When chip and PIN first came out, I was sceptical, to say the least. The idea that a signature was less unique than a 1-in-10000 guess just didn’t wash with me; especially given the fairly obvious PINs people seem to choose. Then, finally, I relented and acccepted chip and PIN as being at least ‘ok’ – on the basis that at least the PIN isn’t visible on the card unlike the signature. Then I read Chip and SPIN, from computer security notables Ross Anderson, Mike Bond and Steven Murdoch — and now I’m getting rather concerned about the whole thing. Goes to show gut instinct is usually right.
Matt Godbolt is a C++ developer living in Chicago. He works for Hudson River Trading on super fun but secret things. He is one half of the Two's Complement podcast. Follow him on Mastodon or Bluesky.
Copyright 2007-2026 Matt Godbolt. Unless otherwise stated, all content is licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported License. This blog is powered by the MalcBlogSystem by Malcolm Rowe. Note: This is my personal website. The views expressed on these pages are mine alone and not those of my employer.