A simple idea to prevent card fraud

I read about the German fraudster jailed in the UK recently. The BBC claimed his technology could remotely read card details allowing him to potentially earn up to £150m a year.

It makes me wonder why the UK, and other countries, do not adopt the very simple innovation most banks in Brazil use – though I believe it was initially pioneered by HSBC.

You put your card in the ATM and enter your PIN as usual, but then a new set of options, looking at bit like this is presented:

WXY              GHI

STU               JKL

ANC               MBO

DZF               PQR

The letters are in fact all randomised and different every time. Every customer not only has a four digit numeric PIN, but a three character password too. But you never type your actual password… in the collection of randomised characters you press the button closet to the character you want to type.

So, if your code is XYZ, even if someone watches or films you punching in the code, they cannot tell if you entered XYZ, YXF, XWD, WYF… simple, but very effective.
Ladybird on ATM

2 responses to “A simple idea to prevent card fraud

  1. I don’t quite understand how this prevents further use of the card. If the remote scanner can still pick up your credit card number and PIN, isn’t this enough to then go and use the credit card details on the internet, etc (even if they were unable to get the password)?

    • That is a good comment and you are right – it’s not fool proof. This simple method does prevent further abuse at ATMs… so you can’t make a copy of the card and then clean out the account of cash, but you are right, it could possibly still be used online. I guess that additional checks such as ‘Verified by Visa’ can prevent that kind of abuse though, so a combination of methods would prevent most abuse.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s