Changing PINs of German bank card

[Jerry]

On Tue, 11 Jul 2017 12:32:56 +0200, Binarus stated:

>On 11.07.2017 10:14, NdK wrote:
>> Il 11/07/2017 09:44, Binarus ha scritto:
>>   
>>> - If somebody tries to brute force the pin (or online banking
>>> password), the access will be permanently denied if there are more
>>> than 3 failures (the exact number may vary). That means that the
>>> length of the pin / password is not as important as one might
>>> think, because it is practically impossible to brute force a 4
>>> digit pin with only 3 tries.  
>
>> If you routinely use your card twice a day, they can make two or four
>> guesses each day: every correct PIN you insert resets the counter.  
>
>I am not completely sure if I got you right. Wouldn't that mean that I
>have to lose my card, the bad person then makes two guesses, then I get
>back my card and enter my correct pin, then I lose my card again, and
>the same bad person finds it again and makes another two guesses, then
>I get my card back again and so on?

If you continually lose your card that often, you have more problems
than just a lost/stolen card to deal with. I sincerely hope you are
never trusted with confidential information.

>This is practically impossible (unless I have missed something
>obvious). How could the correct pin be entered and the counter be
>reset if I didn't get the card back?

In theory, it couldn't.

>Or did you refer to an adversary who copied the card? In that case, he
>still would have to know when I actually have entered the correct pin
>(which would mean that he permanently had to observe me) to start his
>next two tries.
>
>Furthermore, people usually call their bank to make their card invalid
>as soon as they notice they have lost it. This means that they usually
>won't enter the correct pin again after having lost the card.

That is the general idea.

>The only way to abuse the fail counter reset feature would be to steal
>the card, to copy it and to return it to its owner, and to do this in a
>way that the owner would not notice it. But again, the adversary would
>then still have to observe the card owner to see when the counter is
>reset and to start his next tries.

I was told, although not confirmed, that cards with embedded chips
cannot be copied and still be usable. If anyone would like to comment
on that, it would be welcomed.

>> The probability to guess the correct code during the 5-years life of
>> the card is definitely non-negligible.>  
>>> And there is one more very important thing most people don't think
>>> of: What happens if you have an accident or if you die? Your heirs
>>> will have all sorts of troubles if something happens to you and
>>> they can't access your electronic accounts because they don't have
>>> the passwords.  
>
>> Usually there are other, non-technical ways. For example they just
>> go to the bank with a death certificate.  

I have actually seen that happen. The estate lawyer had to fill out
some paper work, but it was really no big deal. Basically, it is the
same procedure used to get access to a deceased safe deposit box.

>I already have seen cases where it was not that easy in Germany.
>Usually, presenting a death certificate to the bank is not enough. I
>have seen that the bank had to make sure that the people presenting the
>death certificate actually were the legal heirs. That meant that those
>people had to acquire all sorts of documents from all sorts of
>authorities which has been very expensive (several hundreds of EUR),
>but more important, was very unpleasant and time consuming, especially
>in the situation they were.

Good for them. They should make absolutely sure before releasing the
funds.

>AFAIK, there is only one thing you could do to avoid that hassle: The
>testator and the heirs should make a contract of inheritance. Such a
>contract must be made by a notary, so this will also have its cost, but
>when you present such a contract to the bank (in addition to the death
>certificate), you will have no problems.

The cost of a notary is a few dollars; therefore, negligible. Honestly,
I would hope that it would NOT be that easy.

>But now, being a German citizen, try the same thing with eBay,
>Facebook, LinkedIn, PayPal and so on ... no thanks.
>
>>> So I tend to write down at least my master password on a sheet of
>>> paper, put that in a sealed envelope and give it to a relative who
>>> I highly trust. In case I die, they open the envelope, have the
>>> master password for my password safe and can use that to open the
>>> access to all my accounts. Alternatively, you could have some
>>> relative you trust memorize your master password. But since he
>>> won't use it regularly (hopefully), he probably will forget it
>>> after short time ...  
>
>> Better use shamir's secret sharing, or just use LCD-segments
>> characters printed on two acetate sheets that need to be combined to
>> be read. Obviously the two sheets are to be given to two different
>> people, in sealed envelopes...  
>
>Nice ideas :-) My own security needs are not that high, though (hoping
>that life won't punish me for that optimism).
>
>> BTW the method you use is the same that was used for our mainframe's
>> master password. :)  
>
>To add to it, if you mistrust your relatives, you could put the
>password on paper into some sort of lock box and carry the key to that
>lock box with you. But then what would happen if you lost that key?

I have all of my important papers, including passwords to accounts that
have to be kept secure, in a bank safe deposit box. If I were to die,
it wouldn't matter who had the key if they were on the allowed users
list. My heirs would have to get a court order to have the box opened.
Not really a big deal. Usually things like this are written into the
will and happen all the time.

BTW, it isn't all the difficult to open a regular lock box. I have
drilled out a few in my time after losing the key. Having it a bank is
far more secure.

-- 
Jerry