Business: ATM: PIN
PIN Disguise   (+11, -6)  [vote for, against]
Much harder to recognise PIN entry

Despite people's best efforts, PINs are quite visible when being entered. The disguised PIN, however, would use a blank keypad. The owner of the card would be sent a special layout, whereby the numbers are randomly spread across the pad. When that card is loaded into the machine, that layout is loaded to the keypad. That way, anyone watching the PIN being entered won't be able to work out what the number is, because only the owner of the card will know which key is which.
-- NickTheGreat, Aug 08 2002

PIN Disguise http://www.halfbake...idea/PIN_20Disguise
Yes, it's similar, but not the same [FloridaManatee, Oct 17 2004]

I actually quite like this idea, impractical though it is. The prospective mugger still only has to memorise four positions - he can call 'em whatever he likes, it doesn't make a difference.

But hey, this is the halfbakery.
-- yamahito, Aug 08 2002


All you need to do is for the ATM to display a different "scrambled" soft-keypad on a touchscreen for each sucessive client. So, your PIN would not change, but the places you touch on the screen change each time. That way, an observer would need to be able to see the keypad layout, not just memorise the postions touched by the user. This could be simply inplemented on existing touchscreen ATMs without any change to the user.

Croissant for the overall idea.
-- 8th of 7, Aug 08 2002


Don't want to trash The Great idea, but you could have combination dial like on a safe with small digits. Right to 7...left to 2...
-- FarmerJohn, Aug 08 2002


//That way, an observer would need to be able to see the keypad layout//

No, it would make no difference if he used the layout

789
456
123
*0#

and remembered the pin 9767 for the guy whose actual pin was 3959 and used the layout

963
145
827
*0#

So it doesn't actually work. But I still gave a + for imagination.
-- yamahito, Aug 08 2002


No, 8th means, the next time, the layout could be

134
256
789
*0#

so the pin, 3959, would have different positions, though I think an observer would have more time to see the numbers pressed as the user looks for each one.
-- FarmerJohn, Aug 08 2002


So the layout changes every time? I was under the impression that each cardholder had his or her unique layout. If it changes every time, though, you would need to have the layout printed on screen. It still wouldn't be hard for the old atm theif to work it out from that - especially considering the prevalence and use of digital cameras.
-- yamahito, Aug 08 2002


the number buttons could have little LEDs in digital number shape:
_
|_|
|_|
which would be at such an angle so that it would be as difficult as possible for someone over the shoulder or any distance away to see which button was which number. I like this idea, but it's only going to increase the amount of time a person has to spend concentrating on the cash machine and making the queue get longer, while thief can take your phone or the rest of your wallet out of your pocket/bag.
-- sappho, Aug 08 2002


Or only one button and headphones. "If the first digit is a one, push now...If the first digit is a two, push now..." [pushes button] "Thank you. If the second digit is a one, push now..."
-- FarmerJohn, Aug 08 2002


I recently saw a password system based on faces. The user had to select "known" faces from a random sample, several times over. While I'm still not sure about the practicality of that, there's no reason why the numbers couldn't just be randomly jumbled on a touch screen PIN pad every time it is presented. Then no amount of oblique peaking is going to help.

(Wouldn't help those with poor eyesight, of course, so I don't see this being implemented any time soon.)
-- DrCurry, Aug 08 2002


PINs, regardless of how camouflaged, will still be insecure, and shoulder surfers will continue to find clever ways to obtain them. Fingerprint or retinal scanners will be the only logical way to overcome this hurdle.

FJ: Combination lock PIN entry would be awesome! Impractical, but yet so retro...
-- Mr Burns, Aug 08 2002


Hey, why use money at all. Go back to simple bartering and we can rid our lives of those pesky ATMs. It also means that all those fat bankers have to find something else to do.
-- PeterSilly, Aug 08 2002


While I like the idea, especially if the layout changes each time, it would slow things down. As it is I usually get stuck behind the ATM-challenged. one........six...........(ummm lets see, what was the next number) ohhh right......now how much cash do I need?. Better carefully arrange everything in my purse before leaving the machine........and on and on and on. One more level of complication. So, croissant provided there is a mandatory training course before you can use your bank card.
-- rbl, Aug 08 2002


A card issuer recommended this trick for those who simply must write down their number:

Write a four or six digit PIN in locations on a four by four grid. Fill in the rest of the numbers randomly. Just remember the pattern.

1xx2 >> 1642 xxxx >> 6813 3xx6 >> 3446 x45x >> 9458

E.g. a smiley.

To increase security: Don't use the same PIN's on two grids written in the same place. Don't use sequential numbers. Don't use recurring numbers.

Remember this is less secure than a random PIN that isn't written down anywhere. But it's more secure than a number scratched on your ATM card.

As for your randomised key positions idea... I can see you don't work in customer complaints! Imagine:

"Customer Service, how can I help you?"

"YOU MOVED THE F*CK*NG KEYS!"

"How can I help you, Sir?"

"I NEED TO GET MY F*CK*NG CARD BACK!"

"Certainly sir, bring your ID to your issuing branch on Monday afternoon, as our bank is closed over the weekend"

"ARRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRGH"
-- FloridaManatee, Jan 14 2003


somewhat apropos of all these pin ideas, i have to reveal that i did a pin security research project while in college years back. i studied the pin protective behaviors of people at atms and broke it down by gender and whether they used their hand or body to sheild from onlookers. i stood nearby with a pencil and paper to look a bit like someone who might write down their pin and was able to see, if i really strained what they entered. these were atms in a major city with lots of foot traffic.

results? almost no one actually made any effort whatsoever to keep their pin secure. something like a handful of people out of hundreds. it quite surprised me.

so i love all the "securing the pins" ideas, but honestly, how many people do you think care outside of us idea geeks?
-- palisandra, Aug 14 2003


Ok, this would mean memorising more numbers but what about having two pins. The machine would prompt you to use pin 1 you withdraw your cash you get mugged by [palisandra] who then can't use the card because the machine now prompts for pin 2. The machine should never ask for the smae pin twice in a row.
-- q2cannonfodder, Feb 18 2004


This is actually already implemented in some door keypads. But instead of having a fixed keyboard layout for a given card/person, it is randomized every time.
-- bodin, Feb 19 2004


i like this idea but what if there's a hidden camera placed on top...the layout is still visible...
-- aeox, Apr 22 2004



random, halfbakery