Last January 5th I posted a article about an urban legend claiming you could reverse your PIN number at an ATM to summon police [Reverse PIN at ATM Summons Police]. The idea is that whenever you are being held hostage and forced to withdraw money from your ATM account all you have to do is key in the reverse of your PIN number. The money will be dispensed but police will be called to rescue you. This is, of course, an urban legend. No such system exists at any ATM's.
Today I get a comment on that thread from a man named Joe Zinger who claims to have invented the reverse PIN number. If you follow the link given by Joe Zingher to ATM Safety PIN you will be re-directed to Zi Cubed Inc. where you learn that Joe Zingher is located in Gurnee, Illinois. I assume that he wants to make money from his "invention" but I can't imagine how he's going to do that even if it were desirable.
Here's Joe's comment (in yellow).
I’m Joe Zingher, the inventor of the ReversePIN system referred to on this website. There’s a great deal of disinformation about the system and it’s usefulness put out by magazines, official government agencies and banking industry. For instance, Forbes magazine claims that IBM holds an emergency PIN patent of its own. http://www.msnbc.msn.com/id/4086277/ and I’m somehow trapped in a life and death struggle with them. Contact Forbes and ask them what the IBM patent number is. They refuse to tell me.Nobody cares whether IBM has a patent on reversing your PIN number. Nobody cares whether you do—unless you're going to be taking money from us in the form of royalties. The important point is the "disinformation" that's out there (and below) and the "usefullness" of the scheme.
The Illinois Office of Banks and Real Estate issued an official report claiming that the system requires some kind of “physical reconfiguration” of the ATM or “hardware changes” http://www.obre.state.il.us/Agency/news/atmrpt.htm The author of the report claims that it was a lawyer who told him this. He claims that at the time he wrote it, he was under the impression that it needs “new data transmission lines to handle the more intelligent communications.” I guess if you discuss the Chicago Cubs on the telephone, you use one type of telephone line, but if you’re discussing quantum physics, you have to use a different, special kind of telephone line. This is obviously incorrect to anyone who has had even a single course in computer programming.Yes, it it so obviously incorrect that one wonders why you even bother to mention it. But that doesn't mean that the cost is negligible. As the study you referenced [ATM Report] pointed out, the system requires a complex interaction of several databases.
ATM card issuers typically issue one PIN to a customer. Under the Zi Cubed system, customers are assigned an emergency second PIN which is usually the reverse of their original number. For example, if 1234 were an individual’s PIN, then the emergency PIN would be 4321. If the PIN were 2442, then the emergency could be 4224. If the emergency PIN is entered, presumably during a robbery, the ATM processing main computer sends a distress message to the local police department. In addition to the location of the ATM, police could find out who the customer was with information taken from the customer’s bank account records. Police could also access a description of the customer from the Secretary of State’s Drivers’ Services Division. By the time police reach the ATM they would know who the customer is, what s/he looks like, and where s/he lives.I can see a number of problems here but they aren't really of much concern for the moment because the main problem is that the whole idea is just plain stupid.
... conversion to this system requires a significant commitment in resources to writing new computer software programs that recognize the reverse PIN and then make multiple complex decisions. Currently, ATMs communicate with banks and make what are termed "binary" (i.e., simple "yes/no") decisions concerning the account and transaction information. Under the reverse PIN system, the main computer must: (a) determine and communicate with the police station closest to the ATM; (b) the computer must communicate with the bank account of the cardholder and obtain account information that is usually confidential and protected (this process is more complicated if the ATM is not from the accountholder’s bank); and, (c) the main computer must then also communicate with the Secretary of State’s office for driver license information.
So why isn’t the system in place then? The vast majority of the public seems to like it a lot.The main reason why it's not in place is mentioned in the opening section of the Illinois State report. Here it is, in case you missed it ...
Although there is no precise data on ATM crime, violent crime against ATM users is relatively rare. Over the decade of the 1990s, ATM crime has actually decreased from approximately one crime per one million ATM transactions to one crime per 3.5 million transactions. At the same time, the use of ATMs has significantly increased. Nevertheless, public perception of significant crime at ATMs exists.That's a polite way of saying that the crime you're trying to prevent isn't significant enough to warrant preventative action. Implementing a code to summon police on the remote chance that it could help in the extremely rare situations where it arose is just not worth it. It's about as silly as making everyone take off their shoes in an airport or requiring passports at the Canadian border.
An analysis of the reverse PIN warning system is specifically requested by Resolution No. 134. The reverse PIN system attempts to utilize current technology to provide law enforcement with the immediate location and background information concerning a potential victim. However, a consumer may be under too much emotional stress to properly utilize the system, the system would be tremendously costly to implement both as to hardware and software requirements, quick response by police is not guaranteed, and no evidence exists that the reverse PIN system would actually reduce crime.In order for the system to be effective an awful lot of things have to happen in a timely manner. One of these is compliance by the victim. That means the victim has to be convinced that summoning police won't cause them harm.
Given that the disease for which you are proposing a cure is extremely rare and that your cure probably won't work, I suggest you look for another way to make money from the general public.
Well, I am not the authorized spokesman for the US banking industry, but here’s a short list of the claims I’ve heard about my system and why it’s not being used.Number 3 is the only one of these that's worth discussing. You make two claims here. They are typical examples of irrational thinking. The first is standard hype whenever you are trying to scare people into parting with their money. You construct a hypothetical scenario that serves your purpose then you hope that people won't notice how rare it is. In this case, the number of times when hostages are forced to withdraw money is so infrequent that it barely counts in crime statistics. The second claim is that when banks buy your system, crime will be deterred. What crime? Are you talking about the case where a criminal has taken someone hostage and intends to kill them when they have withdrawn a few hundred dollars from their ATM? Do you really think that a criminal like that is going to be deterred on the off chance that a cop car might show up at the ATM before they get away?
1) “An international treaty forbids it from being adopted. This treaty sets the technical standards for ATM transactions.” Actually, there’s no such treaty. It sounds like a great explanation though and one that the layman might buy.
2) “You’d have to issue all new ATM cards, costing $5 each to put the system in place. The system is terribly expensive and not worth it.” This is false too. You don’t change the card at all. All that is done is a small change in the PIN verification section of the code. This can be either at the ATM as part of the normal software upgrades or at the main link where the PIN verification software is. The invention is “transparent” to the existing software.
3) “Who could remember their ReversePIN with a gun at their neck at the ATM? It won’t work.” This is misleading because it defines a DIFFERENT crime than the one intended to be deterred. The crime pattern begins as a hostage taking in a carjacking from a parking lot or during a home invasion; the victim is then taken to an ATM and forced to make a withdrawal; then the victim is taken elsewhere, executed and the body hidden so that no one will cancel the card. There’s a LOT of lag time between the initial assault and the first withdrawal for the victim to get their wits about them. Further, EVEN PEOPLE WHO CANNOT USE THE SYSTEM BENEFIT from it. The criminal cannot know what is going on until it is too late. The goal is to get him to grab the money and run, and leave the hostage behind and hopefully unhurt. Moreover, there will be some people who can always use the system and that means they generate an umbrella of deterrence for the rest of society. Since the criminal can’t know for sure before the attack begins, does the attack ever begin?
4) “If our state makes it mandatory, that means some customer from out of state won’t be able to use the ATM at all.” Why on earth would you program the computer that way? That’s just stupid.It tells me that those "experts" are stupid. On the other hand, your claims aren't much better.
5) “What if your PIN in reverse is someone else’s regular PIN? It would shut down the system.” Excuse me, but your PIN is already being used by at least tens of thousands of other people already. The PIN is connected to the bank account number and the bank identification number. Think about it. From “0000” to “9999” there are only 10,000 possible variations on a four-digit PIN. There are over two hundred million ATM cards in the US alone. (A PIN like 2442 is handled by the “Inside-OutPIN 4224 and a PIN like 7777 is handled by the “Plus-1PIN” 8888. Get the idea here?)
The list of ridiculous claims is just too long. And they keep changing. What does it tell you when “experts” keep coming up with different false claims about the system?
By the way, to be an ACTUAL expert in the technical aspects of it, you need to have some background in computer programming, say an associate’s degree.Hmmm ... I'm just taking a wild guess here; do you happen to have an "associate's degree" in computer programing (whatever that is)?
So what’s the real reason it’s not being used? All their answers are different. That in itself should tell you something. Here’s a thought. If you’re the head of marketing at a bank, how many of these murders per year involving your ATMs makes you jump up and down yelling “HOORAY!!! We only had “X” murders this year that involved our customers being kidnapped and forced to make ATM withdrawals”? I think that is where the root of the problem lies.BINGO! I think you've hit upon the answer. The Bank will have lost a customer but they make up for it by not having to repay the forced withdrawal. I imagine the entire corporate headquarters celebrates with champagne all around whenever an ATM customer is murdered. If it's a big bank, you wonder how they ever get any work done at the headquarters.
8 comments :
I think an "associate's degree" is what you get from a community college or other 2-year institution, as opposed to a bachelor's that you get from a 4-year institution.
The Bank will have lost a customer but they make up for it by not having to repay the forced withdrawal.
Great line!
"PIN number" is both repetitive and redundant. Silly Canucks.
"Given that the disease for which you are proposing a cure is extremely rare and that your cure probably won't work, I suggest you look for another way to make money from the general public."
Hey, why do you claim that the disease is "extremely rate"? You admit that there are no objective numbers for it. Could it be that you're simply mindlessly following along what the bankers tell you? I've been a police patrolman. I think I understand the issues associated with the law enforcement side of the question. You sound so very bitter.
Zinger received a patent for an algorithm I copyrighted in 1991 (patents were not granted for algorithms or ideas or business models back then and obviously, the patent office did not check patent applications against previous copyrights).
I have been a computer engineer in the banking/ATM industry since 1984. I helped develop one of the first statewide ATM networks in the country (AVAIL in Georgia) and supported the Honor network as an outside consultant. Public Panic Alert and ATM Alert are the names we used while we marketed the product. Since then, we have matured our product to alleviate all of the concerns voiced by the banking industry. We have a patent application submitted that will allow both the banks and the consumer to benefit from its utilization. Being the owner of "a prior work of art" explictly describing this solution, any patents by Zinger and/or IBM will not be an issue to our product. Our product does not infringe on any patented item.
The stats on ATM crimes ARE low relative to the overall transaction volume. But, so are the number of plane hijackings by terrorists compared to the overall volume of airline traffic. Low percentages should not justify allowing a fixable problem to persist. If you can prevent one death, how do you put a price tag on it? Explain the cost effectiveness quotient to your child when your spouse is murdered.
There are minor changes that will have to implemented at the device level for SOME banks. No way around this since some ATMs validate "on-us" PINs at the device. There are some minor changes that have to be made at the mainframe/server level to detect AND REACT to the duress PIN. Banks do not have the expertise nor the staff to handle this situation when it happens. The consumer could be at ANY ATM in the country (or world). No bank can know the appropriate 911 system or local police phone number.
Since I have the benefit of having exposure and experience with the major ATM software applications and mainframe authorization applications, I can confidently say that our solution will work and will be a cost effective solution for the bank.
Police departments and major security experts have reviewed our product and embrace it. Technology has finally caught up with the idea and, hopefully, we will soon see our product become available to some banking consumers.
Meanwhile, everyone should be mindful of their surroundings whenever they approach and choose to use an ATM. Only you can ultimately prevent yourself from becoming a statistic.
ATM’s can only withdrawal a limited amount of cash. So just give them the money and don’t give them your life. You can find a way to get cash back into an account. But we can’t get life back to earth.
But it would be nice if you can simply add 911 at the end of you PIN. (PIN+911 = ####911). Would be easier to remember at the time of panic adrenalin.
A very simple update to ATM's Software may help increase the chances for the police to capturing the crook.
Claudio Jr. (Los Angeles, CA.)
I am all for trying to sell your idea, and being the next millionair. I myself am NOT the code writer, or chemist, or an english mjor for that matter. What I am is a street cop.... Im the guy who must respond to the 1234-4321 pin number distress call from an ATM. That Does make me an expert on the average person.. ( you may not agree, but every street cop who has to deal with people at lifes worst, should agree). "Most" people are morons... atlease when you take them out of thier comfort zone. put up a new stop sign, and watch as coutless people mindlessly drive right through it. this happens in any number of other ways, not just new stop signs. The fact is, people are "trained" to use thier PIN. They have to write it down, and look each time for awhile, then they finally remember it and are fine. Sure , some people have a great memory, or are simply using a familure number. But people always need "Trainind" for anything. We train ourselves for the drive home. We drive it a few times and then we can (AND DO!) drive it almost alseep. thats the problem. so unless EVERY person trains themself to use the NEW number when needed.... they wont when the NEED to use the number.. thats the first problem... next? Well... my smaller community has 7 or 8 banks. 4 of them have a dedicated alarm to the Police Deprtment, as well as an alarm company. the others use an alarm company only. Now I admit things re not as busy as you would get in larger communitys. But we still have our (smaller percentage) crimes like any other city. so several times a month we get an alarm drop from one of the dedicated alarms. A light and a buzzer goes off and our dispatcher looks at the number indicated, looks at a list of who is who... (not real hard with only banks, but there are other alarms on the system). Then put out the cll for somone to check. sounds simple... sure... it take 30 seconds to a minute to put the call out....fast huh? yep....OK.. so how long are you at an ATM? Now add the alarm company to the mix... remember we have several banks that have both.. Well add 3-5 minutes to the time to just get the call to a dispatcher. and thats on a good day. The ATM's already take your photo... we have not even gotten into respons time for the call yet... no way to know that.. possible that the officer is pulling into the lot as the alarm goes out... but doubtfull... could take seveal minutes to get somone there... thats on a good day... how many departments are so short handed that they have calls stacked up? OK.. so now whay about the database we need? is it nation wide, or just local? somwhere in the middle? who has to look up the info? the alarm company or the police department. how often is it updated? Oh.. and Dont lend your card out to your wife, kids, friend, care taker, etc...etc... Its just NOT practical. It may have sounded like a good idea... but its not at all practicle. Remember... Even Einstien was wrong on his first theroy!
Post a Comment