Kriston J. Rehberg (kriston@ibm.net)
Sun, 09 Aug 1998 01:40:26 -0400
I'm only curious, but since the value is rather open-ended (merely being
"Encrypted"), would this mean that the "encrypted value" could be like
it is on Unix passwd files: a string of nulls encrypted with the key, so
that the ATM merely verifies that the PIN is valid? I suppose doing
brute-force attacks on 4-digit PIN's would be rather trivial in that
respect, so not much would be gained over holding the PIN encrypted with
a universally-known key.
Kris
Simon R Knight wrote:
>
> > >Yes, but if you have a card reader, you can see that the PIN is in fact on
> > >that card, encrypted of course. It was stated in an earlier part of the
> > >email.
> > >
> > >- Jon
> > >
> > Well there is probably some data on the magstrip which your friend
> > can not interpret but in order to conclude that it is the encrypted
> > PIN he probably would have to break the "encryption". And he admits
> > that he has not done that yet.
>
> If the BS/ISO/ANSI standards provide a field for an encrypted PIN
> value, and that field contains a value, then it is quite logical and
> reasonable to conclude that a PIN value is present, especially when
> an ATM verifies a transaction without going online.
>
> > If you do it properly there is simply no technical reason to store
> > the PIN or any other secret information in any form on the mag
> > stripe of an ATM card. In the worst case (ATM offline), the ATM has
> > to know the PIN generation key. If the ATM operates only online the
> > ATM not even has to know the PIN generation key.
>
> There are very good technical reasons why "secret" information has
> been stored on the magnetic stripes of (many) bank cards. ATM
> transaction verifying was originally conducted offline, and for small
> transactions, often still is. The increased use of online PIN
> verification is a direct result of the extensive ATM fraud which has
> occurred since their original introduction.
>
> The whole ATM system is quite flexible, and can be set up to run in a
> number of ways. Secure online verification via leased lines may be
> cost effective for a busy high street bank, but not for many remote
> branches or poorer countries, and a bank is not going to lose
> important customers because one of their ATM's refuse to pay out
> while uploading transaction data, or unable to go online. A bank can
> write encrypted data to the magnetic stripe that will cause an ATM to
> verify a transaction offline for much higher values than are
> permitted for ordinary customers, so that the only time an ATM
> refuses to pay out to these customers is when it is empty or
> out-of-order.
>
> Simon R Knight
-- Kriston J. Rehberg http://kriston.net/ AOL: Kriston endeavor to persevere ICQ: 3535970
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:10:56