We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Pin number changed without my knowledge
Comments
-
but that my chip has forgotten it. I should get a new pin within the next 5 days.
The card's only six months old, so I wonder how many more problems I'll have with the chip.
Well after a talk to a member of out cards team. It seems it is possible. (need opps smilly here)
Basically, there is a fault on the chip. It could be that even a replacement as damaged won't cure it.
So when you get your new card and still have isses it needs to be replaced as lost/stolen and a new pin issued at that time to reset everything.
As to the arguement on PINS on banks systems. Yes it is. But in such a way that no one can ever gain access to it.
So you can scrub that as a excuse how someone has got a PIN....Never ASSUME anything its makes a>>> A55 of U & ME <<<0 -
Well, I got my pin number today, and it was the same as the old one.
You can all imagine my shock and surprise that it still didn't work.
I'd chosen an ATM in branch to test it, so toddled over the the counter.
It seems that there is at least one employee of Yorkshire Bank in Leeds who has common sense and knows what she's doing. Since it was the chip, and the magnetic strip, and the card itself when used online that was affected, she got someone to call the fraud department.
It turned out that there'd been a block on my card because a transaction I tried to make had been flagged as unusual because it was a lot higher than I usually spend.
So it's all sorted now.
Although I'm bemused as to why they have a system where the card can be blocked without anything being put on the system or flagged up when they look at my account.
I'm planning to make a complaint to them just so that the tellers can get a bit more training and know what they're doing. This could all have been sorted out on Monday if I'd spoken to the girl I saw today.Unless I say otherwise 'you' means the general you not you specifically.0 -
It seems that there is at least one employee of Yorkshire Bank in Leeds who has common sense and knows what she's doing. Since it was the chip, and the magnetic strip, and the card itself when used online that was affected, she got someone to call the fraud department.
So it's all sorted now.
Shame you did not mention using your card online failed as well.
Would have changed the advice.....
Decline at retailer, in this case it should have had a message contact bank.Although I'm bemused as to why they have a system where the card can be blocked without anything being put on the system or flagged up when they look at my account.
I'm planning to make a complaint to them just so that the tellers can get a bit more training and know what they're doing. This could all have been sorted out on Monday if I'd spoken to the girl I saw today.
Should have been a clear note on your account that the fraud department were trying ot contact you....
Contact telephone numbers upto date?
Good luck with the complaint. I would not be too hard on the people behind the desk.... Clearly they struggle to read any notes on a account... Other than sell, sell, sell...Never ASSUME anything its makes a>>> A55 of U & ME <<<0 -
thenudeone wrote: »I don't buy any of this.
It's glaringly obvious that the banks must have a record of the PIN in some format.
I can see my PIN on a web screen. How can the bank "generate the PIN" to show on the website without having a record of the PIN itself? The record may be heavily encrypted but it must start with actual PIN. Otherwise please please explain which branch of hyper-physics allows the bank to correctly display my card's PIN (which was chosen by me) without them ever being aware of it?
If the actual PIN was only ever stored on the card, then when the card expires, how can the bank issue a replacement card WHICH HAS THE SAME PIN AS THE ORIGINAL CARD (even if the customer changed it) without knowing what the PIN is?
Without magic, both of these things would be impossible.
Whether the facility to view PINs online is sensible or secure, and whether it's against VISA/MC rules, are both debatable, but what is not debatable is that the banks MUST have a record the PIN.
You may not buy it but that doesn't mean it's not true. The simple explanation (which is the only one I can give as I'm not an encryption expert) is that the original PIN that is issued when the card is first requested is calculated based on various pieces of information, including the card number. The algorithm used to do this is also present in ATMs and Chip & PIN devices, which is how the device confirms that the PIN entered is correct for the card used. When a PIN is changed by the user, or when a replacement card with a new number is sent out, then the PIN offset (which as I said previously IS stored both on the card and at the card issuer) is used to take into account the difference. I can assure you, and others who seem to believe it, that the PIN is NOT stored on the chip or the stripe, and to the best of my knowledge would never be known by the card issuer and therefore there is no record of it centrally.0 -
You may not buy it but that doesn't mean it's not true. The simple explanation (which is the only one I can give as I'm not an encryption expert) is that the original PIN that is issued when the card is first requested is calculated based on various pieces of information, including the card number. The algorithm used to do this is also present in ATMs and Chip & PIN devices, which is how the device confirms that the PIN entered is correct for the card used. When a PIN is changed by the user, or when a replacement card with a new number is sent out, then the PIN offset (which as I said previously IS stored both on the card and at the card issuer) is used to take into account the difference. I can assure you, and others who seem to believe it, that the PIN is NOT stored on the chip or the stripe, and to the best of my knowledge would never be known by the card issuer and therefore there is no record of it centrally.
As you say, you're not an encryption expert.
I don't think anyone is suggesting that the PIN is stored on the card or by the card issuer in an easily readable format. However, there are procedures to retrieve a 'forgotten PIN,' which strongly suggest it is possible for it to be recovered.
As an example, when I log in to my Capital One account I am given the option to view my PIN. To do so I only need to supply the three digit CVV2 number on the back of my card.
I appreciate what you're saying about PIN off-sets. But that's just another form of obfuscation.0 -
As you say, you're not an encryption expert.
I don't think anyone is suggesting that the PIN is stored on the card or by the card issuer in an easily readable format. However, there are procedures to retrieve a 'forgotten PIN,' which strongly suggest it is possible for it to be recovered.
As an example, when I log in to my Capital One account I am given the option to view my PIN. To do so I only need to supply the three digit CVV2 number on the back of my card.
I appreciate what you're saying about PIN off-sets. But that's just another form of obfuscation.
I am indeed not an encryption expert, but I was responsible for a team of people who were and who had an in depth understanding of all aspects of PIN processing. You can choose not to believe me but nothing you have said contradicts what I've said - in both of the examples you have given I would expect that the PIN is recalculated from the information supplied by you and already known by the card issuer, rather than retrieved from an encrypted store.0 -
dalesrider wrote: »Shame you did not mention using your card online failed as well.
Would have changed the advice.....
Decline at retailer, in this case it should have had a message contact bank.
Should have been a clear note on your account that the fraud department were trying ot contact you....
Contact telephone numbers upto date?
Good luck with the complaint. I would not be too hard on the people behind the desk.... Clearly they struggle to read any notes on a account... Other than sell, sell, sell...
Sorry, I did mention in my second post that it wasn't working online, but I should have made the timeline clearer.
I was told twice that there wasn't a note on the system about any fraud, the first guy said that there definitely hadn't been suspicious activity.
My phone number was correct, but as I don't have an answerphone they might have tried to call me when I was out without me knowing. I did get a letter today (dated the 2nd) asking me to phone them.
Thanks for all the help everyone.Unless I say otherwise 'you' means the general you not you specifically.0 -
I've never had to log out from an ATM machine?
The problem's been sorted, it was nothing to do with the card or pin, it was because they thought a purchase I tried to make was fraudulent.Unless I say otherwise 'you' means the general you not you specifically.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.5K Banking & Borrowing
- 252.9K Reduce Debt & Boost Income
- 453.3K Spending & Discounts
- 243.5K Work, Benefits & Business
- 598.2K Mortgages, Homes & Bills
- 176.7K Life & Family
- 256.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards