6 Digit PIN


(Matt Stibbs (#1195)) #1

Hello Mondonians

I went to change my Mondo PIN at a legacy bank ATM yesterday, and for my new PIN I entered 6 digits instead of the usual 4 (I have been using a 6 digit PIN on my iPhone for a while now).

The first surprise was that the new 6 digit PIN was accepted without comment by the ATM - it confirmed that my PIN had been successfully changed. I received the usual Mondo notification confirming that a PIN change transaction had occurred.

Knowing that other countries use 6 digit PINs as standard for bank cards (Singapore being the example I’m familiar with), I got rather excited that the banking infrastructure had become silently capable of supporting 6 digit PINs here…

When I then tried to use the card to withdraw some cash, it again accepted a 6 digit code on PIN challenge, but failed the transaction when trying to actually process it. After a couple of attempts I then realised that if I entered the first four digits of the 6 digit PIN I thought I had changed it to, everything worked hunky dory…

So my question is…

Where is the truncation happening? Is it simply that the new PIN is being truncated on arrival to Mondo, or are there other bottlenecks in the system which enforce the 4 digit limit?

With the secondary question being… could Mondo realistically support 6 digit PINs within the current UK banking infrastructure…

Thanks!


Pin length
Pin length
Long PINs
( surohpotsirhC) #2

I was not aware 6 digit PINs were a thing anywhere. I’d love to see 6 digit (or more) PIN support. I’m guessing that this would require involvement from the ATM providers though to become a thing.


(knows someone who knows Tom quite well) #3

Why though? A 4 digit PIN is fine, sometimes increasing the length gives no real benefit but does add inconvenience.

Crackers have a 3 in 10000 chance of guessing your PIN before it locks.


(Marco Slater) #4

6-Digit pins have been in circulation in other European countries for some time, especially credit-cards.

Its good to heard the card accepted it, if its confirmed what the issue is, and perhaps have full support for it in the future, that would be quite nice.

6-digit pins are mostly used to make it harder for someone who’s spying on your pin-entry to learn and remember the entered pin, generally speaking more numbers in something like a PIN is usually better regardless. :smile:

+1 for longer pins.


( surohpotsirhC) #5

If someone’s watching me enter my PIN then 6 digits is that bit harder to remember than 4. I don’t believe it’d be inconvenient to have 6 numbers myself but we’re all different.


(Adam) #6

been doing some digging around and it seems if you have a 6 digit PIN, you can enter the first 4 digits and it will be accepted. So I do not understand the point of 6 digits.
Also if you are worried someone is watching you, use your hand/wallet to cover what you are pressing and feel for the buttons (the number 5 has a little bump on it).


(Matt Stibbs (#1195)) #7

I do appreciate that there is a question over whether having a 6 digit PIN provides significant benefit over a 4 digit PIN, my interest was much more in the technology behind it!

I found it curious that the ATMs were allowing me to enter the 6 digit PIN AND that I was able to successfully change my PIN without it kicking up any errors.

My suspicion is that maybe the PIN is just truncated at the ATM and that simply anything you input past the 4th digit gets discarded… in which case - why allow more than 4 digits? :slight_smile:


#8

There are various card schemes in the world such as AmEx, CarteBlanc, Diners, MasterCard, Visa etc. The Chinese card scheme UnionPay (62XX XXXX XXXX XXXX) have 6 digit PIN numbers for their cards instead of 4 digit.

As for regular MasterCard and Visa etc. apparently 6 digits is the norm in Switzerland. In Italy it is 5 digits for debit cards but 4 for credit.

They say new cash machines can take PINs up to 12 digits long! However, older machines are limited to 4 digits, so some people with 5 or 6 digit PINs have problems when travelling to certain countries or smaller towns which may not have as up to date machines as in bigger towns.

I have on some bank accounts been using a 5 digit pin for some years now.


(Matt Stibbs (#1195)) #9

And I’ve foolishly just realised that the reason ATMs accept 6 digit PINs is precisely for those people with accounts that do use 6 digit PINs (e.g. from other countries). So in fact they have to allow longer PINs, even if they don’t accept them on UK bank cards.


(Alan) #10

Personally, I much prefer 6 digit to 4 digit PINs and wish they were the norm - not just for ATMs but instead of Passwords requiring all kinds of characteristics (e.g. Upper and Lower Case, a Number, a Symbol, etc., etc.)

They give you much more flexibility to invent something memorable e.g. the house numbers of the last 3 properties I’ve lived at, etc.


(knows someone who knows Tom quite well) #11

6 digit PIN instead of passwords? Even your laptop can crack a 6 number password in seconds…


(Mr Michael j ekers) #12

And for a lot of people doesn’t even need minutes

http://www.theguardian.com/money/blog/2012/sep/28/debit-cards-currentaccounts


(Steven Pick) #13

Could be argued that 6-digit PINs are less secure if customers use their DOB.


(Mr Michael j ekers) #14

I Believe the Barclays apps use 5 char to avoid you setting them to your card pin (4chars) or your DOB


(Alan) #15

Of course, but anyone foolish enough to do something as obvious as that probably leaves their car keys in the ignition overnight!

Banks usually prevent obvious sequences such as that …


(Steven Pick) #16

Far as I know PINs for some app have requirements that they shouldn’t have consecutive numbers or repetitive numbers - so a DOB can still be a possibility. In fact, I’m testing an app at the moment and using a 6 digit PIN which is my DOB, so…


(Damien Walsh) #17

+1 for 6 digit PINs. Really throws off any PIN-spies stood behind you at the cashpoint. And as for people using DOBs for PINs, I’d say that’s just as likely with 4 digits, only people will use just the year.


(Matt Stibbs (#1195)) #18

To throw a complete spanner in the works - I just used my Mondo card in a Natwest cash point, and couldn’t do anything unless I entered the entire 6 digit PIN - my previous guess that I only needed to use the first four turned out to be inaccurate…

So it looks like the 6 digit PIN has in fact been saved - the question is now where will it work and where won’t it!

I will report back…


(Marco Slater) #19

Hey @mattstibbs, I saw you posted about your experiments with ATM’s, however, I’m curious, what do normal card machines do with this input? Say when you pay at a restaurant, does it accept the 6-digit pin directly? Have you found any issues? :slight_smile:


(lee) #20

-1 for 6 digit pins. No thanks to even more pointless numbers to remember!

Plus contactless doesn’t need any so it’d be odd to remove the need for that but add another two digits for standard payments.