> Also nothing says you can't use the same PIN for multiple cards; they're essentially the same security domain anyway ("a piece of plastic in your wallet") — most people don't have "more" and "less" trustworthy cards…
Why not have the same password for all your banking accounts then? But everyone says not to reuse passwords.
If someone takes your wallet, it'd be nice if they don't drain all the accounts based on figuring out the pin of one card?
Because in most cases you already use your card interchangeably across a wide variety of (hopefully sealed and certified) terminal devices.
Meanwhile your password is very specific to one website, and never entering it elsewhere is key to phising prevention.
(my "security domain" comment was probably worded a bit poorly with the reference to your wallet, the relevant point is that most people consider card terminals interchangeable.)
Why not have the same password for all your banking accounts then? But everyone says not to reuse passwords.
If someone takes your wallet, it'd be nice if they don't drain all the accounts based on figuring out the pin of one card?