Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:10:55
Chris Liljenstolpe (cds@mcmurdo.gov)
Thu, 06 Aug 1998 14:10:22 +0000
Greetings,
I don't know about outside the US, but my bank can change the pin w/o
taking posession of the card, and I can use the card in most foreign atm's
I've tried, so I can only assume that it isn't required to be on the card.
Chris
--On Thursday, 06 August, 1998, 09:21 +1000 someone claiming to be Jamen
Porteus <jporteus@tassie.net.au> scribed:
> Hi again,
> Are we all sure this is not a bank misinformation campaign.
> If the pin is not on the card why do the bank need the card back to
> change it.
> A friend had his pin changed to one of his own choice and they put the
> card in a
> stand-alone reader/writer machine. This was only connected to 240V power
> and I don't think these banks are up with AC line modems yet, so their
> computers don't know of the change.
> That explains why the bank say your pin is so secure even they don't
> know what it is.
> Can anyone else relate to this experience.
> I know my girlfriend can.
> She lost $1000 from an ATM after someone stole her debit/credit card
> with only 3 possible explanations.
> 1. inside bank job
> 2. shoulder surfer got the pin, then stole the card
> 3. smart crim stole the card and decyphered the pin
>
> thanks for the bandwidth
> jImbo
>
> Chris Liljenstolpe wrote:
>
>> Greetings,
>>
>> In all the implimentations I am aware of today, the PIN is
>> actually
>> stored at the bank in the tandem (i.e. as part of the account info).
>> The
>> comms between the ATM and the bank are DES encrypted. There is no
>> PIN on
>> the card...
>>
>> Chris
>>
>> --On Wednesday, 05 August, 1998, 23:32 +0800 someone claiming to be
>> Enzo
>> Michelangeli <em@who.net> scribed:
>>
>> > At http://www.atalla.com/prod/A4000_network.html , the description
>> > mentions DES keys stored in the ATM machine and in the various other
>>
>> > nodes involved in the transaction; there is no reference to any
>> on-card
>> > encrypted pin. Such creature (encrypted PIN on ABA track 2, in the
>> > "Additional Data" field) was indeed mentioned in an old issue of
>> Phrack.
>> > However,
>> > http://www.idt-net.com/magenc.htm describes a layout of Track 2
>> where that
>> > field seems to be used for a country code.
>> >
>> > It is possible that in early days of the ATM, when disconnected
>> operations
>> > were commonplace, the card contained the PIN encrypted with some
>> fixed
>> > key, in order to allow offline verification. Nowadays I see little
>> scope
>> > for it.
>> >
>> > Enzo
>> >
>> >
>> > -----Original Message-----
>> > From: Rabid Wombat <wombat@mcfeely.bsfs.org>
>> > To: Jamen Porteus <jporteus@tassie.net.au>
>> > Cc: CodherPlunks@toad.com <CodherPlunks@toad.com>
>> > Date: Wednesday, August 05, 1998 11:00 PM
>> > Subject: Re: ATM card pins
>> >
>> >
>> >>
>> >> If your PIN is encrypted and stored on your ATM card, they're doing
>> it
>> > wrong.
>> >>
>> >> -r.w.
>> >>
>> >> On Wed, 5 Aug 1998, Jamen Porteus wrote:
>> >>
>> >>> I am sick of getting pushed around by the bank telling me my 'pin'
>>
>> >>> number is safer than a signature. What would a bank clerke know.
>> >>> Does anyone know anything about pin encryption on banking mag
>> stripe
>> >>> cards?
>> >>> I believe track 2, ABA standard, but what of the encryption?
>> >>> I don't want to use it, I just need some amunition.
>> >>> --
>> >>> jImbo
>> >>>
>> >>>
>> >>
>> >
>>
>> --
>> Chris Liljenstolpe - Network Engineer, NOC - McMurdo Station
>> Antarctica
>> Antarctic Supt. Assoc. - under contract to USAP, Nat. Science
>> Foundation OPP
>> mailto:cds@mcmurdo.gov TEL: +1 509 689 6270 FAX: +1 509
>> 689 6293
>> PSC 469, Box 700, APO AP 96599-5700 USA Lat: 77 50 53 S Long: 166
>> 40 06 E
>
>
-- Chris Liljenstolpe - Network Engineer, NOC - McMurdo Station Antarctica Antarctic Supt. Assoc. - under contract to USAP, Nat. Science Foundation OPP mailto:cds@mcmurdo.gov TEL: +1 509 689 6270 FAX: +1 509 689 6293 PSC 469, Box 700, APO AP 96599-5700 USA Lat: 77 50 53 S Long: 166 40 06 E
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:10:55