Jump to content

Security of automated teller machines

From Wikipedia, the free encyclopedia

Automated Teller Machine In Dezfull, Southwest Iran

Automated teller machines (ATMs) are targets for fraud, robberies and other security breaches. In the past, the main purpose of ATMs was to deliver cash in the form of banknotes, and to debit a corresponding bank account. However, ATMs are becoming more complicated and they now serve numerous functions, thus becoming a high priority target for robbers and hackers.

Introduction

[edit]

Modern ATMs are implemented with high-security protection measures. They work under complex systems and networks to perform transactions. The data processed by ATMs are usually encrypted, but hackers can employ discreet hacking devices to hack accounts and withdraw the account's balance. As an alternative, unskilled robbers threaten bank patrons with a weapon to loot their withdrawn money or account.

Methods of looting ATMs

[edit]

ATM vandals can either physically tamper with the ATM to obtain cash, or employ credit card skimming methods to acquire control of the user's credit card account. Credit card fraud can be done by inserting discreet skimming devices over the keypad or credit card reader. The alternative way to credit card fraud is to identify the PIN directly with devices such as cameras concealed near the keypad.

Security measures of ATMs

[edit]

PIN validation schemes for local transactions

[edit]

On-Line PIN validation

[edit]

The validation of on-line PIN occurs if the terminal in question is connected to the central database. The PIN supplied by the customer is always compared with the recorded reference PIN in the financial institutions. However, one disadvantage is that any malfunction of the network renders the ATM unusable until it is fixed.

Off-Line PIN validation

[edit]

In off-line PIN validation, the ATM is not connected to the central database. A condition for off-line PIN validation is that the ATM should be able to compare the customer's entered PIN against the PIN of reference. the terminal must be able to perform cryptographic operations and it must have the required encryption keys at its disposal.

The offline validation scheme is extremely slow and inefficient. Offline PIN validation is now obsolete, as the ATMs are connected to the central server over protected networks.

PIN validation for interchange transactions

[edit]

There are three PIN procedures for the operation of a high-security interchange transaction. The supplied PIN is encrypted at the entry terminal, during this step, a secret cryptographic key is used. In addition to other transaction elements, the encrypted PIN is transmitted to the acquirer's system. Then, the encrypted PIN is routed from the acquirer's system to a hardware security module. Within it, the PIN is decrypted. With a cryptographic key used for interchange, the decrypted key is immediately re-encrypted and is routed to the issuer's system over normal communications channels. Lastly, the routed PIN is decrypted in the issuer's security module and then validated on the basis of the techniques for on-line local PIN validation.

Shared ATMs

[edit]

There are different transaction methods used in shared ATMs with regards to the encipherment of PIN, and message authentication among them is so-called "zone encryption". In this method, a trusted authority is appointed to operate on behalf of a group of banks so they could interchange messages for ATM payment approvals.[1]

Hardware security module

[edit]

For successful communication between banks and ATMs, the incorporation of a cryptographic module, usually called a security module is a critical component in maintaining proper connections between banks and the machines. The security module is designed to be tamper resistant.[2] The security module performs a plethora of functions, and among them is PIN verification, PIN translation in interchange, key management and message authentication. The use of PIN in interchanges is causing concerns in security as the PIN can be translated by the security module to the format used for interchange. Moreover, the security module is to generate, protect and maintaining all keys associated with the user's network.[3]

Authentication and data integrity

[edit]

The personal verification process begins with the user's supply of personal verification information. This information includes a PIN and the provided customer's information which is recorded on the bank account. In cases where there is a storage of a cryptographic key on the bank card, it is called a personal key (PK). Personal identification processes can be done by the authentication parameter (AP). It is capable of operating in two ways. The first option is where an AP can be time-invariant. The second option is where an AP can be time-variant. There is the case where there is an IP which is based on both time-variant information and on the transaction request message. In such a case where an AP can be used as a message authentication code (MAC), the use of message authentication is made recourse to find out stale or bogus messages which might be routed both into the communication path and the detection of modified messages which are fraudulent and which can traverse non-secure communication systems. In such cases, the AP serves two purposes.

Security

[edit]

Security breaches in electronic funds transfer systems can be done without delimiting their components. Electronic funds transfer systems have three components; which are communication links, computers, and terminals (ATMs). First, communication links are prone to attacks. Data can be exposed by passive means or direct means where a device is inserted to retrieve the data. The second component is computer security. There are different techniques that can be used to acquire access to a computer such as accessing it via a remote terminal or other peripheral devices such as the card reader. The hacker had gained unauthorized access to the system, so programs or data can be manipulated and altered by the hacker. Terminal security is a significant component in cases where cipher keys reside in terminals. In the absence of physical security, an abuser may probe for a key that substitutes its value.[4]

See also

[edit]

References

[edit]
  1. ^ D.W. Davies & W. L. Price (1984). Security for computer networks : an introduction to data security in teleprocessing and electronic funds transfer. ISBN 0-471-90063-X.
  2. ^ Hole, Kjell J. (2007). Automatic Teller Machines (PDF). NoWires Research Group, Department of Informatics, University of Bergen. Archived from the original (PDF) on 2008-11-19. Retrieved 2009-03-16.
  3. ^ "What Triggers an ATM Alarm?". ATMAlarms.com. ATM Alarms.
  4. ^ Ross Anderson (1992). Perspectives - Automatic Teller Machines. Cambridge University. Archived from the original on 2008-03-27. Retrieved 2008-03-16.{{cite book}}: CS1 maint: location missing publisher (link)
[edit]