i found both of these article today while browsing around...
looks like drama at the Banks
http://www.theregister.co.uk/content/55/29425.html
How to get an ATM PIN in 15 guesses
By John Leyden
Posted: 21/02/2003 at 13:34 GMT
Cambridge researchers have documented a worrying PIN cracking technique against the hardware security modules commonly used by bank ATMs.
Mike Bond and Piotr Zielinski have published a paper detailing how a complex mathematical attack can yield a PIN in an average of 15 guesses. By design, it shouldn't be possible to guess a four-digit pin in less than an average of 5,000 attempts.
http://slashdot.org/articles/03/02/2...9.shtml?tid=93
Citibank Tries to Hush ATM Crypto Vulnerability
Posted by michael on Friday February 21, @03:00PM
from the be-vewwy-vewwy-qweit dept.
palme999 writes "Citibank is trying to get a gag order for new vulnerabilities found in the cryptographic equipment commonly used to protect the PINs of ATM transactions. The vulnerabilities came to light during a court case involving 'phantom' ATM transactions that users deny making but that banks still charge to customers accounts because they claim their systems are secure."