Comment by jiggawatts

1 year ago

That provides very valuable information: DO NOT TRUST this machine to be secure!

Similarly, any web site or app that can’t correctly handle a space character at the end of the password should never be trusted with anything of consequence.

12 comments

jiggawatts

Reply
lxgr  1 year ago

Why? PINs are limited to 4 digits in many markets, so it's not exactly extreme for a developer to not consider the (to them) edge case of 6 digit PINs on foreign cards.

Conversely, it seems very possible to support 6 digit PINs and yet still make a ton of horrible implementation mistakes, security and otherwise.

lobsterthief  1 year ago

Why is the space thing inherently insecure? I’m thinking bad form validation could trip it up and be considered “not handled” vs concerns suggesting plaintext storage

quietbritishjim  1 year ago

Are you really worried that a card machine is going to leak your PIN? That doesn't seem to be a common attack vector compared to a third-party skimmer being attached or someone just mugging you and demanding your PIN under threat of physical violence.

To answer the actual question: I don't know because I left my PIN at 4 digits, despite knowing I could use more, precisely because I didn't think it would really make my life any more secure.

  • jiggawatts  1 year ago

    I'm not worried specifically about the PIN leaking.

    The concern is that a 4-digit max PIN length is certainly implemented by someone who couldn't be bothered to read the spec for secure credit card transaction handling.

    It's the equivalent of the "No brown M&Ms" clause or "Canary in the coal mine" test.

    Nobody actually cares about the M&M color or some dumb bird.

    • lxgr  1 year ago

      "Must support 6-digit PINs" is not part of "the spec for secure credit card transaction handling" – which is also not a (or at least one) thing: There are dozens of card networks, and many of them have tons of regional variations.

      In some markets, issuers only allow 4 digit PINs, and customers don't expect to have to press an "enter" key when they're done entering their 4 digit PIN – so the reasonable implementation is to allow only 4 digit PINs, or you'll be left with people staring at the ATM/POS terminal, waiting for something to happen.

      5 replies →

    • quietbritishjim  1 year ago

      Ok, but that doesn't answer my question: what specific problem are you worried about that would allow someone to steal your money, that isn't incomparably unlikely compared to other methods? I'm just not aware of any problem that has happened in practice from poorly written card reader software.