Even a simple website requires a password consisting of at least 6 digits and special characters, but banks do not need such complex passwords.
Moreover, even though our bank account is much more valuable than a website account. In addition, complex passwords are required for internet banking, but this does not apply to card passwords. Let’s see what is the reason for this situation:
Security techniques revolve around three things:
- Something we are: Retina scan, fingerprint, tongue print tests are included in this form of security.
- Something we know: Passwords for our accounts fall under “something we know”.
- Something we have: A debit card is something we have.
With our ATM card and PIN with us, we provide two of these three types of security. In other words, our password is not a security measure on its own, it must be supported by at least one of the other security techniques.
Complex passwords of 6-7 digits are not preferred by banks as it is a password that should be easily remembered anytime, anywhere. Cards can be blocked easily, as the probability of making a mistake while typing a 7-digit password will increase. This incurs additional costs to the banks.
In addition, customer satisfaction decreases. When paying with a card or withdrawing money at an ATM, the transactions will take longer, so there is a loss of time. Even debit card expenditures will decrease due to frequent password problems.
Trying all the possibilities one by one, cracking the password is called “brute forcing”. So how secure are 4-digit ATM passwords against this?
The probability that a malicious person will find the correct password with this method using all probabilities, in order 0000, 0001, 0002, is only 0.03% because there are 10000 possible permutations, and when entered incorrectly three times in a row – at least for that day – the card will be blocked. In addition, security cameras provide extra work.
In fact, the man who invented the ATM originally wanted a 6-digit PIN to be used.
The idea came to British inventor John Shepherd-Barron while he was taking a shower. Inspired by chocolate machines, the first automatic cash dispenser was opened in London on 27 June 1967.
The main reason why the inventor got this idea was that he could not withdraw money from the bank because he was only 1 minute late, and he wanted to have the freedom to withdraw money from anywhere in the world at any hour.
The reason why the number of passwords decreased to 4 was that Barron’s wife found 6 digits too long and could not remember the password. His wife, who complained about the long password, thus influenced a decision that affected billions of people.
Sources: Science ABC, Wikipedia