More on chip and pin - "A leading security expert has warned that new chip and pin credit and debit cards could be open to fraud".

I thought the justification for C&Ps security was particularly poor: "We don't think they can use fake machines because the machines themselves are engineered to read the chip so they must be reading the chip very carefully". Yeah but no but yeah but...

So - what's to stop me buying or stealing a real machine and altering it to record PIN numbers? Even if the cards themselves are difficult to forge (something which doesn't traditionally discourage forgers of, say, currency or digital set-top-box smartcards), the authentication data needed - your PIN number - is weak because it (a) will usually serve 2 purposes: to identify you when you're making a transaction, and when you're using an ATM, and (b) is far more easily faked than a signature.