[lutorm]

Someone wrote a criticism of the chip&pin system a while ago. I don't remember the link, but they were arguing that this system also had serious security flaws. The most memorable one was that while before people who held you up for your ATM card and PIN had to physically go to an actual ATM to see if the PIN you gave them worked, now they can get to work on you with a pair of pliers and a blowtorch until the card reader says "Pin OK" without risk of revealing themselves to an ATM camera. They claimed that this has already happened.

[DougBTX]

The fix for that, if we're remembering the same article, was simply to have the card reader display junk output instead of "bad pin". The bad output could then be entered into the bank website three times, and then block the account from there too.

[lutorm]

Yes that would be possible. Only my card reader still says "pin ok".