The wisdom of the ill informed
Stephan Neuhaus
neuhaus at st.cs.uni-sb.de
Tue Jul 1 12:09:38 EDT 2008
On Jul 1, 2008, at 17:39, Perry E. Metzger wrote:
> Ed, there is a reason no one in the US, not even Wells Fargo which you
> falsely cited, does what you suggest. None of them use 4 digit PINs,
> none of them use customer account numbers as account names. (It is
> possible SOMEONE out there does this, but I'm not aware of it.)
Many German savings banks use account numbers as account names (see,
e.g., https://bankingportal.stadtsparkasse-kaiserslautern.de/banking/) http://www.stadtsparkasse-kaiserslautern.de
), as does, for example, the Saarländische Landesbank (https://banking.saarlb.de/cgi/anfang.cgi
). Most will not use 4-digit PINs, though.
> I understand
> some European banks even do stuff like mailing people cards with one
> time passwords.
Do you mean TANs (TransAction Numbers)? TANs are used to authorize
transactions that could affect your account balance. So stealing the
PIN will let you look at the balance, but will not let you steal money
(through this channel).
(Or maybe you knew all this already and I just missed the irony.)
Fun,
Stephan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list