PINsentry

From Wikipedia, the free encyclopedia

Please help improve this article or section by expanding it.
Further information might be found on the talk page or at requests for expansion. (October 2007)

The PINsentry device

PINsentry is a new two-factor authentication security system being deployed by Barclays Bank to prevent fraudulent use of their online banking website.

The device runs independently powered by four LR44 type button cell batteries, which it is claimed will last from five to seven years.

The PINsentry reader features a small LCD screen with the blue Barclays logo above, three main buttons; "Identify" (used to login), "Respond" (no current usage) and "Sign" (used for authorising new payments to another bank account). Under the three main buttons, there is a numeric keypad, laid out in the same way as a telephone's keypad. The device also has a yellow "Clear" button on the bottom left and a green "Enter" button on the bottom right, both used during PIN entry.

The first PINsentry reader used recorded audio to guide the user when using the device, whereas the latest device simply uses on-screen instructions.

There is no on or off button on the reader, instead the device activates when an account card, with an electronic chip on-board, is slid into the slot at the very top of the device.

The result of any action carried out on the device is a unique eight-digit number, which is accepted by the Barclays online banking website as a method of identifying the account holder.

As well as being able to verify an account card's PIN, the PINsentry reader can also stop the card working if an incorrect PIN is entered more than three times in one session.

To login to online banking, you are required to slide your Barclays account card into the device, press the "Identify" button, enter your PIN, press the "Enter" button and you are then given an eight-digit number to use on the Barclays online banking login page.

The concept behind the device is to stop fraudsters being able to access an account-holder's account simply using their account number and "special" word; the physical card reader is required to create an eight-digit number from the account card's PIN and, as of 13th December 2007, the algorithm used to create and decode the eight-digit number has not yet been discovered or reverse-engineered.

The PINsentry reader is provided to all account-holders using online banking at no charge.