On Jul 1, 2008, at 17:39, Perry E. Metzger wrote:
Ed, there is a reason no one in the US, not even Wells Fargo which you falsely cited, does what you suggest. None of them use 4 digit PINs, none of them use customer account numbers as account names. (It is possible SOMEONE out there does this, but I'm not aware of it.)
Many German savings banks use account numbers as account names (see, e.g., https://bankingportal.stadtsparkasse-kaiserslautern.de/banking/) http://www.stadtsparkasse-kaiserslautern.de ), as does, for example, the Saarländische Landesbank (https://banking.saarlb.de/cgi/anfang.cgi ). Most will not use 4-digit PINs, though.
I understand some European banks even do stuff like mailing people cards with one time passwords.
Do you mean TANs (TransAction Numbers)? TANs are used to authorize transactions that could affect your account balance. So stealing the PIN will let you look at the balance, but will not let you steal money (through this channel).
(Or maybe you knew all this already and I just missed the irony.) Fun, Stephan --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
