Re: PIN security
- From: evilwon12@xxxxxxxxx
- Date: Fri, 23 Jan 2009 09:42:18 -0700
I used to work in the banking industry. You have some novel thoughts, but have you thought about the business repercussions of what you are suggesting? I see that you say you need to, but have you?
I am not saying there is anything wrong per se with your suggestions, but how many more support people are going to be required to handle the additional support calls generated by any one of your recommendations? Now you will have to figure that out for each recommendation that you want to implement. How is the bank going to pay for that? I cannot answer that, as that has to be handled on a bank by bank basis, as costs are not the same.
I think you need to answer the business feasibility question before thinking about anything else. I know that plenty of my suggestions on how to improve things were shot down for that very reason.
From everyone that I know on the business side, they will answer NO to your first two questions. I am not sure how your third question plays into this, as I do not see it as being relevant to the PIN issue in the rest of the comments.
They will also say that you should give them the option to change their challenge questions, but forcing them to do that opens up the support question again.