On 13.07.2017 01:23, MFPA wrote: > > > On Wednesday 12 July 2017 at 3:15:09 PM, in > <mid:3a6ef797-5e26-7b2c-d740-ee85d9750...@binarus.de>, Binarus wrote:- > > > >> (if the >> PIN needs to be >> stored at all in some backend which I doubt). > > The Bank must know the PIN (or a hash). Otherwise they would not know > if you entered the correct PIN for online transactions.
I don't think so. Banking chip cards contain mechanisms for local PIN verification. You can see that an ATM (or the card) immediately decides if the PIN is correct or not even if the ATM's network connection is failing at that moment. Banking chip cards furthermore contain a processor and software for cryptographic operations, so that the endless capabilities of modern cryptography are at hand. Think of asymmetric methods like RSA ... Regards, Binarus _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
