Personal identification number

From Wikipedia, the free encyclopedia

PINs are most often used for ATMs but are increasingly used at the Point of sale, especially for debit cards. Throughout Europe the traditional in-store credit card signing process is being replaced with a system where the customer is asked to enter their PIN instead of signing. In the UK and Ireland this goes under the term 'Chip and PIN', since PINs were introduced at the same time as EMV chips on the cards. In other parts of the world, PINs have been used before the introduction of EMV.

In 2006, James Goodfellow, the inventor of the personal identification number, was awarded an OBE in the Queen's Birthday Honours List.^[1]

1 PIN Security
2 English language usage
3 PIN hoax
4 See also
5 References

[edit] PIN Security

PINs are often 4-digit numbers in the range 0000-9999 resulting in 10,000 possible numbers. Many PIN verification systems allow three attempts, thereby giving a card thief a 1/3000 chance to guess the correct PIN before the card is blocked. This holds only if all PINs are equally likely and the attacker has no further information available, which has not been the case with some of the many PIN generation and verification algorithms that banks and ATM manufacturers have used in the past.^[2] Mobile phones usually allow the user to enter PIN between 4 and 8 digits length.

In 2002 two PhD students at Cambridge University, Piotr Zieliński and Mike Bond, discovered a security flaw in the PIN generation system of the IBM 3624, which was duplicated in most later hardware. Known as the decimalization table attack, the flaw would allow someone who has access to a bank's computer system to determine the PIN for an ATM card in an average of 15 guesses.^[3]^[4]

In 2006 two researchers Omer Berkman and Odelia Moshe Ostrovsky, discovered several security flaws in the PIN processing standards. Published under the title The Unbearable Lightness of PIN Cracking, the flaw would allow someone who has access to a bank's computer system to determine the PIN for an ATM card in as little as one guess, and to attack bank customers of other banks.^[5]

[edit] English language usage

The term PIN number is commonly used. Strictly speaking this is an example of RAS syndrome (Redundant Acronym Syndrome), since it would mean personal identification number number. In some dialects, it is common to pronounce the word "pen" the same as the word "pin". In these cases, the use of "PIN number" may avoid confusion.

[edit] PIN hoax

Main article: ATM Safety PIN Software

Rumours have recently been circulating that if you enter your PIN code into an ATM machine backwards, police will be notified and you will receive money.^[6] This would come in useful if you were being held at gunpoint for money - the muggers wouldn't know your PIN and therefore would not know if you notified the police. A system is available to achieve this, but is not in common use.

[edit] See also

[edit] References

^ Royal honour for inventor of Pin. BBC (2006). Retrieved on 2006-11-24.
^ Kuhn, Markus (July 1997). "Probability theory for pickpockets — ec-PIN guessing" (PDF). Retrieved on 2006-11-24.
^ Zieliński, P & Bond, M (February 2003). "Decimalisation table attacks for PIN cracking" (PDF). University of Cambridge Computer Laboratory. Retrieved on 2006-11-24.
^ Media coverage. University of Cambridge Computer Laboratory. Retrieved on 2006-11-24.
^ Berkman, O & Ostrovsky, O (November 2006). "The Unbearable Lightness of PIN Cracking" (PDF). Retrieved on 2006-11-24.
^ Reverse PIN Panic Code. Retrieved on 2007-03-02.

Retrieved from "http://en.wikipedia.org../../../p/e/r/Personal_identification_number.html"

Categories: Banking terms and equipment | Personal identification

Personal identification number

From Wikipedia, the free encyclopedia

Contents

[edit] PIN Security

[edit] English language usage

[edit] PIN hoax

[edit] See also

[edit] References

Views

Navigation

interaction

Search

In other languages