Abstract | ||
---|---|---|
Fraud victims are often refused a refund by their bank on the grounds that they failed to comply with their bank's terms and conditions about PIN safety. We, therefore, conducted a survey of how many PINs people have, and how they manage them. We found that while only a third of PINs are ever changed, almost half of bank customers write at least one PIN down. We also found bank conditions that are too vague to test, or even contradictory on whether PINs could be shared across cards. Yet, some hazardous practices are not forbidden by many banks: of the 22.9% who re-use PINs across devices, half also use their bank PINs on their mobile phones. We conclude that many bank contracts fail a simple test of reasonableness, and 'strong authentication', as required by the Payment Services Directive II, should include usability testing. |
Year | DOI | Venue |
---|---|---|
2016 | 10.1007/978-3-662-54970-4_35 | Lecture Notes in Computer Science |
Field | DocType | Volume |
Internet privacy,Computer security,Computer science,Usability,Card security code,Directive,Payment card,Strong authentication,Payment service provider | Conference | 9603 |
ISSN | Citations | PageRank |
0302-9743 | 0 | 0.34 |
References | Authors | |
0 | 8 |
Name | Order | Citations | PageRank |
---|---|---|---|
Steven J. Murdoch | 1 | 806 | 57.90 |
Ingolf Becker | 2 | 9 | 2.53 |
Ruba Abu-Salma | 3 | 1 | 1.02 |
Ross J. Anderson | 4 | 5349 | 971.91 |
Nicholas Bohm | 5 | 0 | 0.34 |
alice hutchings | 6 | 14 | 5.81 |
Martina Angela Sasse | 7 | 2389 | 243.30 |
Gianluca Stringhini | 8 | 701 | 61.87 |