[Gllug] OT - chip & pin
tallus at gmail.com
Mon Apr 3 16:40:49 UTC 2006
On 03/04/06, John Winters <john at sinodun.org.uk> wrote:
> On Mon, 2006-04-03 at 14:31 +0100, Paul Rayner wrote:
> > On 3 Apr 2006, at 14:02, John Winters wrote:
> > > Thus if a reader keeps saying, "Is this the PIN?", "How about this
> > > one?", "Well, how about this one?" the on-card processor eventually
> > > goes
> > > into sulk mode and starts refusing all of them, regardless of whether
> > > they're right or not.
> > >
> > > Now whether it was actually implemented this way I don't know - perhaps
> > > they removed this intelligence to save money, but if they did it rather
> > > defeats the point of Chip and Pin.
> > It may well work this way now, but the experience of a friend of mine
> > suggests otherwise. She couldn't remember the PIN on one of her cards,
> > and so had two goes at 3 different places before saying "I can't
> > remember my number can I sign please". She then found the piece of
> > paper in her handbag (*sigh*) with the PIN on and entered it correctly
> > with no problems in the next shop. This would suggest that the "3
> > strikes and you're out" intelligence is implemented in the readers or
> > in the bank's systems.
> I think you're reading too much into one incident. The refusal
> algorithm is more intelligent than just "3 strikes and you're out".
> There are (or were to be) timers and all sorts of things.
Not so long ago I got caught with "3 strikes and you're out" at an
ATM, locking myself out of any ATM transactions, Chip & Pin
transactions in shops carried on working fine (and of course its the
Gllug mailing list - Gllug at gllug.org.uk
More information about the GLLUG