Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:What's the big problem? (Score 1) 675

The slowness is in the procedure more than system response.

With the old system I would swipe my card at any point while my purchases were being scanned, type in my PIN a second or two after and put away my card. When the total was ready I would confirm it.

Now I insert my card and have to wait until the bill is totalled before confirming the amount and typing my PIN. It does seem slower to respond, too, but it's mostly annoying because my card is sat in the machine for longer. This results in a much longer time that I'm holding my wallet in one hand, or have to put it away and get it out again.

Also it's never clear whether the card reader will accept it (some are still swipe-only, some claim to read the chip but fail, sometimes I'm asked if it is debit or credit before being told what to do).

I wouldn't mind if it was more secure but I've heard that the chip simply sends a confirmation that the PIN was correct, no unforgeable challenge/response design.

When I tried using Android Pay earlier this year, I had similar problems of terminals that claimed to support it but didn't, although recently it's been more reliable and I've used it as a fallback when chip+PIN fails to work correctly.

Chip+PIN should be more secure and should be as effortless as swipe+PIN, but right now it doesn't seem to live up to that.

Comment Don't some websites work this way? (Score 1) 116

Some website services require you to provide your password to some other site to work. For example, email filtering or some finance sites.

I know that when done correctly the site provides an authentication token, but the old-style approach was to just require you to provide your mail or bank's password.

Slashdot Top Deals

Can anyone remember when the times were not hard, and money not scarce?