back to article Americans to be guinea pigs in vast chip-and-PIN security experiment

Next year US banks will begin a wide-scale rollout of chip-and-PIN bank cards, just 11 years after the UK made it mandatory. In doing so, Americans will take part in a vast experiment to test chip-and-PIN against chip-and-sign when it comes to stamping out money thieves. Not every US bank is keen on the PIN system, so some …

  1. Someone Else Silver badge
    FAIL

    Possible option:

    Send the chip-and-PIN card back, and insist on a chip-and-sig, or will close the account. Have done it several times with proximity cards.

    1. Bakana

      Re: Possible option:

      Chip & Sign will get resistance from most large chain stores because getting the Signature takes about 4 times as long as entering the PIN at the cash register.

    2. Dagg Silver badge
      Mushroom

      Re: Possible option:

      Why, chip-and-sig is a huge fail! No body ever checks the signature, anyone can use your card and just sign with something that just vaguely like your signature. Doh!

      1. ITS Retired

        Re: Possible option:

        I can't write on those credit card thingies at the check out. My own signature sometimes does not look vaguely like my own signature. Then what?

    3. big_D Silver badge

      Re: Possible option:

      Here in Germany it seems to be down to the merchant, whether it is chip and pin or chip and sig.

      Buying fuel is always chip and pin, buying groceries is often chip and sig.

      1. Charlie Clark Silver badge

        Re: Possible option:

        Buying fuel is always chip and pin, buying groceries is often chip and sig.

        They're actually two different types of payment - chip and pin is an immediate and incontestable deduction from your account (Electronic cash), the signature initiates a request from their bank to yours (Lastschriftverfahren). Read about all the exciting possibilities…

  2. Daedalus

    50 ways to love your lever

    The USA does it differently, sometimes 50 times differently. It's not long since banks were local to states, or in some cases counties within a state. The US govt. can't always crack the whip to enforce one way of doing everything, even if it wants to. Sometimes the best it can do is promote a common model for everybody to work from. So if we appear to be behind the times relative to those in electoral dictatorships, bear with us.

    1. Spearchucker Jones

      Re: 50 ways to love your lever

      The US govt. CAN crack the whip. And if the whip doesn't work, they could just invade themselves and install puppet CEOs at the banks...

      1. Yet Another Anonymous coward Silver badge

        Re: 50 ways to love your lever

        But only if they had oil and WMDs

        1. Someone Else Silver badge
          Alert

          Re: 50 ways to love your lever

          But only if they had oil and WMDs

          Check! And...check!

        2. Tex Arcana

          Re: 50 ways to love your lever

          Re: 50 ways to love your lever

          But only if they had oil and *non*-WMDs

          Fixed. Because we murkins need flimsy excuses.

      2. P. Lee

        Re: 50 ways to love your lever

        Too late... the banks have already invaded and taken control of the government.

        And back on topic, where is my duress PIN? That is the old way to deal with the, "I'll chop off your ear" threat. Perhaps to much "owner fraud"?

        1. Anonymous Coward
          Anonymous Coward

          Re: 50 ways to love your lever

          And back on topic, where is my duress PIN? That is the old way to deal with the, "I'll chop off your ear" threat. Perhaps to much "owner fraud"?

          Too much open to abuse, plus confusion on what to do when they receive a PIN like that.

          If an abuse PIN exists, you may be held until the criminal is sure it's clear - or killed (easier). Next is what the bank would have to do if they receive a distress PIN: alert the police? Refuse the funds? Either activity could lead to more danger for the customer and (which is what REALLY matters) more risk and liability for the bank, so it's not going to happen.

          Apropos liability: it's exactly the shift from the bank having to prove it was you during a transaction to you having to prove it was NOT you who entered the PIN that will make this a done deal in the US - I still wonder why it has taken so long, other than the severe mental effort to memorise a 4 digit code..

    2. Irony Deficient

      make an afghan, Stan

      Daedalus, there have been national banks in the US since 1863, although even national banks can have just a single branch.

  3. Dan Paul

    BOA/VISA Don't even think of it!

    I will move to cash only if I get one more damn fee or charge from Bank of America. They can kiss my ass on a step ladder in the middle of Times Square if they or VISA think they are shifting the blame to me for bank fraud or card fraud.

    1. poohbear

      Re: BOA/VISA Don't even think of it!

      No one has mentioned WHY the banks are shifting the responsibility... one reason I can imagine is fraud perpetuated by customers. Let's take a chip-and-pin card. I drive a suitable distance from my normal places, withdraw some money from the ATM, and then shortly thereafter call the bank and report my card stolen. (I think I left it in the restaurant...). I then destroy my card, and wait for the bank to refund me and issue a new card. The banks have no defence against this other than to shift the blame to you. I agree for most people who would never dream of a scam like I've just described, it's unreasonable if their card is actually swiped or cloned.

      1. Richard_L

        Re: BOA/VISA Don't even think of it!

        Just go in disguise when you do this because most ATMs have CCTV covering them as they're great sites for mugging, bag snatching, shoulder surfing, fraud etc...

        1. Anonymous Coward
          Anonymous Coward

          Re: BOA/VISA Don't even think of it!

          > they're great sites for mugging, bag snatching, shoulder surfing, fraud etc...

          ...and dogging. :-b

      2. Anonymous Coward
        Anonymous Coward

        Re: BOA/VISA Don't even think of it!

        > No one has mentioned WHY the banks are shifting the responsibility... one reason I can imagine is fraud perpetuated by customers.

        Banks do know about this, and factor it in as cost of doing business (you and I pay for it).

        Source: my very candid bank manager. :)

      3. Charlie Clark Silver badge

        Re: BOA/VISA Don't even think of it!

        @poohbear and just how much you think you can scam like this? $100 - $200 at a restaurant? How far do you think you have to drive to "get away with it"? And how often do you think you can pull a scam like this? I don't think you have really thought this through.

        There are much easier and safer ways for you to make a quick buck of the system than this.

  4. phil dude
    Meh

    credit unions...

    besides, here in the USA there are credit unions as well as banks. These are normally much closer to their constituents that most banks, on account of their local founding status (not as strict as it used to be). Foisting unpopular things will be met with some resistance.

    Chip and sign is probably an improvement, and essentially what most UK users get in the USA all the time...

    But as the honourable Ross Anderson pointed out, one of the reasons Americans have resisted having a *secondary* piece of information associated with payment cards, has been the threat of violence. It raises the criminal risk since previously "skimming" does not require any extra information.

    Then again, perhaps bogus terminals will be quick to propagate instead...

    P.

  5. Anonymous Coward
    Anonymous Coward

    Unfounded concerns

    These are basically the same concerns that have been trotted out wherever chip & pin has been rolled out - and the forecast catastrophe has never happened. The weaknesses in the technology have proved to be pretty trivial compared with the hopeless lack of security inherent in the old mag stripe/signature system (particularly since experience shows the signature is never really checked), and the extortion of PINs at knife/gunpoint is rare as hens teeth. In fact most of the remaining card theft fraud we have this side of the Atlantic is actually as a result of stolen European cards still being usable in places like the USA. Come on America, we did the experiment a decade ago - just get on with it!

    1. disgruntled yank

      Re: Unfounded concerns

      Well, cars and guns are pretty common in the US, so now and then ATM coercion does happen. I'm not sure the little fob thingies will make a difference.

      1. Eddy Ito

        Re: Unfounded concerns

        Let's not forget that card theft is often grab and run. Actual muggings are also a time limited affair unless you really are at the far end of a dark alley so it isn't likely that someone will stand there waiting for you to try remembering your PIN. Besides, it's much easier to search through the wallet/purse later for the scrap of paper all the PINs are written down on.

    2. Charlie Clark Silver badge

      Re: Unfounded concerns

      Going for details at gun or knife point is a high risk strategy for a criminal: the offence is no longer just theft but assault (or worse); the likelihood of witnesses rises with every second and there is a much higher chance of being identified.

      Online fraud is easier and safer for those practising it. The banks prefer online fraud too as the customer has all the risk.

  6. Gene Cash Silver badge

    Restaurants?

    So how will this affect restaurants, where the server usually takes your card and the signed receipt to swipe somewhere else?

    Some of the restaurants have Android tablets-with-card-swipe, but these are incredibly poorly implemented and so far I refuse to use them. For example, they let you play trivia games, and then charge you for that. As another example, they're on a separate wi-fi network from the patron wi-fi network (smart) but the wi-fi password was the chain name (dumb)

    Then they expect you to pay through the device, so if you want to pay cash, you then have to get the server to come back and deal with it. You can guess how well that's handled.

    1. Yet Another Anonymous coward Silver badge

      Re: Restaurants?

      They have little terminals that they bring to your table, with batteries and radio waves so it doesn't need wires.

    2. DaLo

      Re: Restaurants?

      If you let the waiter/waitress take your card away for swiping then you are asking to be cloned...

      The idea is that they come to your table to swipe or check the card or you go to them. Don't let them take the card.

    3. localzuk Silver badge

      Re: Restaurants?

      If you're letting someone take your card out of eyesight, then you're basically an idiot in this day and age. Either go with them to the payment machine, or pay with something other than your card.

      However, over here they just use mobile chip and pin terminals in most restaurants.

  7. James 100

    A friend has a local restaurant with a chip&PIN machine which prompts you for a tip first. He's told me an alarmingly large number of people accidentally enter the PIN as a four-digit tip ("Did you really mean to give me a £27.45 tip on that £20 meal, or would your PIN happen to be 2745...?")

    The ease of extracting and verifying the PIN is alarming, though: I would hope banks get wise to that and either disable those remote PIN-checkers, or start using different PINs for actual card transactions and those remote banking operations. Yes, criminals could then use actual card terminals to try a transaction - but of course that leaves a much stronger paper trail (they'd need an online terminal to process that transaction, giving the police something to hunt down).

    I liked the idea of chip&PIN, replacing signatures which really don't give any security at all, but there are indeed plenty of flaws in the current approach.

  8. Greg J Preece

    The part I never got with chip & pin was the 4-digit limit on PINs. Then I moved to Canada, and was both pleasantly surprised and frustrated to find that PIN lengths here are variable between 4 and 12 digits, according to user preference. I have a PIN at the higher end of that range as a result. 4 digits is pathetic.

    1. Anonymous Coward
      Anonymous Coward

      > I have a PIN at the higher end of that range as a result. 4 digits is pathetic.

      314159265359?

      1. Yet Another Anonymous coward Silver badge

        Damn you guessed - now I have to change the universe

      2. This post has been deleted by its author

      3. Anonymous Coward
        Anonymous Coward

        that's a good one

        I like pie

    2. T. F. M. Reader

      PIN lengths here are variable... 4 digits is pathetic.

      So what do you do when you travel outside of the enlightened Canada and are presented with a prompt for a 4 digit PIN? Will the first 4 digits work?

      And what if 4 digits are not enough? I saw that at a petrol station in Italy once. Around midnight it was dark and empty, so it was self-service or nothing. I stuck my card into the slot at a pump and was prompted for the PIN. I punched my 4 digits in only to notice that there were 5 positions, and the device did not allow me to proceed with just 4. I turned to my Italian friend who was with me in the car and asked, "This is weird. Do your credit cards have 5 digit PINs?" She looked at me and said, "I wouldn't know. I have never had a credit card in my life."

      1. Anonymous Coward
        Anonymous Coward

        Re: PIN lengths here are variable... 4 digits is pathetic.

        Swiss pins are six digits. Some GB machines accept them. Some accept just the first four digits, some threaten to block the card.

        It seems to me the biggest weakness is in the standard of the readers.

        As for online fraud: I can not see that pin or signature makes a blind bit of difference if one just types in the printed details from the card, or reads them out over the telephone (an ex-wife used my card to buy tickets to NZ for herself just like that). Certainly it has increased: there is infinitely more online shopping and direct fraud, at a shop or restaurant is considerably harder unless one knows the PIN, so fraudsters seek the easiest option - online or telephone. That demonstrates the strength of the chip and PIN, not the weakness.

        Of course, many British and Swiss sites now demand that one verifies the transaction via a separate system after the card details have been entered.

        And signatures! Most waiters and shop staff are too busy even to look at photos on those cards with them. Those who check people's somewhat variable signatures (if it has not faded, been washed out when your wallet got soaked in that thunderstorm that drenched you through and through ....) are rare indeed. A delightful neighbour managed to filch a cheque from me long ago and had no difficulty using it to get cash despite the signature been as unlike mine as is imaginable. It got picked up at the bank only because I happened to work there and a colleague, processing it, pointed out that it would make me overdrawn and had I really intended it. Only I checked my signature (in those days one had a cheque card just to provide a sample signature for comparison, to be shown as one paid by cheque).

        As with mobile 'phones, affordable health care and economical cars, the Americans are just catching up with modern life and technology for the masses.

      2. Greg J Preece

        Re: PIN lengths here are variable... 4 digits is pathetic.

        So what do you do when you travel outside of the enlightened Canada and are presented with a prompt for a 4 digit PIN? Will the first 4 digits work?

        When I travel to the states and am lucky enough to get a chip machine, the longer pins work just fine. I believe the restriction is in the card, not the reader.

  9. Bakana

    Not such a big change

    When you come right down to it, Chip & PIN isn't really all that different than most DEBIT Cards in use right now. It replaces the Magnetic stripe with the Chip. The PIN could easily stay exactly the same although I'd favor a longer, variable PIN like most Canadian banks use.

    The Chip Does have the advantage of being more difficult to erase by Accident when getting too close to a magnet.

    As far as the Crooks go, well I can still remember a news story years back when Washington DC's subway system was new. They bought machines to allow Magnetic fare cards that could be purchased with enough credit for days, weeks or months worth of rides. The CROOKS who were making counterfeit subway passes actually got the machines to make the Magnetic cards Before the Subway authority got Theirs delivered.

    The subway system found out when people started trying to Use the fake magnetic cards several days before they received any of the new machines.

    1. Yet Another Anonymous coward Silver badge

      Re: Not such a big change

      Slight difference. You know the warnings about checking for hidden card readers and cameras on ATMs where they might spy on your pin?

      With chip+pin you get to enter your pin in 100s of different terminals at every convenience store, gas station and cafe.

      If banks can't secure an ATM inside their own branch how much do you trust the cyber security of the chip+pin terminal at Billy-Bob's muffler store ?

      1. Dagg Silver badge
        FAIL

        Re: Not such a big change

        >>With chip+pin you get to enter your pin in 100s of different terminals at every convenience store, gas station and cafe.

        Er, this is the same with your basic debit card, the only difference is you swipe the stripe and then key in the pin. You can do this in the same 100s of places on the same terminal that could be compromised in the same way.

        1. Greg J Preece

          Re: Not such a big change

          Er, this is the same with your basic debit card, the only difference is you swipe the stripe and then key in the pin. You can do this in the same 100s of places on the same terminal that could be compromised in the same way.

          I've been tapping a lot recently, especially at the local 7-11. I have no idea what my tap limit is, but it seems to be ludicrously high - I put $200 through it a month ago and the reader just said "yep, sure" and processed the payment!

      2. Steve Davies 3 Silver badge
        Holmes

        Re: Not such a big change

        Which is why I use CASH most of the time for purchases under £20.00.

        When traveling in the US I make a point of NEVER EVER using a card at a convenience store even though I have a card that bills me in USD.

        I also use one card for Fuel and nothing else. Another Card (from a different bank) is only used for online purchases (I have forgotten the PIN).

        Spread your risk and use different PIN's and you will have done everything you can to keep your money safe.

        1. Fred Flintstone Gold badge

          Re: Not such a big change

          Spread your risk and use different PIN's and you will have done everything you can to keep your money safe.

          Sensible, until you get mugged and have to cough up the codes to all with a knife against your throat. OTOH, with a signature card they don't need to bother..

  10. MrRtd

    I don't know about anyone else, but I like my chip-and-pin and contactless cards. Banks and anyone who has worked in retail know that it is rare a signature is accurately verified.

    It appears that some US banks are using these cards as an excuse to pass on the fraud costs to the consumer. I suspect they will offer fraud insurance at an additional cost. Remember it's all about reducing their costs and making more money from you.

    1. Vic

      anyone who has worked in retail know that it is rare a signature is accurately verified.

      A long time ago, I had an accident which meant I could not use my right hand for several months.

      I would have to tell the checkout operators that I couldn't sign for my purchases - this was before Chip&PIN came in.

      None of them were pleased about the situation, but I didn't have a single transaction declined...

      Vic.

      1. This post has been deleted by its author

  11. AJames

    Americans are so funny

    Yes, by all means let's have a vast chip-and-PIN experiment. Except that the rest of the world has been on chip-and-PIN for years. Next you'll be telling us about a radical experiment with a brand-new system of decimal measurements!

    In any case, it's not so much about security as it is about liability. Concurrent with the switch to a chip-and-PIN card, you will get a nice little change of service agreement from your bank with lots of fine print which basically says that you are deemed 100% liable for any card transactions which they claim have used your PIN.

    No more of those messy fraud investigations, the customer is responsible! Never mind those pesky cases where the customer claims that he was half a world away and has never shared his PIN with anyone. Never mind those cases where the it turns out that the bank lied when they claimed that the PIN was used. Minor incidents, nothing to get in the way of a great innovation in liabilityxxxxx I mean of course security.

    1. Fred Flintstone Gold badge

      Re: Americans are so funny

      No more of those messy fraud investigations, the customer is responsible! Never mind those pesky cases where the customer claims that he was half a world away and has never shared his PIN with anyone. Never mind those cases where the it turns out that the bank lied when they claimed that the PIN was used. Minor incidents, nothing to get in the way of a great innovation in liabilityxxxxx I mean of course security.

      Yes, they have done a great con job with that in Europe - and not a SINGLE regulator has as much as raised their eyebrows.

      However, it's not all bad news: this geographic difference is already used by a number of providers to question transactions. I have had calls about attempted transactions from across the globe when one of these online idiots turned out to retain CSVs and had their whole database stolen, and they picked that up because all my other transactions were elsewhere. I had to switch to another card as the provider barred it as stolen/copied, and issued a new one.

      1. localzuk Silver badge

        Re: Americans are so funny

        You're both wrong about that now. The UK law changed in 2009 which made it legally a responsibility of the bank to prove it was a transaction authorised by the cardholder rather than them simply brushing it off as "can't be done, as only you know the pin".

        So, the bank IS still liable by default, and regulators HAVE done something about it.

  12. JCitizen
    FAIL

    The reason Americans don't like it..

    We call it Cow-Chip-N-Pen we don't want to pay for such an expensive big fail - we've already had enoiugh of too big to fail already:

    February 2008

    http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-711.pdf

    February 2010

    http://www.bbc.co.uk/blogs/newsnight/susanwatts/2010/02/new_flaws_in_chip_and_pin_syst.html

    " "

    http://news.bbc.co.uk/2/hi/science/nature/8511710.stm

    September 2012

    http://www.cl.cam.ac.uk/~rja14/Papers/unattack.pdf

    Video summary of above report

    http://www.bbc.co.uk/news/technology-19559124

    (Source http://nc3.mobi/references/emv/) Posted by Jonathan E. Jaffe

    Also Cow-chip-n-pen

    http://www.theregister.co.uk/2014/05/19/chip_and_skim/

    Even the Register will give me pause at the thought of this expensive debacle! There are vastly cheaper alternatives on the market, and one of them is PassWindow.

    1. Pascal Monett Silver badge

      Re: The reason Americans don't like it..

      Funny how, when it comes to money, you guys can find a whole lot of reasons to not do it, but when it comes to guns, thousands of deaths per year are not reason enough to change.

      1. Anonymous Coward
        Anonymous Coward

        Re: The reason Americans don't like it..

        Funny how, when it comes to money, you guys can find a whole lot of reasons to not do it, but when it comes to guns, thousands of deaths per year are not reason enough to change.

        Profit or sanity. Easy choice..

    2. localzuk Silver badge

      Re: The reason Americans don't like it..

      You're looking at chip and pin in isolation. You're not comparing it to previous fraud levels with mag strip/signature cards. It is so easy to defraud someone with a mag strip/sig card that the system is basically an open door to free money.

      Whilst flawed, the chip and pin system does actually provide some level of extra security.

      1. Charles 9

        Re: The reason Americans don't like it..

        "Whilst flawed, the chip and pin system does actually provide some level of extra security."

        Not really when the hackers are already targeting the BANKS. Crims are smart enough to just look for points necessarily OUTSIDE the security envelope.

  13. DaLo

    Really?

    "The results of the split approach will be studied by security experts to determine the pros and cons of each system; whether PINs are really more secure than a signature and whether chips are more tricky to clone than magnetic strips, for instance."

    It takes security experts to decide whether chips are more tricky to clone than a magnetic Stripe? Do they know you can buy a mag stripe reader for hardly anything and read the stripe. Also signatures are not secure at all, hardly anyone checks them and even if they do it would take less than an hour to learn it to a level that it would pass a standard glance. The signature is also carried by the card so your secure authenticated element is given with the card!

    Other than forensic examination signatures provide next to zero security.

    Most of the skimming done in Europe is to steal the mag-stipe (which still only exists so the card can be used in the States and as a fall back if the chip fails) and the clone is then sent to the states to be used.

    I'm not a security expert but I will happily accept the money for that analysis.

    1. NeilPost Silver badge

      Re: Really?

      People do actually realize that the Swipe/Chip and Sign terminal do take a digitized image of the signature that you enter on the device, and can store it with the transactional information..... it's not just the cashier than see's it, it's stored as 'evidence'....

      1. Charles 9

        Re: Really?

        So what. So does a paper receipt. The thing is that a signature in and of itself is useless against a skilled forger.

  14. paulc

    to counter mr mugger, you need a panic PIN

    i.e. set up two PINS, one real, one for use in panic situations so that when mugged and mr. mugger demands you key in your PIN, you can key in the panic one which apparently passes the PIN OK test... but when used in the ATM, sets off an alarm when an attempt is made to withdraw money and freezes that chip and pin card by swallowing it.....

    1. Charles 9

      Re: to counter mr mugger, you need a panic PIN

      They ALREADY counter panic codes with frog marches. They won't let you go until you get the actual cash out of the machine. If you use a panic code, things are liable to get ugly. This also has the advantage that the mugger stays out of the ATM's ever-present eye. I frankly don't know how this can be countered without some unwanted side effect (I was thinking a booth that can only fit one, but what if it jams and locks you in, or you're too fat to fit?).

      1. Peter Gathercole Silver badge

        Re: to counter mr mugger, you need a panic PIN

        What should be done is that they make it so the panic PIN will work in the hand-held devices, and will dispense money the first time it's used in an ATM but alert the bank and the Police. The mugger won't know that they don't have the proper PIN, and hopefully will release the victim.

        The bank can then flag the card to cause any ATMs to go out-of-service (rather than declining the card) whenever the card is used again, hopefully leading the mugger to be unsure whether the card has been blocked (in case they demand that a second transaction is done by the victim), or whether the ATM is truly faulty. All the time, you pass the location on to the police whenever the card is used.

        The customer and the bank may argue who pays for the first cash withdrawal (the bank will want to make sure that it really was a withdrawal under duress), but that should be a small problem.

  15. Slx

    Only 22 years after France, but better late than never!

    This is starting to look like they're testing the rubber tyre concept to check that it would work with American roads!

    The single biggest point of weakness with chip and pin is the retention of magnetic stripes on the cards.

    If the US banks and other technology laggards had just implemented chip and pin years ago, we could have issued cards without any magstripes and removed a whole technology that allows cards to be skimmed in ATMs and other devices.

    I think at this stage, European banks should issue chip-only cards and you could have your magstripe enabled card for travelling to technologically backwards places that still cling onto 1960s swipe and sign!

    The whole concept behind payment cards it utterly ridiculous though.

    How such a fundamentally insecure system has remained in service for so long defies all logic.

    When you think about it, Gmail is probably many, many times more secure than the computer system that keeps your life savings and wages protected with a swipe card and a 4 or 5 digit numeric pin!

    Also, when cards are used online or on the phone, you're entirely relying on the retailer to be trustworthy. The idea that you can just give someone a 16 digit account number, an expiration date (and sometimes a CCV code) and authorise a large transaction based entirely on trust is absolutely nuts.

    There's much better technology available at this stage and we should be able to push transactions to the retailer with absolute security using mobile apps or something like that.

    From what I can see the banking sector is just totally incompetent. They've managed to nearly drive the global economy off a cliff and they're incapable of coming up with a modern universal secure payment platform despite all the requisite technology being widely available.

    They're obviously writing off vast amounts of fraud and all of that is simply being levied against consumers in charges and insurance premiums.

    1. Anonymous Coward
      Anonymous Coward

      Re: Only 22 years after France, but better late than never!

      what do you expect, its not their money

  16. Anonymous Coward
    Anonymous Coward

    So - Chip&PIN failure is that fraudsters have to give up on it and do online fraud instead?

    And being frogmarched to an ATM is better than just having to give the right PIN on the spot?

    How is *anything* supposed to be able to fix the issue of having a violent guy with a weapon threaten you until he gets some money?

    How is Chip&PIN responsible for "shifting fraud cost to the consumer"? In France, it has squarely shifted fraud cost on the banks. Most fraud happens without the PIN, and the banks have to pay back, period.

    Maybe it's just that American banks noticed 6 years ago they could get away with doing pretty much anything without so much as a slap on the wrist.

    I've not been able to google up anything about that anecdote on compromised terminals. Reference needed? There's little indication it broke Chip&PIN. The PIN doesn't get out of the card's chip, so listening to transactions won't give it to you, and won't allow you to make fake ones certified by the chip. So as it is described here, it's just hearsay by somebody who doesn't quite know how the thing works, but is intent to make it look bad.

    I failed to detect any logic in that article beyond that "Americans have not invented it so it must be bad".

  17. Kubla Cant

    Why so many keys?

    1-2-3-4-Enter.

    Maybe 1-2-4-Erase-3-4-Enter.

    Occasionally 1-9-0-3-Clear-1-2-3-4-Enter.

    That's a maximum of 13 keys. So what are all the other keys on chip & pin terminals for? Especially the ones in supermarkets. With one on every checkout in the country, and, I should imagine, a pretty short life before replacement, there can't be economies of scale in using generic terminals. But they often seem to have function keys and other extra keys. Do the checkout staff play games on them when business is slack?

  18. chris lively

    This is all about liability.

    If I enter a PIN code and that code is stolen ( incredibly likely given the complete lack of security for most retailers ) then it is far easier for a thief to drain my bank account (debit card). Which can cause a lot of issues.

    If I choose to do a signature and the card number is stolen, then it's all on the bank(s) to figure out what's going on and the money doesn't leave my account.

    I just can't see a situation in which using a PIN code is a worthwhile idea.

    1. NeilPost Silver badge

      You do realise your signature is digitized on a Swipe/Chip and Sign terminal ???

  19. Dr_N

    Patents finally run out?

    Have some patents finally run out on some critical C&P stuff then?

  20. Yugguy

    Funny

    How you're all worrying about the security of chip and pin. We've had it for 10 years and are now worrying about the security of contactless transactions.

  21. Nurg

    Chip and pin is the least bad system that we've ever had.

    Chip and pin has been great and I'm really glad we have contactless payments gradually taking off here in the UK. The sooner I can stop carrying cash the better! I even have a paytag on my phone so I can pay with that:

    http://www.barclaycard.co.uk/business/accepting-payments/face-to-face/pay-tag

    (It's basically a contactless VISA credit card in a sticker)

    Chip'n'pin is pretty poor compared to what's possible but far better than anything that went before.

    I also run a small retail business - the sooner I can *stop* taking cash the better. No more runs to the bank with the cash or for small change. It's both a waste of my time and a huge security risk. Money should go to the bank electronically and with no fraud risk on the retailer.

  22. ShadowDragon8685

    Yankee reporting in: I got one of these cards in the mail yesterday, to replace my old bank-issued debit card.

    It got me thinking about security, so for a change of pace I sat down with the manager at the branch of my bank I was doing business with. (Not the one nearest my home, but their flagship branch, where it is possible to acquire $2 bills.) I asked him about the chip, and while he gave me a lot of vaguely-reassuring sounding stuff, he was unable to explain to any real satisfaction how this actually made my card any more secure, since if someone nicks my card, they've nicked the chip as well.

    I then pulled out my keychain, with my Battle.net authenticator and my Star Wars: The Old Republic account authenticators on it, and asked if my bank offered any form of two-factor authentication scheme. I was told that banks do, in fact, make great use of such things, but not for customers.

    I expressed dismay that my World of Warcraft bank transactions are more secure than the one that holds my actual money. WHY is two-factor authentication not being used for something like this? WHY is my World of Warcraft account more secure than my ACTUAL BANK ACCOUNT? I wouldn't think it would be excessively hard to implement 2-factor authentication for literally any use other than giving your numbers over the phone to someone else, where it would introduce considerable lag.

    1. Charles 9

      "WHY is two-factor authentication not being used for something like this?"

      Because of stupid. WoW players tend to be a technically-savvy lot so dongles are OK with them. Whereas Gran may not be down with this, could be confused with technology, yet banks have to cater to the least common multiple (particularly those with bad memories and no second factor to work with).

      1. ShadowDragon8685

        Wow. I realized after I'd posted that this was a 2-year-old topic.

        That having been said, I'm not suggesting making 2FA a compulsory security measure by any means; just an optional one for people who, like me, were already burnt once (in WoW) and learned to love 2FA as a consequence.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon