Security of Automated Teller Machines

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Automated Teller Machine In Dezfull, Southwest Iran

Automated Teller Machines (ATMs) were first introduced in 1939. Nowadays, about 3 million units are installed worldwide.[1]

As the number of ATM units increase, the machines are prone to hacker attacks, fraud, robberies and security breaches. In the past, the ATM machines' main purpose was to deliver cash in the form of bank notes and to debit a corresponding bank account. However, ATM machines are becoming more complicated, and they serve numerous functions, thus becoming a high priority target to robbers and hackers.


Modern ATM machines are implemented with high-security protection measures. They work under complex systems and networks to perform transactions. The data processed by ATMs are usually encrypted, but hackers can employ discreet hacking devices to hack accounts and withdraw the account's balance. As an alternative, unskilled robbers threaten bank patrons with a weapon to loot their withdrawn money or account.

Methods of looting ATMs[edit]

Main Article: ATM Fraud

ATM vandals can either physically tamper with the ATM machine to obtain cash, or employ credit card skimming methods to acquire control of the user's credit card account. Credit card fraud can be done by inserting discreet skimming devices over the keypad or credit card reader . The alternative way to credit card fraud is to identify the PIN directly with devices such as cameras concealed near the keypad.

Security measures of ATMs[edit]

PIN Validation schemes for local Transactions[edit]

  • On-Line PIN Validation

The validation of on-line PIN occurs if the terminal in question is connected to the central database. The PIN supplied by the customer is always compared with the recorded reference PIN in the financial institutions. However, one disadvantage is that any malfunction of the network renders the ATM unusable until it is fixed.

  • Off-Line PIN Validation

In off-line PIN validation, the ATM is not connected to the central database. A condition for off-line PIN validation is that the ATM should be able to compare the customer's entered PIN against the PIN of reference. the terminal must be able to perform cryptographic operations and it must have the required encryption keys at its disposal. The offline validation scheme is extremely slow and inefficient. Offline PIN validation is now obsolete, as the ATMs are connected to the central server under protected wireless networks.

  • PIN Validation for Interchange Transactions

There are three PIN procedures for the operation of a high security interchange transaction. The supplied PIN is encrypted at the entry terminal, during this step, a secret cryptographic key is used. In addition to other transaction elements, the encrypted PIN is transmitted to the acquirer's system. Then, the encrypted PIN is routed from the acquirer's system to a Hardware Security Module. Within it, the PIN is decrypted. With a cryptographic key used for interchange, the decrypted key is immediately reencrypted and is routed to the issuer's system over normal communications channels. Lastly, the routed PIN is decrypted in the issuer's security module and then validated on the basis of the techniques for on-line local PIN validation.

  • Shared ATMs [2]

There are different transaction methods used in shared ATMs with regards to the encipherment of PIN, and message authentication among them is the so called "ZONE ENCRYPTION". In this method, a trusted authority is appointed to operate on behalf of a group of banks so they could interchange messages for ATM payment approvals.

  • Hardware Security Module

For a successful communication between banks and ATMs, the incorporation of a cryptographic module, usually called security module is a critical component in maintaining proper connections between banks and the machines. The security module is designed to be tamper resistant.[3] The security module performs a plethora of functions, and among them is PIN verification, PIN translation in interchange, Key management and message authentication. The use of PIN in interchanges is causing concerns in security as the PIN can be translated by the security module to the format used for interchange. Moreover, the security module is to generate, protect and maintaing all keys associated with the user's network .

  • Authentication and Data Integrity

The personal verification process begins with the user's supply of personal verification information. These information include a PIN and the provided customer's information which is recorded on the bank account. In cases where there is a storage of a cryptographic key on the bank card, it is called a Personal key (PK). Personal identification processes can be done by the Authentication Parameter (AP). It is capable of operating in two ways. The first option is where an AP can be time invariant. The second option is where an AP can be time variant. There is the case where there is an IP which is based on both time variant information and on the transaction request message. In such a case where an AP can be used as a message authentication code (MAC), the use of message authentication is made recourse to find out stale or bogus messages which might be routed both into the communication path and the detection of modified messages which are fraudulent and which can traverse non-secure communication systems. In such cases, the AP serves two purposes.

Security [4][edit]

Security breaches in Electronic funds transfer systems can be done without delimiting their components. Electronic funds transfer systems have three components; which are communication links, computers, and terminals(ATMs). First, communication links are prone to attacks. Data can be exposed by passive means or direct means where a device is inserted to retrieve the data. The second component is computer security. There are different techniques that can be used to acquire access to a computer such as accessing it via a remote terminal or other peripheral devices such as the card reader. The hacker had gained unauthorized access to the system, so programs or data can be manipulated and altered by the hacker. Terminal security is a significant component in cases where cipher keys reside in terminals. In the absence of physical security, an abuser may probe for a key that substitutes its value.

See also[edit]


  1. ^ 3 Million ATMs Worldwide By 2015, 8 September 2015 Number of ATMs worldwide expected to hit 1.5 million in December 2005] article.
  2. ^ D.W. Davies & W. L. Price (1984). Security for computer networks : an introduction to data security in teleprocessing and electronic funds transfer. ISBN 0-471-90063-X. 
  3. ^ Hole, Kjell J. (2007). Automatic Teller Machines (PDF). NoWires Research Group, Department of Informatics, University of Bergen. 
  4. ^ Ross Anderson (1992). Perspectives - Automatic Teller Machines. Cambridge University. 

External links[edit]