[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
We are off list today. On the subject of PIN numbers, try this: "How ATM fraud nearly brought down British banking" http://www.theregister.co.uk/2005/10/21/phantoms_and_rogues/ Fascinating. D On Tuesday 13 November 2007 18:36:40 Julian Hall wrote: > Brad Rogers wrote: > > Indeed. In much the same way that having a 3 (or 4) digit "security" > > code on a credit or debit charge ensures you have that card. How? > > Once you use that number once, be it on the 'phone, on-line, or > > wherever, at least one other person has that number. Security is > > compromised. > > I live in a town of 50,000 inhabitants. A friend of mine says he knows > 4 people with the same 'randomly generated' PIN code (no I don't know > why they told him). > > Say only half have credit cards - that's 25000 / 4 with probably the > same PIN or 6250. > > In my experience they're not actually truly random either. Of three > credit cards I have had, there is a simple identifiable pattern. > > Take an example of > > 6342 > > The first two digits add up to the same as the last three. That's an > example of course not my real PIN ;) However I noticed it on two > separate cards and I'd be curious if anyone else has the same pattern. > Even if they don't there are only 10,000 combinations and if we say that > 50% of the country has a credit card (I read that somewhere - I forget > where), that's 30,000,000 / 10,000 with the same PIN number. 3000. If > we knock off the obvious 0000, 1111, 1234 etc there are even less > options. The true figure probably lies somewhere between the 6250 in > Barry where I live and the 3000 above. > > What's wrong with something similar to fingerprint technology that would > recognise your signature on a pressure pad? Much more unique. The only > snag being that my signature is so unique *I* don't get it the same > every time. > > Kind regrds, > > julian -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html