User talk:Vatlieb


 * Automated Teller Machine Communication Security

Introduction
Automated Teller Machine are one of the most important discoveries in the twentieth century. The first model was presented in 1939. Nowadays, roughly about 1,5 million are installed all over the world. In the consideration of ATM, there are different aspects that should be taken into consideration. First, one has to have an idea about the communication within ATMs. In addition to that, the issue of security is of paramount importance due to the fact that all over the world, there is an increasing use of ATMs and so the risks of hacking turn to be a reality more than ever before.In the past, the function of Automated teller Machines was in strong opposition to their function today. Their function was one dimensional. That is, they were designed mainly to deliver cash in the form of bank notes and to debit a corresponding bank account. In the form of a plethora of cards, tokens were used in order to identify a user. As for the withdrawal of money, different methods were used. For instance, punched cards that had only a long life were used. By the use of such cards, only one payment was authorized. Thereby, a user had to get a supply of cards from his/her bank in the sense that the punched cards were not returned to the users. Another example was the use of a magnetic card which had a limited life. The use of such cards allowed; for instance, twenty withdrawals of money. It should be noted that right from the beginning, personal identification number PIN has been of a very great importance in the overall operation . The use of it has been done with the aim to decrease the risks that might result from the loss of cards and the misuses that might be connected to that. In fact, in the past as well as in the present, there have been different aspects in the consideration of the designing and the communicative basics of Automated Teller Machines. One aspect of it has been how communication between its participants could be possible. The second of it has been to take into consideration the purposes which could be a part and a parcel of any communicative act. In this context, it should be noted that there are different participants involved in ATMs communication. To cite but a few of them, in an ATM communication, there are remote partners and interfaces to the outside world and these interfaces are in their turn subject to more than one classification. The first interface represents the relationship between the End-user and Automated Teller Machine. The second interface occurs between the ATM and the central bank computer.

== Protection of Communication ==

PIN validation, Management and Algorithmic Checking
The method of checking relies on an algorithm which is typically a cipher with a secret key.

On-Line PIN Validation
The validation of on-line PIN occurs if the terminal in question is connected to the central data base. The customer's entered PIN is always compared against as in the financial institutions recorded PIN of reference.

Off-Line PIN Validation
In off-line PIN validation, the ATM is not connected to the central data base. A condition for off-line PIN validation is that the ATM should be able to compare the customer's entered PIN against the PIN of reference. the terminal must be able to perform cryptographic operations and it must have at its disposal the required encryption keys

PIN Validation for Interchange Transactions
There are three PIN procedures for the operation of a high secure interchange transaction. PIN is encrypted at the entry terminal, a secret cryptographic key is used. In addition to other transaction elements, the encrypted PIN is transmitted to the acquirer's system. Second the encrypted PIN is routed from the acquirer's system to a Hardware Security Module. Within it, with the use of the cryptographic key of the terminal, the PIN will be decrypted. With a cryptographic key used for interchange, the decrypted key will be immediately reencrypted and will be routed to the issuer's system over normal communications channels. Third, the routed PIN will be decrypted in the issuer's security module and then validated on the basis of the techniques for on-line local PIN validation.

=
Shared ATMs ===== There are different methods used in shared ATMs with regards to the encipherment of PIN and message authentication among them is the so called "ZONE ENCRYPTION". In this method, a trustful authority is appointed to operate on behalf of a group of banks so as they could interchange messages for ATM payment approvals.

Hardware Security Module
For a successful communication between a bank and ATMs, the incorporation of a cryptographic module named security module is of a very great importance. The security module is designed to be tamper resistant. The security module performs a plethora of functions among them PIN verification, PIN translation in interchange, Key management and message authentication. As far as the use of PIN in interchanges is concerned, the PIN can be translated by the security module from the cryptographic key and format used by ATM to the format used for interchange. Moreover, the generation, the control, the maintenance and the protection of all keys associated with the user's network are within the capacities of the security module.

Authentication und Data Integrity
In the consideration of the personal verification process, it should be noted That it begins with the user's supply of personal verification information. It is "the users remembered information". These information include among others a PIN and the provided customer's information which is recorded on the bank card. In cases where there is a storage of a cryptographic key on the bank card, it is called Personal key (KP). the performance of personal identification can be done by the Authentication Parameter (AP). There are two possible ways of its operation. On the one, an AP can be time invariant. In such a case, an AP of reference can be stored in a verification table at the issuer and it can be precomputed. On the other, an AP can be time variant. In such a case, we have the dynamic computation of an AP of reference. Another point worth mentioning is the case where we have an IP which is based on both time variant information and on the transaction request message. In such a case where an AP can be used as a message authentication code (MAC), the use of message authentication is made recourse to find out stale or bogus messages which might be routed both into the communication path and the detection of modified messages which are fraudulent and which can traverse non-secure communication systems. In such cases, AP turns out to perform a double purpose. That is, it must be made recourse to for personal verification and message authentication. In cases where a duplicate of AP is recorded in a verification table at the authenticating code or where the authenticator is able to compute an AP of reference, the personal authentication code is used. In cases where it is not possible to assure the integrity of the verification table or the secrecy and the integrity of the recorded information to compute the AP of reference, then the personal identification can dwell on ID, AP and a personal authentication code (PAC).

Security
A first approximation of security exposures in Electronic funds transfer systems can be done without delimiting their components. Electronic funds transfer systems have three components; namely communication links, computers, and terminals(ATMs). To begin with, communication links are subject to attacks. There are two techniques made recourse to as far as the inception of messages is concerned. On the one, they are subject to attack by the use of passive techniques such as listening. On the other, they might be subject to attack by active techniques such as data alteration and substitution. Moreover, both techniques can be used in combination. The second component is computer security. There are different techniques that can be used in order to have access to a computer such as the access to it via a remote terminal or other peripheral devices as the card reader. As a result of such attacks, abusers could copy, replace or even destroy programs or data saved in or being processed in a computer system. As for terminal security, it is of a great importance in cases where cipher keys reside in terminals. In the absence of physical security, an abuser may be probe for a key or substitute its value. In order to avoid such abuses, the preserving of both the integrity of non-secret parameters and the confidentiality of secret parameters should be incorporated. Moreover, the use of public key cryptosystem (PKC) where public keys in the Electronic funds transfer are made recourse to prove to be insecure in the absence of physical security at the entry points. Moreover, as a public key allows the terminal the authentication of the response messages received from the issuer, for the generation of the MACs on transaction request messages sent to the issuer, a secret key is still needed. In the conduction of transactions at the Electronic funds transfer terminal, the only required thing is personal verification. That is, the authentication of a message between the EFT terminal and the issuer is theoretically not required. In such a case, the installation of a public key in the Electronic funds transfer terminal would be adequate as far as the permission of personal verification is concerned

Conclusion
The application of cryptography to electronic funds transfer systems has shown that attacks may occur in different systems that are part of them. In other words, the protection of Electronic funds transfer terminals from the attacks of outsiders who do not have an authorization is realized. Their protection from insiders who possess an authorization is an impossible task. In order to go beyond these problems, the implementation of physical security, procedural protection and cryptography in combination should be made recourse to.

Image copyright problem with Image:Shared ATMs.jpg
Thank you for uploading Image:Shared ATMs.jpg. However, it currently is missing information on its copyright status. Wikipedia takes copyright very seriously. It may be deleted soon, unless we can determine the license and the source of the image. If you know this information, then you can add a copyright tag to the image description page.

If you have any questions, please feel free to ask them at the media copyright questions page. Thanks again for your cooperation. NOTE: once you correct this, please remove the tag from the image's page. STBotI (talk) 22:28, 16 March 2008 (UTC)

Image
Hey there,

You replaced the image Hsm.jpg‎ with anouther image, please re-upload your image under anouther name. Thank You! 24.106.210.194 (talk) 00:09, 18 March 2008 (UTC)