[anxx]

This is curious, why can it only be entered in hardware? Is it a safety precaution?

[E14n]

You need control of the hardware to insure security. Think about what you could do if you run the credit card verification software in a debugger.

[samwillis]

Yes, if the pin number is entered into the software running on the phone then that software can easily be changed to log people pin numbers.

[anxx]

True, but eventually the hardware PIN has to become a software PIN that will be transmitted. Why is it more difficult to sniff out hardware PINs?

[lawtguy]

The PIN is only transmitted to the chip embedded in the card. If the PIN matches, the smart card chip authorizes the transaction. So the PIN is never transmitted to the card processor, just the authorization message from the card. They only allow specialized tamper-proof terminals for Chip and PIN cards as that's the only place you could sniff the PIN.