home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: sci.crypt
- Path: sparky!uunet!zaphod.mps.ohio-state.edu!cs.utexas.edu!sun-barr!ames!decwrl!zazen!schaefer.math.wisc.edu!neergaar
- From: neergaar@schaefer.math.wisc.edu (Dude)
- Subject: Re: ATM security question
- Message-ID: <1992Nov6.134420.9809@schaefer.math.wisc.edu>
- Organization: Univ. of Wisconsin Dept. of Mathematics
- References: <1992Nov5.184546.5854@ulysses.att.com> <1992Nov6.013029.7294@panix.com>
- Date: Fri, 6 Nov 92 13:44:20 GMT
- Lines: 30
-
- oppedahl@panix.com (Carl Oppedahl) writes:
-
- >In <1992Nov5.184546.5854@ulysses.att.com> tom@ulysses.att.com (Tom Smith) writes:
-
- >>On another newsgroup, there is a lot of discussion about Automatic
- >>Teller Machines and the Personal Identification Number (PIN) associated
- >>with an account/card. There is controversy about whether or not
- >>an encrypted version of the PIN is encoded onto the magnetic stripe
- >>on the card.
-
- >Which newsgroup? I'd like to follow that.
-
- ditto.
-
- >Yes, there is. This means the ATM can match your card to the PIN
- >you entered at the ATM, even if the phone lines are cut. Scary, huh?
-
- >Well, it means the ATM can match _if it has the key_. Each
- >issuer has its own key. The ATM you visit probably can match the
- >card PIN with the entered PIN only if the bank that runs it issued
- >your card.
-
- I read somewhere on the net that all PINs are encrypted with the *same* *key*
- so that any ATM can match any card to its PIN. Can anyone verify or
- disprove this?
-
- --
- I really don't make any claim at all to know what I'm talking about.
- Actually, I make no claim to know what YOU'RE talking about, either.
- In fact, now I've forgotten what we were talking about . . .
-