Wednesday, 22 December 2004

How secure is Chip&PIN, anyway?

Please, no. Tell me it's not true. Could the Chip&PIN folks have been so dumb as use the same PIN for ATMs and the new smartcard readers? El Reg thinks so. So does The Torygraph.

The obvious security problem here is that an unscrupulous employee can steal the PIN, skim the magstripe, and clean out your account at an ATM. Admittedly, they might have to (gasp!) go abroad to do it. Even easier, they could just use email to send the PIN and magstripe data to an overseas accomplice.

Dumb. Dumb, dumb, dumb, dumb.

No comments:

Post a comment