Gaping hole in Chip 'n' PIN security
Von: Adam (nospam@nospam.com) [Profil]
Datum: 27.10.2009 14:15
Message-ID: <4ae6ef51$0$345$7b0f0fd3@mistral.news.newnet.co.uk>
Newsgroup: uk.finance
Datum: 27.10.2009 14:15
Message-ID: <4ae6ef51$0$345$7b0f0fd3@mistral.news.newnet.co.uk>
Newsgroup: uk.finance
I don't often use my company credit card when out and about (it mainly gets used for paying for things online), so when I was away on business recently and came to pay the bill with my company credit card, I realised that I wasn't sure I could remember what the PIN was. I typed in a number that I thought it was, and the machine said "PIN incorrect". I typed in another number, and got the same message. I thought I'd better not try for a third time, as my understanding (is this correct?) is that if you make 3 incorrect attempts the card gets blocked, and by this time I wasn't at all confident I'd remembered the PIN at all. So I called the waitress back to ask if I could use another card, and she said there was no need because the transaction was already authorised. I looked at the machine, and indeed that was what it was saying. I thought that maybe I'd misread the "PIN incorrect" notice, so I got the card out again for dinner the next day, and the machine said that it was the last attempt, so presumably it thought I had already tried twice with the wrong number. Now, I'm no security expert, but if a transaction can be authorised even if you type in the wrong PIN, isn't that a bit of a flaw in the system? All this happened in France, if that makes any difference. Adam[ Auf dieses Posting antworten ]
Antworten
- *** Squash *** (27.10.2009 17:29)
- Jonathan (27.10.2009 20:29)
- David Woolley (27.10.2009 23:09)
- mogga (03.11.2009 12:35)
- Theo Markettos (28.10.2009 18:36)
- Martin (28.10.2009 21:36)
- przyjaciel (29.10.2009 14:27)
- Gordon H (29.10.2009 22:45)
- Poster (29.10.2009 23:02)
- Graham Murray (30.10.2009 07:36)
- Alan S (30.10.2009 09:40)
- Mike Barnes (30.10.2009 05:32)