Personal identification number

From Free net encyclopedia

A personal identification number (PIN) is a secret shared between a user and a system that can be used to authenticate the user to the system. Typically, the user is required to provide a non-confidential user identifier or token (such as an debit card) and a confidential PIN to gain access to the system. Upon receiving the User ID and PIN, the system looks up the PIN based upon the User ID and compares the looked-up PIN with the received PIN. If they match, then the user is granted access. If they do not match, then the user is not granted access.

PINs are most often used for ATMs. Throughout Europe the traditional in-store credit card signing process is being replaced with a 'Chip and PIN' system, where the customer is asked to enter their PIN code instead of signing. They are also sometimes used for online systems instead of alphanumeric passwords, which may compromise security. (See password for more details)

PINs are often 4-digit numbers in the range 0000-9999 resulting in 10,000 possible numbers, so that an attacker would need to guess an average of 5000 times to get the correct PIN.

In 2002 two PhD students at Cambridge University, Piotr Zielinski and Mike Bond, discovered a security flaw in the PIN generation system of the IBM 3624, which was duplicated in most later hardware. Known as the decimalization table attack, the flaw would allow someone who has access to a bank's computer system to determine the PIN for an ATM card in an average of 15 guesses. [1] [2]

[edit]

See also

es:Número Identificación Personal eo:Persona Identiga Numero fi:PIN fr:Code PIN nl:Pinnen no:PIN pl:PIN sv:PIN

Retrieved from "http://www.netipedia.com/index.php/Personal_identification_number"