Reminder security: A chip and pin flaw?

The banks continue to claim that chip and pin machine technology is perfect and flawless, and the arguments against this theory keep mounting up. Security issues relating to PIN reminders is the latest problem. When are the banks going to admit that of course there are flaws in Chip and pin security, but it is a small and management problem - this is true, but would scare the customers!

Banks are making it easier and easier to request a new pin number. I suspect the customers are driving this movement, because pin numbers are becoming increasingly critical to our every day lives, and a disabled pin card is a big problem - especially on a friday evening! Banks still rely on the antiquated system of posting the new pin number to a street address.

It is therefore very easy for criminals to request a new pin number for an unsuspecting card owner, intercept their post and steal the pin number. Fraudsters can re-direct peoples post, or tell the bank that you've moved house. All they need to do is get hold of a bank statement, which usually gives enough information to request a new pin.

With some banks it is easy to request a new pin number using your mobile phone - surely here was a chance for a simple bit of security. You'd imagine that the bank will only honour requests for a new pin coming from a mobile phone number that is associated with the account - no - any phone will do!

Of course the banks still claim there isn't a problem. If the banks were more transparent about this sort of thing, then we'd ultimately trust the banks a lot more. However, a lot of the banks customers are very dim, and only two steps removed from keeping all their money under the mattress - if a bank so much as gets close to honesty over chip and pin security, then customers will run away from chip and pin machines in droves!