Monday 10 December 2007

For Sale - Barclays PINsentry


Ok, so I moan a fair bit, but I mean what's the point of a Blog if you can't moan? So here's a cracker on the subject of authenticating online banking transactions - Barclays PINsentry. Oh dear. There are two ways to do things - the Right Way and the Wrong Way; this is the Wrong Way....

Let me explain. Every time I log onto my account from a PC, any PC, including my home PC, I need to insert my card into this device, enter my PIN and submit the number it gives me to the website logon page. Every time. If I get my PIN wrong it tells me. So, I'm at work and I realise my electricity bill is due today. All I need to do is log on and make the payment - just what online banking is all about. Ah. That's right, I forgot to pick up my PINsentry when I left this morning, silly me! I access my account from dozens of places, airport lounges, foreign hotels, work, home, family when I visit - am I expected to carry this device, the size of a calculator, everywhere I go? Ok, so I manage with my phone but that's about it and even that slips into my pocket a damn sight easier that this shite. What a pain, what a fucking pain.

So, I asked for some more PINsentry devices so I could have one where I needed it. Ok they said, but they cost £6 each. F*ing hell, I got a bit upset and demanded to speak to the manager. A few minutes of haggling later and I am now the proud recipient of another 2 PINsentry devices, free, bringing my grand total to 3.

Now, however, I think I can make some money out of this given the inherent ability of the device to check a PIN number for a card. So - special offer - for only £5 I will sell one of my PINsentry devices to you, allowing you to quickly verify whether you have the correct PIN number for a, err, borrowed *cough* card - remember - the device tells you if the PIN is correct. I would suggest you could carry it with you whilst "obtaining" the cards, thus ensuring that the card donator has given you the correct PIN without needing to escort them to a cashpoint. How useful. Of course it only works with Barclays cards but hell, they probably hold about a third of all UK accounts so your chances are pretty good should you chance upon an opportunity...

The reason it gripes me (apart from the murkier uses of the device) is that there are other ways, more practical ways and devices to achieve the same thing - RSA tokens for example, a small key fob or credit card thing you can pop in your wallet which gives you a unique, changing number - or a variant on the credit card device that allows you to pop in a PIN number. Quite why the physical device has to be so cumbersome I have no idea.

I've had enough, so please let me know if you're interested in purchasing a Barclays PINsentry (£1 off the RRP) and we'll sort something out using PayPal, eBay or something. I'd be interested in hearing if any other people have had similar devices thrust upon them by other banks, or if they have experienced a more pragmatic way of doing this. Ta v much.

6 comments:

Anonymous said...

It only gives you three tries at the PIN though, then it locks the card.

Anonymous said...

True, guess I expect the generous donator of said card to disclose the PIN since it can be checked straight away in whatever dark alley the poor unfortunate has found themselves.

Anonymous said...

Could I have one of your spare pinsentrys (pinsentries?) for nothing?

I am afraid I don't intend to do anything nice with it. I have some errr... professional contacts who can lay their hands on a large amount of explosives and the space to destroy it in. So, I'd like to blow one up and film it for youtube.

Obviously if you've decided you are very attached to this new bit of technology you might not want to send it to this fate... Think carefully, the future of online banking may be in your hands.

Anonymous said...

What a great idea!!! I'd love to watch the little blue gadget go up in smoke. That would relieve me of at least one of the pieces of cr@p and make a wonderful bit of video art to boot. Is this something you make a habit of doing, and is there a clip of you destroying something else I could take a look at so I could imagine what sort of fireworks to expect? I certainly don't mind donating it for this good cause :)

Freakyclown said...

You might want to check out my blog posts on hacking the pin sentry device

http://www.aheadofthetimes.co.uk/

Anonymous said...

kredyt samochodowy bez biku
pożyczki pozabankowe
pożyczka bez bik
http://pozyczkibezbik24.net.pl
szybkie kredyty zielona góra
pożyczki pozabankowe ing forum
zobacz więcej