Personal identification number

Personal identification number

A personal identification number (PIN) is a secret numeric password shared between a user and a system that can be used to authenticate the user to the system. Typically, the user is required to provide a non-confidential user identifier or token (such as a banking card) and a confidential PIN to gain access to the system. Upon receiving the User ID and PIN, the system looks up the PIN based upon the User ID and compares the looked-up PIN with the received PIN. The user is granted access only when the number entered matches with the number stored in the system. PINs are most often used for ATMs but are increasingly used at the Point of sale, especially for debit cards. Throughout Europe the traditional in-store credit card signing process is being replaced with a system where the customer is asked to enter their PIN instead of signing. In the UK and Ireland this goes under the term 'Chip and PIN', since PINs were introduced at the same time as EMV chips on the cards. In other parts of the world, PINs have been used before the introduction of EMV. Apart from financial uses, GSM mobile phones usually allow the user to enter PIN between 4 and 8 digits length. The PIN is recorded in the SIM card.

In 2006, James Goodfellow, the inventor of the personal identification number, was awarded an OBE in the Queen's Birthday Honours List.cite web
url=http://news.bbc.co.uk/1/hi/scotland/glasgow_and_west/5087984.stm
title=Royal honour for inventor of Pin
year=2006
publisher=BBC
accessdate=2007-11-05
]

PIN Length

The concept of a PIN originates with the inventor of the ATM, John Shepherd-Barron. One day in 1967, while thinking about more efficient ways banks could disburse cash to their customers, it occurred to him that the candy vending machine model was a proven fit. For authentication Shepherd-Barron at first envisioned a six-digit numeric code, given what he could reliably remember. His wife however preferred four digits, which became the standard. [cite web
url=http://news.bbc.co.uk/2/hi/business/6230194.stm
title=The Man Who Invented The ATM Machine
publisher=BBC
year=2007
accessdate = 2007-03-02
]

PIN Security

Financial PINs are often 4-digit numbers in the range 0000-9999, resulting in 10,000 possible numbers. However, some banks do not give out numbers where all digits are identical (such as 1111, 2222, ...) or consecutive (1234, 2345, ...) or numbers that start with one or more zeroes. Many PIN verification systems allow three attempts, thereby giving a card thief a 0.06% chance to guess the correct PIN before the card is blocked. This holds only if all PINs are equally likely and the attacker has no further information available, which has not been the case with some of the many PIN generation and verification algorithms that banks and ATM manufacturers have used in the past.cite paper
author=Kuhn, Markus
date=July 1997
title=Probability theory for pickpockets — ec-PIN guessing
url=http://www.cl.cam.ac.uk/~mgk25/ec-pin-prob.pdf
format=PDF
accessdate = 2006-11-24
]

If a mobile phone PIN is entered incorrectly three times, the SIM card is blocked until a Personal Unblocking Code (PUC), provided by the service operator, is entered. If the PUC is entered incorrectly ten times, the SIM card is permanently blocked, requiring a new SIM card.

In 2002 two PhD students at Cambridge University, Piotr Zieliński and Mike Bond, discovered a security flaw in the PIN generation system of the IBM 3624, which was duplicated in most later hardware. Known as the decimalization table attack, the flaw would allow someone who has access to a bank's computer system to determine the PIN for an ATM card in an average of 15 guesses.cite paper
author = Zieliński, P & Bond, M
title = Decimalisation table attacks for PIN cracking
version =
publisher = University of Cambridge Computer Laboratory
date = February 2003
url = http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-560.pdf
format = PDF
accessdate = 2006-11-24
] cite web
url=http://www.cl.cam.ac.uk/~mkb23/media-coverage.html
title=Media coverage
publisher = University of Cambridge Computer Laboratory
accessdate = 2006-11-24
]

English language usage

The term "PIN number" (hence "personal identification number" number") is commonly used, which is an example of RAS syndrome (Redundant Acronym Syndrome) - as, coincidentally, is "ATM machine" ("automatic teller machine machine").

Reverse PIN hoax

Rumours have been in e-mail circulation claiming that in the event of entering a PIN into an ATM backwards, police will be instantly alerted as well as money being ordinarily issued as if the PIN had been entered correctly.cite web
url=http://www.snopes.com/business/bank/pinalert.asp
title=Reverse PIN Panic Code
accessdate = 2007-03-02
] The intention of this scheme would be to protect victims of muggings; however, despite the system being proposed for use in some American states, there are no ATMs currently in existence that employ the software.

See also

*ATM Safety PIN Software
*TAN (banking)
*Personal Unblocking Code

References


Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • personal identification number — ➔ PIN * * * personal identification number UK US noun [C] ► BANKING PIN(Cf. ↑PIN) …   Financial and business terms

  • personal identification number — ► NOUN ▪ a number allocated to an individual and used to validate electronic transactions …   English terms dictionary

  • Personal identification number — (PIN)   An ISO term. The code or password the customer possesses for verification of identity.   ISO 9564 Personal Identification Number term. 12a or 12n.   ISO Identification Cards term. 12an.   Used to electronically identify customers for ATM …   International financial encyclopaedia

  • Personal Identification Number — PIN; Persönliche Identifikationsnummer; Persönliche Geheimnummer * * * Personal Identification Number,   PIN …   Universal-Lexikon

  • personal identification number — asmens kodas statusas Aprobuotas sritis informacija, informacinės technologijos ir informacinė visuomenė apibrėžtis Unikali vienuolikos dešimtainių skaitmenų seka, skirta asmens tapatybei nustatyti, duomenims apie jį kaupti, valstybės registrų ir …   Lithuanian dictionary (lietuvių žodynas)

  • Personal identification number (Denmark) — The Danish Personal Identification number (Danish: CPR nummer or personnummer ) is a national identification number, which is part of the personal information stored in the Civil Registration System (Danish: Det Centrale Personregister ). The… …   Wikipedia

  • personal identification number — noun a number you choose and use to gain access to various accounts • Syn: ↑PIN, ↑PIN number • Hypernyms: ↑number, ↑identification number …   Useful english dictionary

  • personal identification number — personal identifi cation .number n a ↑pin …   Dictionary of contemporary English

  • Personal Identification Number - PIN — A numerical code used in many electronic financial transactions. Personal identification numbers (PINs) are usually used in conjunction with usernames or other passwords. They are also usually required when using bank debit or credit cards, and… …   Investment dictionary

  • personal identification number — PIN A number memorized by the holder of a cash card, credit card, or multifunctional card and used in automated teller machines and electronic funds transfer at point of sale to identify the card owner. The number is given to the cardholder in… …   Accounting dictionary

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”