without the card.

Simon C

And if people continue to write theirr pin number on the card / piece of paper and keep it in their wallet, then if it gets stolen and used its their own stupid fault.

Oh and believe me, this does happen (pin written on the card) believe me, the amount of lost and stolen calls we take and the customers tell us they have done this is unreal.

douglasb

Around 10 years ago my wallet was stolen. I got on to the card companies straight away, everything was cancelled and I didn't lose out, however the ****** that took my wallet had a chance to use my cards. Their attempt at my signature wouldn't have had to be particularly good if another more recent experience is anything to go by.

Through usage, my signature had pretty much rubbed off my card. Anyone checking my signature didn't really have much to compare it with. I don't know how often I used the card in this state until a checkout person in a supermarket suggested that I either re-signed my card or applied for a replacement as my signature was illegible.

A stolen card with only a signature as security is vulnerable. A stolen card without a PIN is a lot less useful.

P1Fanatic

Eh? How can you not need a card to perform a transaction?

Simon.

cookstar

iTrader: (6)

I think they are unsafe for certain people, its not the first time i have done it but was queing up to pay for a coat in a shop, old lady paying with her card in front of me. I saw every digit she pushed on the pin machine.

I tapped her on the shoulder after and told her, her pin. and how easily i saw it. She was shocked as it was something she just hadnt thought of.

I realised after that i was lucky she didnt take it the wrong way, but she was gratefull and said she was going to contact the bank to change her pin ASAP.

So many people do not shield their pin properly.

Simon C

Ever looked at a receipt you've got from a shop. Some print the entire card number on along with start and end dates, or issue number.

Thats all the info I need to clone your card then use it in say Tesco's pay at pump.

RedFive

It is dangerous and will lead to the total destruction of your economy.

Brendan Hughes

He forgot Point #11: using Chip&PIN has been scientifically proven to increase the possibility of the sky falling on your head.

Stick to barter, folks, it's much more secure - how many times have you seen a guy being mugged for the dead sheep he's carrying?

Tiggs

isnt this like hoax emails, scams, national lottery?

its just a REATRD FILTER......the more things we have that sift out the complete idiots the better.

what next......tin cans....too hard for people to get into?

mart360

Unfortunatly the UK has gone about a half assed implementation of C&P

if you use them abroad, all the terminals are shielded, to prevent ******* from seeing your pin,

unlike here the units are in the open, and often set at such an angle that half the passing population can see what your typing in. or worse about a foot away from the till, as there was no space to put the reader.

i have covered the other failings, in one of my other posts


mart

dharbige

And Chip & PIN means that there is no longer a need to print the entire card number on the receipt anymore.
With signature cards, the only "proof" the retailer has of the transaction was the piece of paper linking the customer's signature to the card number. With C&P, this is no longer needed as the cryptographic signature produced by the card can prove that the card was valid, and the PIN was entered correctly.

It is ONLY because of C&P that the full card number is no longer printed.

RedFive

Some scientists disagreed however, and argued that your head could bump against the sky !

Bless.

Chelspeed

The signature would have been halfway decent security if the shops knew your signature and the ******* that stole it didn't. But putting a copy of the signature on the back for them to copy? How secure was that?

Absolutely anything is more secure than that.