Today I tried to withdraw money from my Canadian bank account at one of these neat Japanese ATMs that support, among others, the Plus ATM network ... only to realise that I cannot recall my PIN - for the 5th fucking time. I tried only a second time because I was afraid the third time would invalidate my bank card. And why do I have such a high tendency to forget my PIN? It's because I almost never use it. I almost always rely on credit card and web banking (the password of which is a lot more secure yet easier to remember than my PIN). Furthermore, as a security paranoid, I never write down my PIN and I don't use any part of my address, telephone number, or birthday as PIN.
Thank god I remember the PIN to my Hong Kong bank account, which by chance is also Plus ATM compatible. So I withdrew money from my HK bank account instead. Problem solved.
It still bugs me that many banks still rely on 4- to 6-digit PINs though. What's the biggest temptation for non-security-conscious people when creating such a PIN? I'm just guessing but I'm probably not far off: birthday or last digits of telephone number. Why haven't banks switched to biometrics already? It's more secure and more convenient than the PIN anyway. Border control at many countries already uses fingerprint (+ facial recognition between Hong Kong and China). Considering that some countries are paranoiac about terrorists, if border control can rely on biometrics to identify people, why can't banks use the same technology for stuff that is not even immediately life-threatening? Cost does not seem to be a valid impedance to implementing biometrics at ATMs. Who says banks must replace all ATMs at once? Can't they start by installing a new one at every branch (or the biggest ones) first, and slowly phase out the old, PIN-only models.
Am I missing something?