[Gllug] [ot] borked net transaction
Christopher Hunter
chrisehunter at blueyonder.co.uk
Sun May 8 08:52:28 UTC 2005
On Sunday 08 May 2005 09:27, t.clarke wrote:
> I naively assumed that what was held on a Visa Card was a 'hashed' version
> of the PIN - in some fashion similar to that used to hold a password in
> Linux; ie a value that would compute FROM the PIN but could not be used to
> compute the PIN itself. Holding the PIN value itself within the card/chip
> itself would seem to be barmy, even if the chip is designed to that the
> value held cannot be 'read'!
>
> Tim
In common with most Bank "security" - it IS absolutely barmy. There is a
well-known high street bank that uses four capital letters as a universal
"password" for example.
Chris
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list