why does it use " ErrCounter >= limt " in the condition?

Question

in state machine diagram ,I don't understand why the condition is ErrCounter >= limit . i think it is good to write ErrCounter == limit .

Answer 1

ErrCounter >= limit is stronger than ErrCounter == limit. You have a gain with no risk.

This is to be on a safe side. The problem is there might be also something else that increments the ErrCounter while in one of the states (or even in transition) or the ErrCounter can be already equal to limit when starting the process (BTW this should lead to rejection anyway but never mind).

Let's make it a life example. Imagine those two scenarios (let's say limit = 3):

1. The card holder has already tried trice at some other point (e.g. in a shop) failing to use the correct pin. Now ErrCounter = 3. The card holder decides to give it another try in the ATM. The ATM reads the ErrCounter (as part of Authentication) and as the CheckPin failed (automatically due to too many earlier tries) now the ErrCounter is incremented again (so ErrCounter = 4). With weak case you can try again and again in an infinite loop.

2. The card is duplicated (you know, now it can be handled through any NFC phone for example). Imagine two people want to withdraw a large amount so they work simultaneously on two ATMs. The bad luck is that they find themselves in the situation where both of them make a mistaken the PIN twice. Let's say the ATM reads the current ErrCounter as part of Authentication. So we have (in brackets resultant ErrCounter):

   • partner 1 enters incorrect PIN on ATM1 (ErrCounter = 1)
   • partner 2 enters incorrect PIN on ATM2 (ErrCounter = 2)
   • partner 1 enters incorrect PIN on ATM1 (ErrCounter = 3). Partner 1's try (with phone) is now rejected
   • partner 2 enters incorrect PIN on ATM2 (ErrCounter = 4). If there wasn't >= it would again put an infinite loop of tries. With the stronger inequation this try is also rejected.