Re: Shell suspends chip and pin after £1m fraud
Igor Mozolevsky
ukcrypto at chiark.greenend.org.uk
Sat, 13 May 2006 11:19:46 +0100
On 13 May 2006, at 03:20, Peter Fairbrother wrote:
>> That still doesn't stop someone from stealing your _credit_ card
>> number and your _credit_ card pin, and then withdrawing money from a
>> foreign ATM...
>>
>
> yes - what we need is to keep the PIN secure (as we need a pin to
> use in the
> foreign ATM) - and afaics the best way to do that is to have a chip
> and
> signature card.
>
> That way the PIN isn't exposed to any Tom Dick and Harry every time
> we make
> a purchase - just when we use an ATM, and in theory and in practice
> they are
> generally secure.
That's the point I was trying to make! Also, AFAIK, you can still
repudiate transactions on your current account (granted, it may take
a bit longer to 'recover' the money), and the UK ATMs fall back to
magstripe if they deem chip unreadable (difficult to read the chip if
it's not there, for examle)...