personal identification number (PIN) phishing Marketplace A number of vendors offer PIDs of various kinds; some of the popular ones are Digipass Go from Mertek Sys� tems, IDDisk from Immtec Inc., SKV from Secure Sys� tems, and DigiPass Pro from Vasco. See Also: password, personally identifiable informa tion (PII) personal identification number (PIN) A unique identifier used together with a personal iden� tification device (PID). Overview Personal identification numbers (PINs) are used to pro� tect the security of PIDs by providing added proof that the person trying to use the PID is in fact the authorized owner. PINs are known only to the person who owns the PID and should never be divulged to anyone. PINs are typically numbers with four or more digits; the length of the number often is a characteristic of the type of PID being used. PINs help ensure that an individual’s per� sonally identifiable information (PII) stored on the PID remains private and does not fall into the hands of unau� thorized parties. See Also: personally identifiable information (PII), privacy personal information Another name for personally identifiable information (PII), information regarding the identity of a person. See: personally identifiable information (PII) personally identifiable information (PII) Information regarding the identity of a person. Overview Personally identifiable information (PII) is a term used in government, finance, and advertising to refer to personal information collected from individuals stored and for verifying their identity later. For example, an e-commerce Web site typically collects PII the first time a consumer purchases something from the site, and then stores this information in a database so the con� sumer won’t have to reenter it every time he or she returns. PII can include such things as name, country, street address, e-mail address, credit card number, Social Security number, government ID number, Inter- net Protocol (IP) address, or any other unique identifier associated with the individual. Fair Information Prac� tices (FIP), a set of standards governing collection and use of personal data that dates back to the U.S. Privacy Act of 1974, help protect the privacy of PII collected from individuals by industry and government. See Also: Fair Information Practices (FIP), identity theft, privacy PFS Stands for perfect forward secrecy, a property of an encryption scheme that makes it difficult to compromise. See: perfect forward secrecy (PFS) PGP Stands for Pretty Good Privacy, a popular e-mail encryption technology. See: Pretty Good Privacy (PGP) phishing Conning someone into telling you his or her password or other sensitive information. Overview While password cracking is an entirely technical approach to trying to obtain a user’s password, social-engineering approaches often are faster, easier, and have a higher rate of success. One organization per- formed a study and found that four out of five individu� als working for a company would tell you their password if you asked them in the right way; for exam- P 243 personal identification number (PIN) phishing Marketplace A number of vendors offer PIDs of various kinds; some of the popular ones are Digipass Go from Mertek Sys� tems, IDDisk from Immtec Inc., SKV from Secure Sys� tems, and DigiPass Pro from Vasco. See Also: password, personally identifiable informa tion (PII) personal identification number (PIN) A unique identifier used together with a personal iden� tification device (PID). Overview Personal identification numbers (PINs) are used to pro� tect the security of PIDs by providing added proof that the person trying to use the PID is in fact the authorized owner. PINs are known only to the person who owns the PID and should never be divulged to anyone. PINs are typically numbers with four or more digits; the length of the number often is a characteristic of the type of PID being used. PINs help ensure that an individual’s per� sonally identifiable information (PII) stored on the PID remains private and does not fall into the hands of unau� thorized parties. See Also: personally identifiable information (PII), privacy personal information Another name for personally identifiable information (PII), information regarding the identity of a person. See: personally identifiable information (PII) personally identifiable information (PII) Information regarding the identity of a person. Overview Personally identifiable information (PII) is a term used in government, finance, and advertising to refer to personal information collected from individuals stored and for verifying their identity later. For example, an e-commerce Web site typically collects PII the first time a consumer purchases something from the site, and then stores this information in a database so the con� sumer won’t have to reenter it every time he or she returns. PII can include such things as name, country, street address, e-mail address, credit card number, Social Security number, government ID number, Inter- net Protocol (IP) address, or any other unique identifier associated with the individual. Fair Information Prac� tices (FIP), a set of standards governing collection and use of personal data that dates back to the U.S. Privacy Act of 1974, help protect the privacy of PII collected from individuals by industry and government. See Also: Fair Information Practices (FIP), identity theft, privacy PFS Stands for perfect forward secrecy, a property of an encryption scheme that makes it difficult to compromise. See: perfect forward secrecy (PFS) PGP Stands for Pretty Good Privacy, a popular e-mail encryption technology. See: Pretty Good Privacy (PGP) phishing Conning someone into telling you his or her password or other sensitive information. Overview While password cracking is an entirely technical approach to trying to obtain a user’s password, social-engineering approaches often are faster, easier, and have a higher rate of success. One organization per- formed a study and found that four out of five individu� als working for a company would tell you their password if you asked them in the right way; for exam- P 243 . personal identification number (PIN) phishing Marketplace A number of vendors offer PIDs of various kinds; some of the popular ones are Digipass Go from Mertek Sys� tems, IDDisk from Immtec. anyone. PINs are typically numbers with four or more digits; the length of the number often is a characteristic of the type of PID being used. PINs help ensure that an individual’s per� sonally. a set of standards governing collection and use of personal data that dates back to the U.S. Privacy Act of 1 974 , help protect the privacy of PII collected from individuals by industry and