[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [CRYPTO] Bank Cards, Interac, Bank Machines, etc



In a message dated 96-11-25 22:17:41 EST, you write:

> I also heard that the magnetic stripe on the back contains your card
>  number (the shiny metallized numbers on the front) encrypted using DES
>  using your PIN as the key.  Way out to lunch?  Too close for comfort?

This seems to be pretty unlikely, cuz I changed my PIN and was still able to
use the same card.  This means:

1) They can write to a card (pretty unlikely - but not ruling it out - jus
don't know)

2) There are more PINs to a card than one (pretty unlikely cuz I chose my
number)

What I suspect is:

Obtain card number
Obtain PIN
Send both to computer controlling transactions
This computer inputs both to an algorithm that says Yea or Nay to continuing
(like the numbers point to a valid check/credit/savings account or GL
account)...

Perform transaction (data likely encrypted the same way back and forth for
defeating listening devices)....

There may be a hash to the account, the result is not an account number, or
some huge look-up database is in play matching PINs to card numbers to
accounts.