|    FM Home   |    FM News   |    FM Forum   |    FM Blog   |    25th of February 2018
|   Banking  |   Insurance  |   Property  |   Mortgages  |   Economy  |   Investments  |   Credit Cards  |   Debt  |   Loans  |   Pensions  |   Companies  |  

Banking News feed Banking News

All Financial News feed All Financial News

Brits urged to choose more secure PIN numbers

Bookmark and Share

by Jan Harris
Brits urged to choose more secure PIN numbers

A new report from analytics firm Data Genetics suggests that criminals can guess PIN numbers 10 per cent of the time purely because people are choosing PIN numbers that are easy to remember.

Data Genetics found that one in nine people use “1234” as their PIN number when withdrawing cash at ATMs or making payments at retail outlets.

1234 is also the most common online PIN number.

This gives criminals a one in ten chance of accessing bank accounts or cash from ATMs with a simple guess.

The study, which analysed a database containing 3.4 million four-digit passwords, found that most people chose a PIN that has some relevance to them.

Birth dates are a common choice, with every year from 1900 to 1999 featuring in top 20 per cent of most popular PINS.

Other popular choices include “1111” and “0000”, while “8068” was used the least number of time with just 0.000744 per cent of people using it as their PIN.

The four-digit passwords analysed by Data Genetics were compiled from lists of PINs which have been leaked to hackers in recent years.

Although the codes are computer passwords not ATM PINs, Data Genetics suggests that it is reasonable to assume that many users would use the same password for both areas.

Meanwhile, Professor Ross Anderson of Cambridge University, has uncovered a vulnerability in the Europay, MasterCard and Visa (EMV) authentication process.

This could explain cases when a PIN number has been used to withdraw money from a customer’s bank account without the customer’s knowledge.

Currently, banks claim that EMV is secure and assume that, if a PIN is used, a customer is mistaken if they claim they did not make the withdrawal.

This has led to customers not receiving any compensation for their loss.

Researchers have now uncovered a possible problem with the ‘unpredictable numbers’ used as a key part of EMV authentication.

Rather then being unpredictable, each number was found to share 17 bits in common and the remaining 15 looked at first glance like a counter.

This could allow EMV cards to be cloned by criminals in a so-called ‘pre-play attack’.

Banks claim that this type of fraud would be complicated and there is no evidence of it happening in the real world.

Discuss this in the Finance Markets forums

Story link: Brits urged to choose more secure PIN numbers

News posted: September 25, 2012

Financial Services:

Related financial stories to: Brits urged to choose more secure PIN numbers:
Previous: «
Next: »

Visited 1883 times, 1 so far today

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Tags: , ,