Skip to Main Content

Coded shapes are not the answer

Posted by putsimply on 11th October 2007

One of the Sunday’s this weekend featured a new chip-and-pin keypad which is on trial somewhere in the UK. It’s bigger with more keys, and the idea is, the user remembers a shape and types that shape in. Because each keypad has different numbers on it, the system generates a different number every time. Quite clever I suppose, wish I’d thought of it. The story then went on to automatically link (as the papers always do) chip-and-pin money theft with the growing serious problem of identity fraud.

I suppose identity fraud and people borrowing your card’s identity to gain cash and goods are the same thing. It used to be just card skimming but call me old fashioned – I can never relate a 16 digit number with my identity – there’s more to me than that surely! Having been lucky enough to be one of the UK’s first chip-and-pin fraud victims – I still don’t relate the two! Just because some crafty criminal techies managed to figure out a way of harvesting pin numbers from the stream of customers in a petrol station, I don’t feel my identity has been lifted or tarnished in any way.

My fraud experience would have been impossible if the magnetic stripe card systems could be eradicated elsewhere in the world, I know the roll-out cost of alternative equipment and cards is huge but that’s the basic issue. The same PIN is used for all your card transactions (whatever technology reads your card) and it’s so easy to clone a magnetic stripe card and then draw cash unchallenged at an ATM – in say Brazil – once you have the all important PIN. Why don’t the card issuers just stick another digit on the PIN for use only when making transactions abroad? It would lengthen the odds and make thing tougher for the baddies with zero extra cost.

On the other hand, proper identity fraud is a really tough-nut to crack, do you shred your mail for example? As levels of recycling go up worldwide, the volume of personal information in circulation is at an all-time-high. Combine this with freedom of information on-line (a good thing) and a generation of bright kids keen to earn well for minimum effort and you have an interesting security problem. Rather than clever new PIN keyboards supplied by the banks to give us a false sense of security – a low cost way of making printed material useless would perhaps be more worthwhile, maybe printing and ink technology could help here, has to be investigated, well one of us thinks so.