2. ABOUT THE ATM (automated
teller machine)
An ATM is an electronic device which allows a
bank’s customer to make cash withdrawals
and check their account balance at any time
without the need for a human teller.
Many ATMs also allow to deposit cash or
checques, and to transfer money between
their bank accounts.
3. PARTS OF THE ATM SYSTEM:
1. Card Reader
2. Keypad
3. Speaker
4. Display Screen
5. Receipt Printer
6. Cash dispenser
7. Deposit slot
8. Screen buttons
4. HOW ATM WORKS:
The ATM acts as a data terminal. ATM has
to connect to or communicate through a host
computer.
The host computer is analogous to an
Internet Service Provider(ISP).
The host computer is the gateway through
which all the various ATMs become available
5. Contd..
In an ATM system customers authenticate
themselves by using a plastic card with a
magnetic stripe which is known as “ATM CARD”.
The magnetic stripe encodes the customers
account number and a numeric password which is
known as “PIN” (Personal Identification Number).
The ATM prompts the user to insert the card.
When the card is entered the customer’s PIN is
requested.
6. Contd..
The customer inputs his or her PIN.
If the card is a valid card which can be processed by
the machine then it prompts the user to either
transfer, deposit or withdraw cash.
If the number is entered incorrectly several times in
a row most ATMs will retain the card as a security
precaution to prevent an unauthorized user.
ATM needs and stores customer’s data on a smart
card.
7. NETWORKING CONCEPT:
ATMs rely on authorization of a
financial transaction by the card issuer or
other authorizing institution
via the communications network.
Most host computers can support either
leased-line or dial-up machines.
Leased-line machines connect directly to the
host computer through a four-wire, point-to-
point dedicated telephone line.
8. Contd..
Dial-up ATMs connect the host computer
through a normal phone line using a modem.
The host computer may be owned by a bank
or any financial institutions or it may be used
by an independent service provider.
9. Hardware and Software:
An ATM contains secure crypto-
processors, generally within an IBM PC
compatible host computer in a secure
enclosure.
The security of the machine relies mostly on
the integrity of the secure crypto-processor.
A crypto-processor is a type of processor
which processes encrypted data.
10. Contd..
ATM typically connects directly to their ATM
transaction processor via a modem over a
dedicated telephone line.
ATM machines runs with operating systems
such as Windows 2000 and Linux.
ATM transactions are usually encrypted with
DES.
Most ATM are connected to inter-bank
network.
11. GENERAL SECURITY:
Modern ATM’s physical security concentrate on
denying the use of the money inside the machine
to a thief or a fraud using some fraud detection
techniques.
Another trend in ATM security is the fortified
cash dispenser which is replaced with nothing
more than a paper-tape printer.
The customer requests a withdrawal from the
machine which dispenses no money but merely
prints a receipt. The customer then takes the
receipt to the sales clerk and then exchange it
for cash.
12. Contd..
Some ATM system provides the security that if
you withdraw certain amount per day or you
deposit, a prompt on the screen will ask you to
enter your birthday and month to confirm your
identity.
By ensuring that you are the real card holder it
can reduce the risks of the frauds.
An additional security measure limits the total
amount of the ATM withdrawal to some
particular amount.
This aims to reduce the amount of fraud
withdrawal.
13. SECURITY FEATURE:
To provide security, ATM systems follows three
different mechanisms:
Time-out
Invalid card
Stolen card
• Time out: The customer may fail to enter the PIN
within the allowed time limit then the card is
returned.
• Invalid card: The card is not recognized and is
returned.
• Stolen card: The card is recognized as a stolen
card and is retained by the machine.
14. DATABASE SECURITY:
The ATM keeps all the information about the
user and the user’s account inside the
centralized database. Inside the database all
the information are stored in the form of
tables(objects) which are more secure than
the general file systems.
The database also provide locking mechanisms
to maintain safety and security of data.
15. NETWORK SECURITY:
The ATM network system provides the following
features:
Authentication: The user is the one it claims to
be.
Confidentiality: Only authorized users can access
the content of the data.
Integrity: The data is not to be altered by the
third party during the transmission.
16. Contd..
Non-repudiation(refuse to access): A user
cant deny the fact that it has accessed a
service or data.
ADDITIONAL FEATURES:
Verifications of identity: Security system is
able to establish and verify the claimed
identity of any actor in an ATM network.
Protection of confidentiality: Stored and
communicated data are confidential.
17. Contd..
Strong accountability: The entity can’t deny
the responsibility of its performed action as
well as their effects.
Alarm reporting: The security system is able
to generate alarm notification about certain
selected security related events.
Audit: When violations of security happens
the system is able to analyze the data
relevant to security.
19. PRECAUTIONS TO TAKE:
Treat your ATM card like cash. Always keep
your card in a safe place.
Keep your secret code as a secret. Don’t use
date of birth, address, phone number as your
PIN.
Take your receipt on every ATM transactions.
Don’t leave it or near the ATM counter.
Report a lost or stolen card at once.
ATM user should seek out a machine that is
located in a well-lighted area.
