Last week we added the ‘Use your MOT testing security card guidance’ to GOV.UK. The new guidance includes how to use your security card to access the MOT testing service, how to activate it, and what to do if you forget, lose or break your card.
As well as publishing this guidance I thought it would be useful to cover why we’re introducing this new security measure and how we’re testing them before the roll out.
How it’s safer than the PIN you currently use
Although the current PIN system is secure, it was always only meant to be a temporary measure before introducing the MOT security cards.
Your current PIN is something that only you know, just like a password. Over time, the risk of this becoming known to other people increases. This is why you should change your password every 3 months. Your PIN tends to remain unchanged, so is even more likely to become known.
In contrast, the new MOT security card displays a unique number each time it’s used. Since you don’t need to remember this, the security card is something that you have, rather than something you need to remember.
Together, these 2 factors (the password that you remember, and the security card that’s held) are known as 2-factor authentication. As long as you protect both factors, it’s far more secure than the current system.
Trialling the cards
In the run up to rolling out the MOT security cards later this year the user testing team has been visiting vehicle testing stations (VTS) and trialling the cards.
The first trials took place with VTS councils and at VTSs in Falkirk, Manchester, Widnes, Nottingham, London and Bristol. In these trials users tested registering and using the new cards.
Durability
As with any change, many questions and concerns were raised by testers. One initial concern was that the new card would be easily broken in a busy garage.
To prove how durable the new cards are, we dropped, bent and even stamped on a card in front of testers and it continued to work. The cards are also waterproof and designed to take general wear and tear in a garage environment.
The cost
Another concern raised was about the cost of the new cards. The cards will be provided free of charge to everyone who uses the MOT testing service. If you lose or break your card you’ll receive a replacement card free by second class post.
Next stage of testing
The next stage of testing will take place in September and will involve testers in over 300 VTSs trialling the card in a live testing environment.
Trialling the cards like this will make sure they work exactly how they are meant to before rolling them out to all testers later this year.
Further information
You can find the full details about the new MOT security card over on GOV.UK. Email MOT@vosa.gsi.gov.uk if you have any questions about the new card.
144 comments
Comment by keith posted on
Any improvement in security is good but would the money involved not have been better spent tracking and punishing grossly negligent or deliberately fraudulent stations.
I also wonder how long the cards will last and how long before we end up paying for them ...directly or indirectly...still cost can always be added to the cost of "training" we are now forced to accept just to do our jobs !!!
Comment by Jezza posted on
Don'y like the idea of a NEW card to keep safe. Anyway VOSA should spend more time and money closing down dodgy mot stations who also happen to be main dealers where technicians are under pressure to get jobs including MOT's completed quickly so MOT's are not tested properly.
Comment by phil posted on
As you can now tell from the comments, sercurity is not the problem with the public, but within the testing station its self,, you have missed the point again, so a bent tester( and theres lots of them) can take his card with him and issuse a test any where in the country. One of the worst things you have done is to do away with the 5 year training refresher, which you had to attend in person with your id card and take the test yourself.
What is goint to happen, is some one at the testing station will do the assesment for some one else, why fix that's not broken we had a sercure system and you have totaly screwed it up, now we have to pay for training and this has just allowed outside organisations jumping on the band wagon to make money, Not happy with any of theses issues, when are we goint to get the pound charge we had for the coputer and stationary you supplied, we are not stupid you have slowly put that responsiblity on to us, think we havent noticed ???? that pound would pay for our training
phil
Comment by Paul Hooker posted on
we only carry out tests at our garage. not down the pub as I have seen mentioned but when you check your vts test logs you can see the ip address and it changes quite often (you have to download the log to see this) so even when you are testing at your vts the ip address can change during the days testing, I think it it only the first few numbers of the ip is important
Comment by Big Sarge posted on
The only way to tighten up security is to log ip address everytime its used and lock out wrong ip.
The system can be used anywhere in the world you have internet access and a test logged on,even from smart phone,these cards will make no difference to bent testers.
Comment by Marcus posted on
So what happen if the button gets pressed accidently and you miss the pin
Comment by Thomas (DVSA) posted on
Hi Marcus,
The PIN appears for a short while when the button is pressed. If you manage to miss the PIN for any reason just press the button again and it will display again.
Regards
Thomas
Comment by Farooq posted on
On new MOT testing security card they will appear tester name is wall.
Comment by Graham posted on
So aswell as making the system more secure is there any gps technology in the cards to see were it is being used?
Comment by Thomas (DVSA) posted on
Hi Graham,
The cards won't contain any GPS technology.
Regards
Thomas
Comment by Graham posted on
When you press the button to get the unique number, this will have to go through so kind of server, so can this pin point a rough location through cell sites? Not that im the type of person to log on from down the pub, quite the oppositte actually, i am just interested in how they work thanks
Comment by Paul t posted on
They don't connect to anything. Each card produces it's own pin and when you mark your card against your name the site knows what pins your card can give. Simple as that.
Comment by Graham posted on
If it knew what numbers your card gave then the first number you get would work every single time which wont happen. The card must send a signal to a national database so before you enter the pin number into the computer, it knows what number you should be entering. Judging by the size of the card this has to be done via a mobile sim system, if it is it will give your rough location through cell sites. So if it normally uses the local say 5 cell masts, then one saturday afternoon it connects to a cell mast 10 miles away, it will flag up for vosa to investigate.
Comment by Geoff posted on
I have no problem with the cards but by incorperating GPS when the card is activated it would be far more secure
Comment by ian posted on
in other words big brothers watching you , the people coming up with these ideas should do 8 mots a day everyday and see how the feel about all these changes after 20 years of testing!!! there attitudes would change i can asure you!!!!!!!
Comment by Steven posted on
This is disappointing and not necessary. The current memorable PIN and login codes are more than adequate. This will not stop me be able to test at my local pub or my house which is where the real problem lies with the current system and how it can be abused.
Comment by d bradley-scrivener posted on
agreed with carl this wont stop the problems with doing tests away from the station on bent tests
Comment by cheekyboy posted on
so is this pin replacing our password we change every 3 months or the pin we use when we finish an mot? if its replacing the password will we still use our 6 digit pin when we log off?
Comment by Thomas (DVSA) posted on
Hi,
The card is replacing the PIN you currently use. After you've signed in using your user ID and password in the normal way, press the button on the front of your card to generate a PIN which you'll then enter into the MOT testing service. You'll need to use the card every time you log in to the service.
By using the PIN generated by your security card it means you are working securely in the system. The time out function happens after you've registered a vehicle then go away and test, so you'll still need to log in to record the test result.
Regards
Thomas
Comment by cheekyboy posted on
ok cool thank you
Comment by Stephen posted on
Who gets to keep the pin machine if an MOT Tester leaves that station.
Comment by Thomas (DVSA) posted on
Hi Stephen,
There won't be any pin machine you have to use. You'll get your unique PIN by pressing the 'press button' on the front of your card.
This short animation shows you how to get your PIN https://mattersoftesting.blog.gov.uk/wp-content/uploads/sites/19/2016/06/button-press-test.gif
You then enter this number along with your username and password every time you log in to the service. You should make sure you keep your card safe. You should treat it like a personal bank or credit card. Once the card has been registered to you no one else will be able to use it.
Regards
Thomas
Comment by Rob Mortimore posted on
Will trainers and assessor for the MOT qualification need a security card?
Comment by Thomas (DVSA) posted on
Hi Rob,
No, trainers and assessors for the MOT qualification won't need a security card.
Regards
Thomas
Comment by Robert shotton posted on
My computer logs off mot website after 20 minutes. Will I have to sign in with a different number for the same test ??
Comment by cheekyboy posted on
you should be logging off after you have registered the car for test anyway
Comment by Thomas (DVSA) posted on
Hi Robert,
You will need to use your new card to generate a number each time you log in. You won't have to remember this number, you'll just need to enter the number the card displays every time you log in.
Regards
Thomas
Comment by Richard posted on
I'm not fussed either way, it's not a big deal, I use one for my online banking. I'm just curious as to the security of the card, will it have to be locked away in a safe when not in use or can I keep it in my wallet like my bank one, what if it's left out, say under the keyboard and we get a DVSA visit, would that be a punishable with points?
Comment by Jerry posted on
I like the old pin number system but I'm happy to go with the new card. I didn't lose/break/burn the old smart card so I don't think this one will be a problem. If you don't lose/break/burn your tools regularly then you should be able to take care of the card especially if you take MOT Testing seriously.
Comment by martin nunn posted on
Unfortunately any system is open to abuse.. passwords can be shared by dodgy testers when people go on holiday or off sick etc. BUT so can cards be passed around.
This also does NOT solve the issue of knowing if a tester is actually on the premises while doing the test as dodgy testers can simply take there card with them or hand them to another person who may not even be a tester!
The only real way to solve the problem is to have dedicated phone lines as before or insist test stations use a static IP address or use location enabling on mobile devices. So any activity can be traced to make sure testers are actually at the station and not down the pub!
Comment by G Parkin posted on
2nd class post for a replacement card . So a week without testing. Boy my Boss is sure going
to be happy NO card NO wages NO revenue for MOT station.......So clever
Comment by Thomas (DVSA) posted on
Hi G Parkin,
You'll still be able to login to the MOT testing service and test whilst you wait for your replacement card. You'll just to need to answer 2 security questions to sign in.
Regards
Thomas
Comment by darren posted on
so why do you need a card if you can still sign in without it...pointless having a card in the first place
Comment by Thomas (DVSA) posted on
Hi Darren,
Signing in using your security questions is only a temporary measure which needs to be in place to allow you to continue testing whilst you wait for a replacement card.
Regards
Thomas
Comment by Liam Metcalfe posted on
Yet again a total waste of time and money. If anyone is going to abuse the system then they will, regardless of a pin number or security card or any other piece of security. If it aint broke don't fix it?!
Comment by Phil Wilde posted on
People.
Let us embrace this new technology that has been forced on us.We too can now be like these high pressure office workers who have to contend with faulty air conditioning and no sugar in the coffee machine.
We too, can have "Work from Home" days!?
No more working in a cold garage.We only need the reg,last 6 of the vin and fuel type and Jeremy Kyle on the telly and hey presto the country's road are safe!
Thank you DVSA. What a fantastic idea.You all deserve a massive bonus and a better company car.?
Comment by DAVID posted on
STEPHEN I THINK YOU WILL FIND IT HAS ALWAYS BEEN THAT WAY REGISTERED 1/9/13 WILL EXPIRE 31/8 ALWAYS HAS DONE THE COMPUTER HASN'T CHANGED THAT,STILL DONT AGREE WITH HAVING ANOTHER CARD THOUGH HOW SECURE DOES SOMETHING HAVE TO BE
Comment by dave b posted on
the expiry date should be the same as the date of first registration when i did my car at three years old it was the same.
Comment by roger and steve. posted on
des is bang on correct, use your recorces to out the dodgy testers and cut price garages that are getting us all a bad name .
Comment by Raju posted on
Yes, I aggre.
Vosa should spend more time and money on getting rid of corrupt NTs and doggy VTS s .
This card is a bad idea for start !
"Don't fix , if its not broken "
Comment by Eddie Hawkins posted on
Lots of negative views, No system is secure there is always someone out there who wants to beat it .Having not seen the new card it sounds like the one the banks use which gives you a random no each time its used if it is ,it is tried and tested
Comment by castrolrob posted on
im not disagreeing its a tried and tested system,my problem is hows it gonna improve security?if the guys issuing moody tickets currently are happy to use their password+pin how is a random number generator gonna improve that?some of these guys give their password and pin to other folks to use,they aint even gonna need to do that now,just pass your card to some one else and leave em to it.improving the security involves ves going round and looking,trouble is people cost money so they laid most of em off.i have no difficulty with system improvements to reduce fraud etc but this one is pointless and is being performed as I mentioned in my post because an mp thinks its a bright idea not because it will reduce fraud.even dvsa don't want it but as the relevant dept they have been tasked with rolling it out.
Comment by Frank Simon vescia posted on
Cards are easily damaged and lost I have had to replace my card five times because it cracked and could not be used.Are you reintroducing spare cards again at sites.THANKYOU.
Comment by David posted on
Am I missing something, how will this stop this 'logging on from the pub' that supposedly (according to this blog) goes on. Surely I could still log on anywhere so long as I have the card with me.
Comment by Paul posted on
I can understand why we're going back to smart cards, however I agree with des
Come on government spend some money on cracking down on the dodgy garages
Comment by bill dodds posted on
ive only just stopped opening the safe to get the old card out!
Comment by castrolrob posted on
so the card will be replaced free if lost/broken/burned thru with stray mig weld/wiped by the assorted magnetic fields we work with then?dont see any mention of how you test till iyour replacement arrives tho.we have password and 6 digit pin already and this is more than acceptable to the banking system let alone a poorly thought out government data system.please be honest with us,this has been brought in because some mp wanted to make a point,the remains of dvsa were against the idea so stop trying to sell it to us.we will use it because we have to,not because its needed or wanted.just more wasted public money and another layer of garbage for us to snag for the powers that be.
Comment by Thomas (DVSA) posted on
Hi Rob,
You'll still be able to log in to the system and test if your card is lost or broken by answering 2 security questions. Once we've been notified that your card is broken / lost you'll receive a replacement card free of charge by second class post.
Regards
Thomas
Comment by castrolrob posted on
so we will answer 2 security questions for the duration that it takes 2nd class post to reach us?at least its a system that wont slow us down....yeah,right!.so whats wrong with a spare card as per comp 1 then?.as an aside why am I having to address a gvmnt blog to find information that used to be freely disseminated?has the sn facility now been disabled?i have learned more about this system from my own efforts on mot forums than the ministry has yet provided me which is (at best) poor.,given that you've been cooking this up for a year or more and we have yet to receive so much as a clear timetable my hopes are not high,can only hope to be disappointed in this.
Comment by Thomas (DVSA) posted on
Hi Rob,
A vehicle testing station won't receive a spare card as once a card is activated it's linked to one user only and can't be reallocated to anyone else. You'll receive an special notice (SN) about the new MOT security cards towards the end of September.
Regards
Thomas
Comment by stoker posted on
The security number should be required on completion not at sign in of a test in same way as we do now,as this prevents data errors when entering details on to another testers live page
this is common problem when several testers use the same pc that was resolved with 6 figure pin no.
Comment by Tony S posted on
I guess you should never have another testers live page in front of you when you go to log on!!!
Comment by Graham posted on
You should always sign out when your away from your computer, if someone else enters results on your page its your fault. Same as leaving an old smart card in machine (points off vosa
Comment by Stephen posted on
So you waste money on this idea. But customers are loosing a day on there MOT expiry on there first test. Why not rectify this problem.
For instance car first registered Sept 01st 2013 the expiry date should be the 01st. instead it's August 31st, hhh
and you wan't customers to be happy with this.
Comment by Lee posted on
Looks like a bit of a backtrack to me.
Comment by darren posted on
what a total waste of time and money spent on this ludicrous idea,do DVSA ever read or listen to our comments its us on a day to day running of our garages/mot stations that have to put up with this constant rubbish the keep throwing at us.why on earth dont they leave it as it was only you know yr password and pin number why change but hey ho it probably some office bod who come up with this idea,what they should do is come and work at the mot station and see how long it will take them to get fed up with it,PLEASE DVSA ask the people who work at the MOT statoins what we think not just come out with them,i can understand why so many testers want to give up
Comment by vinnie green posted on
waste of money
Comment by christopher butcher posted on
who realistically will have a card on them all day, to get lost in a customers car, fall on the floor and lost etc etc. people being people the card will get left at the mot terminal for anyone to see. no-one can see the number in my head
Comment by Rick Harvey posted on
take it you never was a tester who had a smart card then. DVSA are always looking out for safety and security. no system is foolproof but at least DVSA are trying. this may mean everything is a bit more secure than at present
Comment by Dave posted on
I wonder how much the agency that thought of this was paid ? why not just change your password ?
Comment by Des posted on
Rubbish idea instead of making all these changes why not spend more effort removing the easily found dodgy garages in the testing scheme. That would make it safer straight away!!
Comment by Simon Ott posted on
Ahhh, back to the days of grovelling around under car seats looking for a card that's fallen out of your pocket. How I've missed that!
I wonder how many people will keep theirs under the keyboard like they used to with the old cards.
The old card was no use to a fraudster unless he got your secret password as well, so the tester had to be in on the scam as well. Now all they need is your readily available user ID and your card and they're away.
Comment by Ian posted on
The old system with card reader was the best and I believe was secure!!
Comment by Rizwan waris posted on
A photo would look good on the new cards
Comment by phil posted on
"Your current PIN is something that only you know, just like a password. Over time, the risk of this becoming known to other people increases. This is why you should change your password every 3 months. Your PIN tends to remain unchanged, so is even more likely to become known."
why not give us a new pin number every 3 months?
I'm sure most people would prefer that than having a card they have to take care of
Comment by Barry posted on
You honestly believe that having a new PIN every 3 months in addition to a new password every 3 months is an easier option than this new card? I can just imagine the backlash if that was implemented!
I for one don't mind the new card being introduced, I had no problems using the previous card which I kept in a top breast pocket of my overalls through the working day and in the safe at night. I do prefer the current method but certainly don't think it's going to be the massive upheaval and ordeal to use like some testers are making it out to be!
Comment by phil posted on
Hi Barry,
No I don't think having to remember a new PIN number every 3 months is a good idea.
But I really don't think going back to a card you need to test is a good idea ether
The previous smart card system was OK, for me it was OK for the first six or so years, then it went to really annoying.
First smart card six years every smart card after that lasted less than three months.
I think I was on about nine cards when they got rid of them
Comment by Carl posted on
Another change with no legislation change to back it up. Every mot station in the UK is operating unregulated because the current 6th edition of the MOT testing guide is completely out of date. The only legal regulations a VTS can follow is the mot testing guide not .gov websites etc this has been going on for almost a year now