About

AssembleMe is an information science blog written by Julius Schorzman that frequently sways off-topic.

Julius is the CEO of the Google Ventures backed company DailyCred. DailyCred makes working with OAuth super duper simple.

To view some of my old projects, visit Shopobot or CodeCodex.

You can follow me on Twitter if you really want to @schorzman.

Search
Contact Me
This form does not yet contain any fields.
    « Information Chaos | Main | "Links and Causal Arrows: Ambiguity in Action" »
    Friday
    Sep172004

    ATMs and PINs

    DATA: Here's an interesting tidbit about ATM security from The Register.



    The modern "PIN entry device" is a physically and logically self contained tamper-resistant unit that encrypts a PIN within milliseconds of its entry, and within centimeters of the customer's fingertips. The plaintext PIN never leaves the unit, never travels over the bank network, isn't even available to the ATM's processor: malicious code running on a fully compromised Windows-based ATM machine might be able to access the cash dispenser and spit out twenties, but in theory it couldn't obtain a customer's unencrypted ATM code.



    Amazing stuff. But it seems silly to put so much thought into this potential problem and so little into these well demonstrated problems:



    1) Someone can easily steal my social security number and get a credit card in my name and destroy my credit. When are banks going to do something about identity theft?



    2) Someone can use my debit card to make purchases with only a forged signature. When are they going to start requiring PINs for POS purchases?



    (via EyeBeam via jwz)

    Reader Comments

    There are no comments for this journal entry. To create a new comment, use the form below.

    PostPost a New Comment

    Enter your information below to add a new comment.

    My response is on my own website »
    Author Email (optional):
    Author URL (optional):
    Post:
     
    Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>