Monday, 23 June 2008

What does it really take to secure a chip-n-pin debit card?

I've just had my second chip-n-pin debit card blacklisted within a year due to failed overseas fraudulent cash withdrawal attempts!

The fraudsters are stealing enough of my highly secure chip details, plus identifying my darn PIN when I enter it (VERY) carefully. Luckily for me, I have not changed many of the places that I normally use chip-n-pin in the past year so I have to only stop using it at 2 large trusted and very popular retailers, 1 local convenience retailer, and 2 places where I occassionally get food.

My instinct at the moment is that the theft is occurring inside 1 of the 3 retailers. Lovely stuff!

It occurs to me that the only thing left to do, is not to use chip-n-pin anywhere but at a highly secure ATM, and the cashier inside a bank, on a floor or two above ground!!

But what I don't fully understand is that it seems the thiefs are happy to walk away with just 1 entry per location per day/week/month, thereby leaving the bank investigators no pattern that they can use to crack these networks. And these networks must be very well connected with some tiny electronic goodies, some fairly secure channels of communicating with each other in some non-pattern-recognisable manner, and some even more intricate chip programming and card producing facilities. There must surely be some way of looking at enough of the data the banks hold on these things and discovering some patterns - humans are just not capable of not having patterns!

Anyway, whatever the banks are doing so far is working - they apparently rejected these 2 withdrawal attempts due to the fact that they were not consistent with my usage pattern.

Hmmm ... "pattern" has now come up 4 times in this entry. Perhaps the recommendation for chip-n-pin users is actually: create a distinct very small pattern of usage - I do not believe at this time that the law will stop the thiefs, and it is only a matter of time before they're generating all the valid numbers and PINs they can dream of (maybe they already are...then I can actually use mine again!!??!?).

Grrrr!

No comments: