h a l f b a k e r yThink of it as a spell checker that insults you, as well.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
Despite people's best efforts, PINs are quite visible when being entered. The disguised PIN, however, would use a blank keypad. The owner of the card would be sent a special layout, whereby the numbers are randomly spread across the pad. When that card is loaded into the machine, that layout is loaded
to the keypad. That way, anyone watching the PIN being entered won't be able to work out what the number is, because only the owner of the card will know which key is which.
PIN Disguise
http://www.halfbake...idea/PIN_20Disguise
Yes, it's similar, but not the same [FloridaManatee, Oct 17 2004]
Please log in.
If you're not logged in,
you can see what this page
looks like, but you will
not be able to add anything.
Destination URL.
E.g., https://www.coffee.com/
Description (displayed with the short name and URL.)
|
| |
I actually quite like this idea, impractical though it is. The prospective mugger still only has to memorise four positions - he can call 'em whatever he likes, it doesn't make a difference. |
|
| |
But hey, this is the halfbakery. |
|
| |
All you need to do is for the ATM to display a different "scrambled" soft-keypad on a touchscreen for each sucessive client. So, your PIN would not change, but the places you touch on the screen change each time. That way, an observer would need to be able to see the keypad layout, not just memorise the postions touched by the user.
This could be simply inplemented on existing touchscreen ATMs without any change to the user. |
|
| |
Croissant for the overall idea. |
|
| |
Don't want to trash The Great idea, but you could have combination dial like on a safe with small digits. Right to 7...left to 2... |
|
| |
//That way, an observer would need to be able to see the keypad layout// |
|
| |
No, it would make no difference if he used the layout |
|
| |
and remembered the pin 9767 for the guy whose actual pin was 3959 and used the layout |
|
| |
So it doesn't actually work. But I still gave a + for imagination. |
|
| |
No, 8th means, the next time, the layout could be |
|
| |
so the pin, 3959, would have different positions, though I think an observer would have more time to see the numbers pressed as the user looks for each one. |
|
| |
So the layout changes every time? I was under the impression that each cardholder had his or her unique layout. If it changes every time, though, you would need to have the layout printed on screen. It still wouldn't be hard for the old atm theif to work it out from that - especially considering the prevalence and use of digital cameras. |
|
| |
the number buttons could have little LEDs in digital number shape:
_
|_|
|_|
which would be at such an angle so that it would be as difficult as possible for someone over the shoulder or any distance away to see which button was which number. I like this idea, but it's only going to increase the amount of time a person has to spend concentrating on the cash machine and making the queue get longer, while thief can take your phone or the rest of your wallet out of your pocket/bag. |
|
| |
Or only one button and headphones. "If the first digit is a one, push now...If the first digit is a two, push now..." [pushes button] "Thank you. If the second digit is a one, push now..." |
|
| |
I recently saw a password system based on faces. The user had to select "known" faces from a random sample, several times over. While I'm still not sure about the practicality of that, there's no reason why the numbers couldn't just be randomly jumbled on a touch screen PIN pad every time it is presented. Then no amount of oblique peaking is going to help. |
|
| |
(Wouldn't help those with poor eyesight, of course, so I don't see this being implemented any time soon.) |
|
| |
PINs, regardless of how camouflaged, will still be insecure, and shoulder surfers will continue to find clever ways to obtain them. Fingerprint or retinal scanners will be the only logical way to overcome this hurdle. |
|
| |
FJ: Combination lock PIN entry would be awesome! Impractical, but yet so retro... |
|
| |
Hey, why use money at all. Go back to simple bartering and we can rid our lives of those pesky ATMs. It also means that all those fat bankers have to find something else to do. |
|
| |
While I like the idea, especially if the layout changes each time, it would slow things down. As it is I usually get stuck behind the ATM-challenged. one........six...........(ummm lets see, what was the next number) ohhh right......now how much cash do I need?. Better carefully arrange everything in my purse before leaving the machine........and on and on and on. One more level of complication. So, croissant provided there is a mandatory training course before you can use your bank card. |
|
| |
A card issuer recommended this trick for those who simply must write down their number: |
|
| |
Write a four or six digit PIN in locations on a four by four grid. Fill in the rest of the numbers randomly. Just remember the pattern. |
|
| |
1xx2 >> 1642
xxxx >> 6813
3xx6 >> 3446
x45x >> 9458 |
|
| |
To increase security:
Don't use the same PIN's on two grids written in the same place. Don't use sequential numbers. Don't use recurring numbers. |
|
| |
Remember this is less secure than a random PIN that isn't written down anywhere. But it's more secure than a number scratched on your ATM card. |
|
| |
As for your randomised key positions idea... I can see you don't work in customer complaints! Imagine: |
|
| |
"Customer Service, how can I help you?" |
|
| |
"YOU MOVED THE F*CK*NG KEYS!" |
|
| |
"How can I help you, Sir?" |
|
| |
"I NEED TO GET MY F*CK*NG CARD BACK!" |
|
| |
"Certainly sir, bring your ID to your issuing branch on Monday afternoon, as our bank is closed over the weekend" |
|
| |
"ARRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRGH" |
|
| |
somewhat apropos of all these pin
ideas, i have to reveal that i did a
pin security research project while
in college years back. i studied the
pin protective behaviors of people
at atms and broke it down by
gender and whether they used their
hand or body to sheild from
onlookers. i stood nearby with a
pencil and paper to look a bit like
someone who might write down
their pin and was able to see, if i
really strained what they entered.
these were atms in a major city
with lots of foot traffic. |
|
| |
results? almost no one actually
made any effort whatsoever to keep
their pin secure. something like a
handful of people out of hundreds.
it quite surprised me. |
|
| |
so i love all the "securing the pins"
ideas, but honestly, how many
people do you think care outside of
us idea geeks? |
|
| |
Ok, this would mean memorising more numbers but what about having two pins. The machine would prompt you to use pin 1 you withdraw your cash you get mugged by [palisandra] who then can't use the card because the machine now prompts for pin 2. The machine should never ask for the smae pin twice in a row. |
|
| |
This is actually already implemented in some door keypads. But instead of having a fixed keyboard layout for a given card/person, it is randomized every time. |
|
| |
i like this idea but what if there's a hidden camera placed on top...the layout is still visible... |
|
| |