Insider attacks on PIN generation

Ian Batten igb at
Wed Feb 22 11:37:55 GMT 2012

I have a memory of being told of an insider attack at a bank where programmers managed to force the system to issue PINs drawn from a very small set, so that with a stolen card they had a better than 50% chance of guessing the correct PIN within three attempts.   But I can't find it in the literature.  Anyone find it rings a bell?


More information about the ukcrypto mailing list