From msuinfo!netnews.upenn.edu!news.amherst.edu!news.mtholyoke.edu!world!news.kei.com!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!EU.net!sunic!ugle.unit.no!ugle.unit.no!hanche Sat May 28 15:35:17 1994 Path: msuinfo!netnews.upenn.edu!news.amherst.edu!news.mtholyoke.edu!world!news.kei.com!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!EU.net!sunic!ugle.unit.no!ugle.unit.no!hanche From: hanche@pyanfar.imf.unit.no (Harald Hanche-Olsen) Newsgroups: sci.crypt Subject: Re: Unsecure Cash machines Date: 25 May 1994 19:05:22 GMT Organization: University of Trondheim, Norway Lines: 35 Message-ID: References: <2rj35l$357@nef.ens.fr> <2ru55j$mhd@nntp.ucs.ubc.ca> <2rvd9k$rvf@lyra.csx.cam.ac.uk> NNTP-Posting-Host: pyanfar.imf.unit.no In-reply-to: richard@cogsci.ed.ac.uk's message of Wed, 25 May 1994 15:56:54 GMT A paper that was posted to the net a good while back has the following information about how the PIN is computed for a VISA card: (At least I think that is what he's saying...) PINs are calculated as follows. Take the last five significant digits of the account number, and prefix them by eleven digits of validation data. These are often the first eleven digits of the account number; they could also be a function of the card issue date. In any case, the resulting sixteen digit value is input to an encryption algorithm (which for IBM and VISA systems is DES, the US Data Encryption Standard algorithm), and encrypted using a sixteen digit key called the PIN key. The first four digits of the result are decimalised, and the result is called the `Natural PIN'. Many banks just issued the natural PIN to their customers. However, some of them decided that they wished to let their customers choose their own PINs, or to change a PIN if it became known to somebody else. There is therefore a four digit number, called the offset, which is added to the natural PIN to give the PIN which the cusomer must enter at the ATM keyboard. Reference: Article <1992Dec8.112125.22462@infodev.cam.ac.uk> by rja14@cl.cam.ac.uk (Ross Anderson) of Tue, 8 Dec 1992 11:21:25 GMT. This explains both how the PIN can be encrypted on the card and how the user may change it. The paper goes on to talk about how this encryption is worthless unless good protocols are adhered to. Of course, an interesting situation will occur if the PIN key is ever compromised... For a while at least, I'll make my copy of that paper available at http://www.imf.unit.no/~hanche/atm.tex.gz for those who may be interested in more detail. - Harald