I would guess that PayPal is bit younger then 4 years, so some banks have change the process since I was last involved with it. For you information the ATM's of 15 years ago and the ATM's of 4[*] years ago used the same process to deal with encryption. It was done by a black box manufactured by a company called Excrypt. CPU power never came into question. Before you jump to the conclusion that you could just steal the black box from the ATM and have access, but if you till it, it forgets all the keys. Also during normal operation two separate people have to enter two parts of the key. This way no single bank employee has access to both parts of the key. [*] I no longer am involved with banks for the last 4 years, so I don't know what changes have happened. K On Thu, 30 Jan 2003, Temkin, David wrote:

FYI this is completely incorrect.

I have changed my PIN with both my PayPal debit card as well as my First Union/Wachovia card numerous times without a single contact with a physical bank.

See: http://www.wachovia.com/helpcenter/page/0,,2372_2705,00.html

To store the PIN on a card, whether hashed or not, would be foolish. Do people really think that the ATM's of 15 years ago had the CPU power to calculate the hash of a PIN number on the fly? I know people who are carrying around 10+ year old cards and they still work fine.

-Dave

...

-----Original Message----- From: Krzysztof Adamski [mailto:k@adamski.org] Sent: Thursday, January 30, 2003 3:39 PM To: nanog@merit.edu Subject: Re: OT: Banc of America Article

Since nobody has given the correct information about the PIN on the card I will give a very brief description.

There are two types of PIN, natural and customer selected. The natural PIN is computed from the number on the card. The computation involves one way crypto keys. I don't remember the algorithm. For this the PIN that is stored on the card is 0000.

Now, when a customer selects a PIN, an offset is computed between the natural PIN and selected PIN. This offset is stored on the card.

Based on this you can see that re-encoding is needed when you change the PIN number, most ATM will do that re-encoding. So unless things have changed in the last 4 years since I worked with this, you can not change your PIN over the phone without physical contact by the bank with the card.

Personally I carry a card without any logo as my ATM card, at one point I had access to reader/encoder for mag strip cards and I programmed a blank card with the info from my real ATM card. No encryption involved.

K

On Wed, 29 Jan 2003, David Charlap wrote:

...

Al Rowland wrote:

...

The PIN is on your card ...

Not for any card I've ever owned. I've changed my PIN several times over the years, and the bank has never re-encoded my card

...

new card as a result of doing so.

Maybe some banks do store the PIN on the card, but I'm certain that it's in the server for ever bank I've used.

...

I use a not-my-bank ATM in the lobby at work and it doesn't initiate the call (you can hear the modem dial) until you're beyond the PIN screen and are actually requesting a transaction.

I'm not surprised. But the PIN is verified as a part of the transaction.

I've occasionally mistyped my PIN. The ATM takes the mistake and goes straight to the menu. It's only after requesting a

or sent me a transaction that it

...

comes back with the "invalid PIN" message.

-- David

IMPORTANT:The information contained in this email and/or its attachments is confidential. If you are not the intended recipient, please notify the sender immediately by reply and immediately delete this message and all its attachments. Any review, use, reproduction, disclosure or dissemination of this message or any attachment by an unintended recipient is strictly prohibited. Neither this message nor any attachment is intended as or should be construed as an offer, solicitation or recommendation to buy or sell any security or other financial instrument. Neither the sender, his or her employer nor any of their respective affiliates makes any warranties as to the completeness or accuracy of any of the information contained herein or that this message or any of its attachments is free of viruses.