ABOUT THE ATM (automatedteller machine) An ATM is an electronic device which allows abank’s customer to make cash withdrawalsand check their account balance at any timewithout the need for a human teller. Many ATMs also allow to deposit cash orchecques, and to transfer money betweentheir bank accounts.
PARTS OF THE ATM SYSTEM:1. Card Reader2. Keypad3. Speaker4. Display Screen5. Receipt Printer6. Cash dispenser7. Deposit slot8. Screen buttons
HOW ATM WORKS: The ATM acts as a data terminal. ATM hasto connect to or communicate through a hostcomputer. The host computer is analogous to anInternet Service Provider(ISP). The host computer is the gateway throughwhich all the various ATMs become available
Contd.. In an ATM system customers authenticatethemselves by using a plastic card with amagnetic stripe which is known as “ATM CARD”. The magnetic stripe encodes the customersaccount number and a numeric password which isknown as “PIN” (Personal Identification Number). The ATM prompts the user to insert the card. When the card is entered the customer’s PIN isrequested.
Contd.. The customer inputs his or her PIN. If the card is a valid card which can be processed bythe machine then it prompts the user to eithertransfer, deposit or withdraw cash. If the number is entered incorrectly several times ina row most ATMs will retain the card as a securityprecaution to prevent an unauthorized user. ATM needs and stores customer’s data on a smartcard.
NETWORKING CONCEPT: ATMs rely on authorization of afinancial transaction by the card issuer orother authorizing institutionvia the communications network. Most host computers can support eitherleased-line or dial-up machines. Leased-line machines connect directly to thehost computer through a four-wire, point-to-point dedicated telephone line.
Contd.. Dial-up ATMs connect the host computerthrough a normal phone line using a modem. The host computer may be owned by a bankor any financial institutions or it may be usedby an independent service provider.
Hardware and Software: An ATM contains secure crypto-processors, generally within an IBM PCcompatible host computer in a secureenclosure. The security of the machine relies mostly onthe integrity of the secure crypto-processor. A crypto-processor is a type of processorwhich processes encrypted data.
Contd.. ATM typically connects directly to their ATMtransaction processor via a modem over adedicated telephone line. ATM machines runs with operating systemssuch as Windows 2000 and Linux. ATM transactions are usually encrypted withDES. Most ATM are connected to inter-banknetwork.
GENERAL SECURITY: Modern ATM’s physical security concentrate ondenying the use of the money inside the machineto a thief or a fraud using some fraud detectiontechniques. Another trend in ATM security is the fortifiedcash dispenser which is replaced with nothingmore than a paper-tape printer. The customer requests a withdrawal from themachine which dispenses no money but merelyprints a receipt. The customer then takes thereceipt to the sales clerk and then exchange itfor cash.
Contd.. Some ATM system provides the security that ifyou withdraw certain amount per day or youdeposit, a prompt on the screen will ask you toenter your birthday and month to confirm youridentity. By ensuring that you are the real card holder itcan reduce the risks of the frauds. An additional security measure limits the totalamount of the ATM withdrawal to someparticular amount. This aims to reduce the amount of fraudwithdrawal.
SECURITY FEATURE:To provide security, ATM systems follows threedifferent mechanisms:Time-outInvalid cardStolen card• Time out: The customer may fail to enter the PINwithin the allowed time limit then the card isreturned.• Invalid card: The card is not recognized and isreturned.• Stolen card: The card is recognized as a stolencard and is retained by the machine.
DATABASE SECURITY: The ATM keeps all the information about theuser and the user’s account inside thecentralized database. Inside the database allthe information are stored in the form oftables(objects) which are more secure thanthe general file systems. The database also provide locking mechanismsto maintain safety and security of data.
NETWORK SECURITY:The ATM network system provides the followingfeatures: Authentication: The user is the one it claims tobe. Confidentiality: Only authorized users can accessthe content of the data. Integrity: The data is not to be altered by thethird party during the transmission.
Contd.. Non-repudiation(refuse to access): A usercant deny the fact that it has accessed aservice or data.ADDITIONAL FEATURES: Verifications of identity: Security system isable to establish and verify the claimedidentity of any actor in an ATM network. Protection of confidentiality: Stored andcommunicated data are confidential.
Contd.. Strong accountability: The entity can’t denythe responsibility of its performed action aswell as their effects. Alarm reporting: The security system is ableto generate alarm notification about certainselected security related events. Audit: When violations of security happensthe system is able to analyze the datarelevant to security.
Contd.. Security recovery:The security system is able to recover fromsuccessful or attempted failures of security.
PRECAUTIONS TO TAKE: Treat your ATM card like cash. Always keepyour card in a safe place. Keep your secret code as a secret. Don’t usedate of birth, address, phone number as yourPIN. Take your receipt on every ATM transactions.Don’t leave it or near the ATM counter. Report a lost or stolen card at once. ATM user should seek out a machine that islocated in a well-lighted area.