[ELI5] Why we can just skip the PIN when using our cards?

617 views

You know when it gets to the PIN screen, sometimes it’ll say, “Press cancel/enter to continue” and you can just… bypass the PIN. Doesn’t that just defeat the purpose of the PIN?

In: 247

17 Answers

Anonymous 0 Comments

In terms of information security, A single factor authentication just need one of the 5:

1. Something you KNOW, eg password
2. Something you HAVE, eg Smart Card
3. Somethign your ARE, eg biometrics
4. Something you DO, eg the way you sign the name
5. SomeWHERE you are, ie GPS

With Bank Smartcard (ie with chip – Smart Card), it satisfy “Something you have”.

That being said, most of us know that is not secure. So you got 2FA/MFA – MultiFACTOR – instead of just using one, you use multiple factors. In Banking, that means inserting Smart Card and then enter your PIN. In terms of Google Accounts, the Authenticator is consider something you HAVE, and then throw in password, and that’s your 2FA.

Throw in Geofencing and you got even more secure.

You are viewing 1 out of 17 answers, click here to view all answers.