Last week we added the ‘Use your MOT testing security card guidance’ to GOV.UK. The new guidance includes how to use your security card to access the MOT testing service, how to activate it, and what to do if you forget, lose or break your card.
As well as publishing this guidance I thought it would be useful to cover why we’re introducing this new security measure and how we’re testing them before the roll out.
How it’s safer than the PIN you currently use
Although the current PIN system is secure, it was always only meant to be a temporary measure before introducing the MOT security cards.
Your current PIN is something that only you know, just like a password. Over time, the risk of this becoming known to other people increases. This is why you should change your password every 3 months. Your PIN tends to remain unchanged, so is even more likely to become known.
In contrast, the new MOT security card displays a unique number each time it’s used. Since you don’t need to remember this, the security card is something that you have, rather than something you need to remember.
Together, these 2 factors (the password that you remember, and the security card that’s held) are known as 2-factor authentication. As long as you protect both factors, it’s far more secure than the current system.
Trialling the cards
In the run up to rolling out the MOT security cards later this year the user testing team has been visiting vehicle testing stations (VTS) and trialling the cards.
The first trials took place with VTS councils and at VTSs in Falkirk, Manchester, Widnes, Nottingham, London and Bristol. In these trials users tested registering and using the new cards.
Durability
As with any change, many questions and concerns were raised by testers. One initial concern was that the new card would be easily broken in a busy garage.
To prove how durable the new cards are, we dropped, bent and even stamped on a card in front of testers and it continued to work. The cards are also waterproof and designed to take general wear and tear in a garage environment.
The cost
Another concern raised was about the cost of the new cards. The cards will be provided free of charge to everyone who uses the MOT testing service. If you lose or break your card you’ll receive a replacement card free by second class post.
Next stage of testing
The next stage of testing will take place in September and will involve testers in over 300 VTSs trialling the card in a live testing environment.
Trialling the cards like this will make sure they work exactly how they are meant to before rolling them out to all testers later this year.
Further information
You can find the full details about the new MOT security card over on GOV.UK. Email MOT@vosa.gsi.gov.uk if you have any questions about the new card.
144 comments
Comment by Kieran Self posted on
Another absolute joke of a change by people who are out of touch with the day to day of MOT testing. Surely the only thing being gained here is there job security for another 6 months. Listen to the testers you TRUST every day to carry out MOTs please!!!
Comment by peter posted on
I totally agree with you.
Comment by Charles posted on
I love the bit that says it's been out on test. If it's anything like the new system that the DVSA lied threw their teeth about then this won't work either.
Comment by ben posted on
we should all know by now that the powers above never listen to the real world, people that actually work in the field every day! I look forward to months of the system crashing every day!
Comment by Sean posted on
The system is just about working properly after months of chaos and inefficiency. So now it's time for more changes! Will you ever learn that change for the sake of it, is pointless and disruptive. Remember the old adage, if it ain't broke don't fix it.
Comment by David posted on
They must sit in a office somewhere and think how can we inconvenience the tester and make their job much harder and slower with more headache . I don't see why this change is needed unless there is something we are not being told because I bet you could give log in details to any Joe public and they would have no chance of producing a MOT .
Comment by jon posted on
how many times did i leave my card at home or loose / brake it i can run out the house to work safe knowing i cant loose that number n my head just leave things alone
Comment by Kenny g posted on
Once again here comes the DVDs mallet have they read any comments from the previous blog on this new card - not a chance - you I.T. Anna racks need to live in the real testing climate instead of playing around with the system - it's working fine leave it alone
Comment by chris b posted on
well it seems like a joke a system that worked updated and endless problems ,first a phone call to see if you are green orange or red great now 3 hours on pc to keep standards up .have you really lost the plot .just cut after cut then privatise system when you had every thing in place to do your self ,just add a charge , over half of tester do not know what excevise is .you need checks at station to in prove first
Comment by Andy posted on
Like Martin has said,
A card that any person can press the button on or a pin number in your head, i have a different opinions on what's more secure!
Comment by Rod posted on
Here we go again, change for changes sake. If dvsa spent the money that this 'new idea' cost on training we wouldn't be getting ripped off for the new annual training. We have gone from free refresher courses every 5 years to being at the mercy of these training schools that can just name their price and us testers have no option but to pay. !
Angry from Devon
Comment by Andy posted on
I wonder if the cards have been tested against the massive magnetic interference from welding. How about heat damage from an engine your leaning over. Solvent damage from any and everything. The most likely will be from a vice or drop kicking another compounding piece of bureaucratic tosh that is ill thought and cost compounding on the grand scheme of things. Leave it alone the fiddlers will still fiddle. If you want ultimate security retinal scanners otherwise STOP IT
Comment by Ron posted on
It's time someone at DVSA USED their intelligence and thought this system through.
They ignore most of our comments and plod on, even reducing their own staff.
I can see a time in the future when testers will be micro chipped, all for security of course.
If we don't say NO they assume we mean YES.
Comment by Wyn posted on
Who pays for the card readers?another cost to garages that are making less out of an mot fee than what they did 10 years ago?if people are abusing the system tackle them and sort the genuine garages out from the dodgy ones!
Comment by Matters of Testing posted on
Hi Wyn,
You don't need a card reader for the new card. The new card displays a unique code every time you press the 'PRESS' button on the front of the card. You then enter this number along with your username and password every time you log in to the service.
Regards
Thomas
Comment by Ian Taylor posted on
Could someone tell us how man4 security breaches there have been in the last two years
Comment by Thomas (DVSA) posted on
Hi Ian,
The system has not been compromised.
The introduction of MOT security cards is part of the DVSA's continuing commitment to protect personal data and ensure the secure delivery of online public services.
Regards
Thomas
Comment by David posted on
As others have said, so long as you don't divulge your pin or password to anyone then there really is no need for this system. It seems like a lot of work and expense to fix a problem that doesn't exist and if it does then this isn't the solution anyway. Still we put up with the smart card system so why not take a step back to having to carry a card around at all times.
Comment by Dave.T posted on
Card readers?
You are supplying then I assume? Who will pick up the cost of them?
Old card readers have been disposed off by now, please advise.
Comment by Matters of Testing posted on
Hi Dave,
This new card doesn't require a card reader. It displays a unique code every time you press the 'PRESS' button on the front of the card. You then enter this number along with your username and password every time you log in to the service.
Regards
Thomas
Comment by Matt posted on
So being a garage owner I'm more concerned that staff can log in from home pub garden etc to log on and do an mot test.
Surely gettIng some way that mots can only be done on site is more of a priority! Any how we don't get listened to on here so not much point
Comment by Lloyd posted on
Does it mean we will all need a new vts device,,? And a card reader? And who will pay for it?
Comment by Matters of Testing posted on
Hi Lloyd,
The card will work with the existing system. You won't need a card reader to use the card. You'll get a unique code every time you press the 'PRESS' button on the front of the card. You then enter this number along with your username and password every time you log in to the service. The cards will be provided free of charge.
Regards
Thomas
Comment by Chris Taylor posted on
I don't know we're all these consultations take place I certainly have not been asked on my opinion of the new system and introduction of additional security.
When are the DVSA actually going to listen to the testers rather the Management side who haven't got a clue about the implications that arise from making the test more difficult.
When will all the computers talk to each other so the brake test data and emissions can be recorded electronically that would save time and make sense.
Comment by Dave posted on
This is just another way to make a system that seams to be working at the moment more unreliable and more user unfriendly. And who is going to pay for these cards the test stations or the customer in higher prices should just leave things alone as they are and iron out the little things on it before adding something that will go wrong the first time it's rolled out.
Comment by Phil Wilde posted on
Sorry but the only secure system has been used already.It was the smart card which could only be used in the smart card reader which was next to the computer and it had a photo of the N.T.on it.Only possible way to log a test on was to physically be at the computer.I logged a test on from home last September on our first day of the new and improved (note the Sarcasm)? out of hours from my kitchen table and immediately informed yourselves of the complete lack of security.
The UK Government has a track record of wasting millions in taxpayers money.Admit it....You've Botched it good and proper.
Bring back Photo smart card and reader.
It could be a pain,but nothing as amateur as this.
If it ain't broke,don't fix it.
Comment by Mark posted on
Something else to go wrong in my day great ?
Comment by Marko posted on
My thoughts exactly Mark,dvsa ask for tester input and tell us all how important it is to them but take no notice of testers thoughts or suggestions.this latest change will only make our job more frustrating,anyone would think that we are all in charge of public security
Comment by Michael Brown posted on
I thought DVSA where short on cash and cutting jobs and training courses. Seems like a lot of money is been spent in the wrong places for me. I'm starting to think is it really worth being a tester with all these changes every few months.
Comment by Chris Reed posted on
I'm all for security, and hi-tech MOTing. I thought we would be stuck with those wretched 'dial-up' modems forever. But I do wonder, are there really that many credentials stolen within the MOT scheme? And if so, would it really take that long to work out someone's I.D. / password combination had been stolen and where they were operating even?
Comment by Chris posted on
If it just produces a random number, how will the system know if the number that you have just entered is right or wrong?
Comment by Matters of Testing posted on
Hi Chris,
The card and the number it produces is linked to your account. When you get your card you need to activate it. Once activated the card will then only work with your account.
Regards
Thomas
Comment by Jack Perry posted on
This whole new MOT testing scheme has been riddled with problems from day 1. Security cards are an unnecessary safety e testers feature that is both a needless expense as well as will not really improve security. A more sensible idea is to force all testers to regularly change their pin as well as password. Security cards are also an item that can be abused, hacked, lost, forgotten or abused. It will also be extra inconvenient for testers like myself who test on a number of garages. This does pose the question that does anyone at VOSA who implement these ideas really think them through, obviously not!
Comment by del posted on
Been testing over 20yrs and have been a lot of changes in that time,more stuff to take in more checks to do more stuff to remember.jobs definitely getting harder.
Comment by Colin Stacey posted on
I was part of the initial video on the new system before it was rolled out , these cards were one of three options for us to comment on (the others were a type of dongle) we liked the card system at the time but DVSA in their infinate wisdom decided to go down another route ! Now after getting used to the system were on decide to change yet again ! , think it must be a case of job justification, really no point in it , ( glad im gonna retire soon !
Comment by Justin posted on
This is surely less secure than having a password in your head, anyone can find a user id for a tester and steal a card to carry out a dodgy mot from anywhere, this stinks of the massive waste of resources that dvsa keep on doing, is this why goods vehicle stations are closing? If I have a missing emissions print out I run the risk of losing my licence but dvsa can put the whole operation at risk with no chance of discipline or scrutiny
Comment by david posted on
no explanation of card reader how it will link in can it be used with an I pad
or smart phone as we were originally told..
sounds to be less versatile.
a backward step
any card is less secure than pins and passwords that are remembered
by the sole user.
Comment by Matters of Testing posted on
Hi David,
You don't need a card reader for the new card. The new card displays a unique code every time you press the 'PRESS' button on the front of the card. You then enter this number along with your username and password every time you log in to the service.
Regards
Thomas
Comment by bob posted on
yet another degree educated uni person thats never worked in an mot testing station not good idea at all
trying putting back the items that are missing that are essential to carrying out mots.
Comment by malc posted on
Do you people ever read these blogs or listen to managers and tester ? the problem with security is that you can log on anywhere any time and mot a car you have never seen!!! jeez wake up please
Comment by tony Gingell posted on
The reason that the new card is being introduced is because the present system is not fully secure. The current "PIN" was only deemed as a temporary measure until a more satisfactory system could be introduced. Also, if the card is always left locked in the safe at night, tests "down the pub" can't be done. (Only applicable to static testers as those who travel from site to site will have to take it with them.)
Comment by Richard hewitt posted on
At our garage we all use our tablets.1 each,will this mean to use reader do we have to change our computers again.or do we have a reader each that generate a number.like banks do?
Comment by Phred posted on
Every comment I have read on this blog says don't do it. Why don't you listen to what the testers are saying!
Comment by Big Sarge posted on
It is a sad fact of life that anything/everything is open to misuse if money is involved.
The whole system is a bit of a joke when you can log a test on your phone so long as you are connected to the internet and it will let you log on two computers at the same sight.
It should have been designed with testers and hackers,this unfortunately wont stop misuse.
Comment by steve white posted on
why can't you just leave things alone, think it maybe time to call time on my mot career.
Comment by Nick heritage posted on
Security card is a waste off time the system works well now why change something when there is no need. A code stored safely in my head is better than one on a card that someone could pick up and use. This idea is less secure surely dvsa you can see that. Leave it like it is don't change it.
Comment by M litchfield bott posted on
Once again another time consuming exercise and more to remember. i,m by far it literate and like thing how they are so please leave it alone it really isnt broken but soon could be if you start messing about,
Comment by Paul Kellett posted on
No more secure then the present system. More stuff to have in your wallet and to accidentally loose or leave on the desk. The old original system relied on yiy being at work any un scrupulous so and so can use there phone from home to do a test, this will make it no different as it's still a internet based system.
Comment by Paul posted on
Leave it as it is,Works perfectly well, just something else to carry around all day with you,or leave at home,
Comment by peter posted on
what about the security issue where it is possible to mot a mates vehicle from a pub via a mobile phone in the early hours . it would be better to make the system more secure so a test can only be logged on from the actual station , I think this should be easy to implement with today's software!!!!
Comment by Matt posted on
Absolutely right! So ridiculous
Comment by steve posted on
Another issue with trust, the system was designed for easy use its failed on every update and over 12 months , it is just about useable so it is the right time for DVSA to put there boot in .as we are leaving the EU they wont be able to blame them for the new regs, and if they think a card will stop the hacker they are so mistaken. WAKE UP DVSA and if you have problems with hackers track them down and leave honest tester to do there jobs.
Comment by Paul posted on
Let's get rid of a number ln our heads and use a card that's lying around ?
Is it just me ?
Comment by Alan peacock posted on
With had the smart cards not so long ago would this be the same principle
Comment by Martin (another one) posted on
I really do wonder if the people who come up with these idea's have any idea how the real world operates.
If you could buy them for what they are worth and sell them for what they think they are worth we would all be rich.
Comment by jim nelson posted on
why mend it when its not broken (or is it ?)
Comment by Robert Rann posted on
Yet another change!! I have been a tester for over thirty years
because of all the changes having to study & take a test yearly, I am defeated therefore taking myself off the scheme in January.
Comment by Steve posted on
I Don't usually comment on the blogs. But this seems an unnecessary 'fix'. I don't know my guys log in or pins, nor they mine as it should be. I'm wondering where the security breaks down? Surely it can only be from the tester OR is it a system vulnerability? If these cards are anything like a bank pin code generator, Jeez I'll be locked up after a day! 🙁
I hope they are robust for day after day testing... ....
As a note the current system really seemed to be working well. Leads me to think there must be an issue with some testers? If so discipline them rather than add this extra layer for everyone else? They will only abuse this system too?
Comment by Andy posted on
Can't wait ? I'm guessing it's a bit like a bank security thing. Generates a new number every time you use it and you get a certain amount time to use it ?
Comment by Peter posted on
How is a pin in your head any less secure than your NON CHANGING user ID? You've used the argument for removing the PIN as it's less secure but you've failed to mention the user ID that never changes and that is still in use. Sorry but this system is less secure than the current one, I know other users user IDs as its on the business profile page, how is this more secure?
Comment by G. campbell posted on
What happens when there's a fault with the card. Boss wont be very happy if no tests done for 3 days whilst waiting for 2nd class post to come through.
Comment by Matters of Testing posted on
Hi G. Campbell,
You can still use the service if you’ve forgotten, lost or broken your card.
You just sign in to the service using your username and password.
On the ‘Your security card PIN’ page click on ‘Lost, forgotten or damaged security card’.
Answer your 2 security questions to sign in.
You don’t have to pay for a replacement card if yours is lost or stolen.
Regards
Thomas
Comment by Alan posted on
I have been a tester for 4 decades. I have a bank A/C for over 40 yrs with the same Bank. My pin HAS NEVER CHANGED. NEVER been hacked robbed. What is VOSA ..Thinking about .. Yeah Total waste of money and resources. And with charging US. THE TESTER for Assessment. Another money making exercise by the mockery mouse government. Ok I better get OFF My soapbox. We have 6 testers and they all say the same. Thought WE are doing the Government a Service. Hmmm. Comments Please .!@!!
Comment by CASTROLROB posted on
same options for changing card as before then?lost,forgotten,damaged-i.e. all YOUR fault.what about an option for faulty?doesnt work and never has?damaged in post?most of my smart cards died with no damage whatsoever,3 never worked at all but the only option I had for re-order was DAMAGED!
Comment by mark posted on
it wont change because somewhere along the line someone will be making a lot of money its just one big con.leave it as it is, don't you think there has been enough changes.
Comment by Dave Motterham posted on
Im sorry to say but in the last 11 years of testing i have never let anyone know my logins and pins.Mind reading is not true so wheres the problem. The problems do happen when cards are left around. It works as it is so leave it alone but I suppose its happening so why worry !
Comment by Martin posted on
A card that any person can press the button on or a pin number in your head, i have a different opinions on what's more secure!
Comment by Sean posted on
great more changes. As soon as you get used to somethin they change it again.
Comment by Guy posted on
No mention of card reader as old one disposed off just thought,?
Comment by Chris Baker posted on
So are we back to the old situation that while waiting for second class post for a replacement card you are unable to test?
Comment by Matters of Testing posted on
Hi Chris,
You'll still be able use the service if you’ve forgotten, lost or broken your card.
You just sign in to the service using your username and password.
On the ‘Your security card PIN’ page click on ‘Lost, forgotten or damaged security card’.
Answer your 2 security questions to sign in.
You don’t have to pay for a replacement card if yours is lost or stolen.
Regards
Thomas
Comment by tom devaney posted on
The same person that might learn your pin could guess two security questions like whats you dogs name.
This is not progress stopping dodgy mots with sign in from a constantly changing ip address is more important
Comment by Murray posted on
Why change something that is not broken like the old style card bring it back & dump the new form logins.
Comment by mark posted on
i dont know why we have this blog they never listen to our thoughts
Comment by Simon posted on
Yes to pin No to card
Comment by Ken posted on
I totally agree they will not listen to real people in real situations