Interesting atricle imo. Even though they stress the corrupt employee angle i'm sures could do it.
http://www.newscientist.com/news/news.jsp?id=ns99993424
Interesting atricle imo. Even though they stress the corrupt employee angle i'm sures could do it.
http://www.newscientist.com/news/news.jsp?id=ns99993424
What's with the bit about the PIN number being a function of the account number?
Over here at least we can choose our own PIN number.
To be honest though it doesn't really worry me. It relies on someone in the bank being dishonest and this is the case anywhere. Everytime you order something over the phone on a credit or debit card you give your number to a stranger. Even when you use a card over the counter, the person only has to remember about 15 numbers and a name, not that hard with some practice.
It does surprise me that banks would be that slack though. With the potential lawsuits against the bank you would think they would sort it out.
Yea im not really concerned, its more the way it was done that interests me...
This one from a few days back I think could cause bigger problems.
Wave upon wave of demented avengers march cheerfully out of obscurity unto the dream.
Only by fools and morons. Yea this could be an issue also, but nothing is ever secure 100%.Up until now, SSL systems had been thought to be completely secure.
That's true, but you will still have a native PIN. The PIN you choose is derived by adding a number to the calculated PIN.Originally posted by minesweeper
What's with the bit about the PIN number being a function of the account number?
Over here at least we can choose our own PIN number.
Look at it this way.....
Your native PIN is 1234, and you want a PIN of 4321. To derive this, the system adds 3117 to your native PIN (ignoring carries) which gives your custom PIN of 4321. This offset is either stored on the server, or on the card.
The encryption used is NBS/DES.
Visit entropysink.com - It's what your PC is made for!
