WRITTEN ON May 27th, 2005 BY Richard S AND STORED IN Uncategorized

Yesterday, the respectable looking middle-aged woman in front of me tried to pay by credit card, but her PIN did not work.

Immediately, the sales assistant offered to accept a signature instead.

The woman then mumbled that “it was not her credit card but she had thought that she knew the PIN.”

No alarm bells; Manager/Police not called; the assistant just accepted alternative payment.

Presumably, had the PIN worked, the Bank would automatically have insisted that the card-holder was liable.

1. Is an anonymous PIN really more secure than a simple signature?
2. Are we too ready to “trust” high tech. solutions?
3. Does this tell us anything about the reality of ID cards?

Any important service which requires the presentation of an ID card will have to offer an alternative mechanism to overcome failures and crises. Such a mechanism could be a serious weak point.