Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!accuvax.nwu.edu!nucsrl!telecom-request From: "John R. Levine" Newsgroups: comp.dcom.telecom Subject: Re: Phone Credit Cards Message-ID: <3564@accuvax.nwu.edu> Date: 6 Feb 90 04:48:22 GMT Sender: news@accuvax.nwu.edu Organization: Segue Software, Cambridge MA Lines: 28 Approved: Telecom@eecs.nwu.edu X-Submissions-To: telecom@eecs.nwu.edu X-Administrivia-To: telecom-request@eecs.nwu.edu X-Telecom-Digest: Volume 10, Issue 79, message 7 of 7 In article <3532@accuvax.nwu.edu> dave%westmark@uunet.uu.net (Dave Levenson) writes: >Note: Bank ATM cards, like telco cards, _do_ have your PIN >magnetically encoded on the card. Although that was true for some early ATMs, it's not generally true any more. The number from your card along with the PIN you enter are sent along to the issuing bank for validation. My bank sends out cards with no PIN, then you have to appear in person at the bank once with ID, swipe in your card, then enter your PIN twice and they store it for future use. The way they pass the number and PIN back to the issuer is similar in concept but not in execution to the way that telco calling cards are done. By the way, there is no pattern to calling card PINs. Each operating company makes them up any way they want. My cousin who runs the family telco in Vermont used to run a random number generator on his IBM Sys/32. Each time you enter a calling card number, it is validated in the giant distributed calling card data base. My cousin once explained to me how he gets his numbers into the giant data base; for his tiny telco it's a complicated multi-stage process involving a service bureau run, I believe, by the USITA that actually fields the validation requests. Regards, John Levine, johnl@esegue.segue.boston.ma.us, {spdcc|ima|lotus}!esegue!johnl