[rrobukef]

My bank sent me a new card with the same PIN as my old card. Somewhere my bank has a backup of each and every PIN.

Now, it may be encrypted (not during renewal) or hashed (10000 values, <1s verification) but neither gives any security. (It's safer however than sending a new PIN with the card or in another letter)

[brokenmachine]

Of course the bank has your PIN (or hashed PIN), how else would they be able to check if you were entering it correctly?

The security is based on how hardened the server storing those PINs is.

[rrobukef]

By storing the public key of your unique debit card and you only have the PIN inside the chip. This limits attacks to physical access and trained professionals in chip deconstruction.

This however needs a way to send your initial PIN over an insecure channel. To limit the attack surface go to the secure website to receive your PIN (no humans) (either an old card/digital state ID) or go in person and force a new PIN.

[brokenmachine]

Thanks for the reply. Interesting, I didn't think of this possibility.

[flukus]

By storing it as a hash, just like how every other password should be stored.

[brokenmachine]

That's what I said.

> Of course the bank has your PIN (or hashed PIN)

All the previous poster said was that the bank said they sent him a card with the same PIN. The bank can do this by storing PINs or hashed PINs.

As rrobukef noted, storing a PIN hashed offers little additional security as storing them unhashed because of the small number of unique PINS that are possible.