UCL  IRIS
Institutional Research Information Service
UCL Logo
Please report any queries concerning the funding data grouped in the sections named "Externally Awarded" or "Internally Disbursed" (shown on the profile page) to your Research Finance Administrator. Your can find your Research Finance Administrator at http://www.ucl.ac.uk/finance/research/post_award/post_award_contacts.php by entering your department
Please report any queries concerning the student data shown on the profile page to:

Email: portico-services@ucl.ac.uk

Help Desk: http://www.ucl.ac.uk/ras/portico/helpdesk
Publication Detail
Are Payment Card Contracts Unfair?
  • Publication Type:
    Conference
  • Authors:
    Murdoch SJ, Becker I, Abu-Salma R, Anderson R, Bohm N, Hutchings A, Sasse MA, Stringhini G
  • Publisher:
    Springer
  • Publication date:
    22/02/2016
  • Published proceedings:
    Financial Cryptography and Data Security
  • Series:
    Lecture Notes in Computer Science
  • Editors:
    Grossklags J,Preneel B
  • Status:
    Accepted
  • Name of conference:
    Financial Cryptography and Data Security
  • Conference place:
    Barbados
  • Conference start date:
    22/02/2016
  • Conference finish date:
    26/02/2016
Abstract
Fraud victims are often refused a refund by their bank on the grounds that they failed to comply with their bank’s terms and conditions about PIN safety. We, therefore, conducted a survey of how many PINs people have, and how they manage them. We found that while only a third of PINs are ever changed, almost half of bank customers write at least one PIN down. We also found bank conditions that are too vague to test, or even contradictory on whether PINs could be shared across cards. Yet, some rather hazardous practices are not forbidden at all by many banks: of the 22.9% who re-use PINs across devices, half also use their bank PINs on their mobile phones. We conclude that many bank contracts fail a simple test of reasonableness, and that ‘strong authentication’, as required by PSD II, should include usability testing.
Publication data is maintained in RPS. Visit https://rps.ucl.ac.uk
 More search options
UCL Researchers
Author
Dept of Computer Science
Author
Dept of Computer Science
Author
Dept of Computer Science
University College London - Gower Street - London - WC1E 6BT Tel:+44 (0)20 7679 2000

© UCL 1999–2011

Search by