Handheld chip and pin machines aren’t as universal as I thought they were. On a recent trip to the States, I found that it is still much more likely that they will take your card away to some dark corner to produce you a paper receipt, no doubt cloning it in the meantime!
In the UK that almost never happens but the vast majority of restaurants will come to the table with a machine these days, demanding payment before you’ve even seen this bill!
While holidaying in Greece earlier this year I found in a number of places where not only did they come with a chip and pin machine but the digits you pressed for the pin were randomised.
How this Helps Security
Here’s why terminals sometimes scramble the digits:
- Stops camera/shoulder-surfing attacks. If a tiny hidden camera or someone glancing over your shoulder records you entering the PIN, a fixed keypad lets them map the filmed finger movements to digits. Randomising the digits each time breaks that mapping.
- Defeats skimming/overlay attacks. Some fraudsters fit fake overlays or add cameras that assume the standard layout. A random layout makes those traps much less useful.
- Reduces smudge-pattern attacks. On touch screens, repeated presses leave oily smudges that reveal which keys are used; randomising positions means smudges don’t map consistently to digits.
- Software/UX friendly. With modern touchscreen PIN pads it’s easy to shuffle digits for every transaction; many European retailers adopted this practice as EMV/chip-and-PIN became widespread and fraud mitigations improved.
Tradeoffs and caveats:
- Slower / less familiar. People used to a fixed keypad can be slower and make more mistakes.
- Accessibility. Random layouts can be harder for visually impaired users; compliant devices often provide audio/tactile guidance or alternative input methods.
- Not universal. Some physical metal keypads (older machines, many ATMs) keep the fixed layout for tactile feedback and accessibility; others (especially mobile/touch devices) can and do randomise.
Conclusion
So — it’s a simple, effective anti-fraud measure: same PIN entry, but moving the numbers around so casual observers and hidden cameras can’t easily steal your code.
I love to see technology in the wild, and this I thought was a great example.
