A serious weakness has been discovered in the methods used by banks to protect the personal identification numbers that lets consumers get money from automatic teller machines.

BBC News reports that researchers from the University of Cambridge have found that the computer systems that check these numbers are valid are easy to defeat.

The researchers warn these weaknesses could be exploited to raid customer accounts.

They have called on banks to revise their security arrangements and use more open procedures to protect customers’ cash.

The problem lies with cryptoprocessors used to scramble information keyed into an ATM so it cannot be intercepted.

The cryptoprocessors also scramble the program that a bank’s computers run when checking if the Pin number you submitted is valid.

According to the BBC report, security researchers Michael Bond and Richard Clayton have found serious weaknesses in the software cryptoprocessors use to handle the encryption keys as they talk to different programs.

“Cryptoprocessors are the mainstay of the banking world,” said Bond. “A lot of cryptoprocessors are built around the same design and they will have the same kind of faults.”

To remedy the situation the researchers said banks needed to patch the software systems that handle the encryption keys and be more open with their security procedures.