Community

Thanks Matt....and I've just noted that the FT also mentions that the production problems have affected one client in South America (according to their source).

Hmmm.  The use of the word 'deliberately' and bringing in the SFO is a clear sign that there may be a lot more to this than careless or negligent staff.  I have seen another quote attributed to Brookes which is below:

‘The company reiterates that it has not found anything to suggest that either the physical security or the security features in the paper have been compromised and that the matters uncovered relate only to the certification of paper specifications at the relevant facility.'

Wonder which country or countries the banknotes in question were for?  Will this make life easier for banknote counterfeiters?  It will interesting to see what the SFO find..............

When I last wore uniform (a couple of decades ago now) there were very strict procedures for the control of classified documents and publications.  They were signed in and signed out in a controlled register, amendments/additions etc were recorded by signature, and at the end of their life they were shredded and destroyed by fire, with two people present and accountable.  I am not aware how these rules and procedures have been amended to cover digital data, but my feeling is that they will have been watered down.  It must be a nightmare to effectively control sensitive and secret information these days!

I find it astounding that memory sticks with such data on them (particularly ones with logos on them) are not encrypted.  Okay so this one was lost, but one also wonders what controls there are in place to stop someone taking the stick home and downloading the data.............that way there would be not even be knowledge of a security breach.

With regard to data privacy concerns, I also touched on these in my recent blog on biometrics at ATMs.  When government departments carelessly lose private data, even if the Information Commissioner does decide to remonstrate, I wonder what punitive or corrective action he is actually able to take to address such breaches and to make the public Bodies concerned tighten up their controls?

I agree.

The concern to me is my personal biometric data falling into the wrong hands or being misused.  There is a big difference between a compromised PIN and compromised biometric data.  My finger vein patterns and palm vein patterns are not going to change and once taken and stored are out of my control for ever (yes, maybe data protection legislation says that they should be destroyed once an account is closed, but if that is the case how do I know that it actually happened and, even if it did, was it compromised beforehand?) 

As has been said, a compromised PIN can be changed, and is for the sole purpose of authorising transactions for a single card - it is unique for that card, which can be re-issued if compromised.  For online transactions we are told to never use the same password for different purposes.  It also can be changed if compromised.

Yet hypothetically, if I have accounts with several different card issuing banks and they all use finger vein technology for ATM transactions, then I am using the same authentication (admittedly unique to me) for multiple cards (and possibly other future legitimate purposes). 

As Stephen states there is a risk, however small, that my data if compromised could be misused for multiple purposes.  In the ‘technology chase’, the good guys are normally well behind the bad guys! 

Even more worryingly, as with the planting of DNA, is there a remote possibility that one day such compromised data could actually be used to evidentially place me where I wasn’t?

Wonder if the USA will reciprocate and allow Europol and other EU bodies access to equivalent US bank account data?  Somehow I doubt it; maybe I'm getting overly cynical, but with regard to such data sharing my feeling is that it's mostly a one way street..........

I thought that at the time John did work at De La Rue (then the De La Rue Company Limited).  The initial trial order from Barclays was for 6 'DACS', which stood for De La Rue Automatic Cash System.

John took the idea to the USA in 1967 where in his words it was received as "a wacky European idea that wouldn't sell in America."................

Plastic bank cards had not been invented, so John's machine used cheques that were impregnated with carbon 14, a mildly radioactive substance.  According to him you'd need to have eaten 136,000 of the things for any adverse effect.  The invention really took off when plastic bank cards were invented. 

I like the anecdote that he and his wife first truly realised the global importance of his invention only when they visited Chiang Mai in northern Thailand.  They watched a farmer arriving on a bullock cart, who removed his wide-brimmed hat to use the cash machine.

According to the BBC he allegedly said, with typical modesty and understatement,  "It was the first evidence to me that we'd changed the world".

I enjoy the convenience of ATMs, and my livelihood depends on ATMs.  Rest in peace John........and thank you!

It seems that every card issuer assumes that their card is the only one in a consumers wallet!  Isn't this one of the great ironies of the system?  We are told not to write down our PINs, and yet also NOT to use the same PIN for more than one purpose.  Well if you have several internet and phone banking relationships, and several cards, all with different PINs, how can you not write down a PIN?  It's impossible for most of us to remember all of our PINs without recording them in some way...........isn't it?  Yes we should take every reasonable step to protect our PINs - but we also need to remember them.

The 'insider' threat, ever present but often under-stated.  Wonder how much the bank actually lost? 

Yes, crunch time for a centralised US decision on Chip and PIN implementation must be getting closer.  Until they adopt it the pain is going to get worse......................isn't it nice having something that Europe can agree on?

if the man (umm.. person!) was up for carrying a backpack with a card wired to it down his sleeve, or otherwise concealed on his person................a real gift for 'stop and search'