PIN Security
Financial PINs are often four-digit numbers in the range 0000-9999, resulting in 10,000 possible numbers. Switzerland is a notable exception with six digit pins being given by default. However, some banks do not give out numbers where all digits are identical (such as 1111, 2222, ...), consecutive (1234, 2345, ...), numbers that start with one or more zeroes, or the last four digits of your social security number. Many PIN verification systems allow three attempts, thereby giving a card thief a 0.06% probability of guessing the correct PIN before the card is blocked. This holds only if all PINs are equally likely and the attacker has no further information available, which has not been the case with some of the many PIN generation and verification algorithms that banks and ATM manufacturers have used in the past.
In 2002 two PhD students at Cambridge University, Piotr ZieliĆski and Mike Bond, discovered a security flaw in the PIN generation system of the IBM 3624, which was duplicated in most later hardware. Known as the decimalization table attack, the flaw would allow someone who has access to a bank's computer system to determine the PIN for an ATM card in an average of 15 guesses.
If a mobile phone PIN is entered incorrectly three times, the SIM card is blocked until a Personal Unblocking Code (PUC or PUK), provided by the service operator, is entered. If the PUC is entered incorrectly ten times, the SIM card is permanently blocked, requiring a new SIM card.
Read more about this topic: Personal Identification Number
Famous quotes containing the words pin and/or security:
“What pursuit is more elegant than that of collecting the ignominies of our nature and transfixing them for show, each on the bright pin of a polished phrase?”
—Logan Pearsall Smith (1865–1946)
“There is one safeguard known generally to the wise, which is an advantage and security to all, but especially to democracies as against despots. What is it? Distrust.”
—Demosthenes (c. 384–322 B.C.)