When chip and PIN first came out, I was sceptical, to say the least. The idea that a signature was less unique than a 1-in-10000 guess just didn’t wash with me; especially given the fairly obvious PINs people seem to choose. Then, finally, I relented and acccepted chip and PIN as being at least ‘ok’ – on the basis that at least the PIN isn’t visible on the card unlike the signature. Then I read Chip and SPIN, from computer security notables Ross Anderson, Mike Bond and Steven Murdoch — and now I’m getting rather concerned about the whole thing. Goes to show gut instinct is usually right.
Matt Godbolt is a C++ developer living in Chicago. Follow him on Mastodon or Bluesky.