You are on page 1of 13

ATM Security

Nikola Matovic 670/06

ATM
An Automated Teller Machine (ATM) is a computerized

telecommunications device that provides the customers of a financial institution with access to financial transactions in a public space without the need for a human clerk or bank teller. teller - noun [C] - a person in a bank who receives and pays out money to customers

first electronic ATM was installed first in Enfield Town in North

London, United Kingdom on 27 June 1967 by Barclays Bank (invented by John Shepherd-Barron and others)

In 2006 over 1.500.000 ATMs worldwide

Allow you to withdraw cash from your bank account , to check your

account balance , to purchase cell phone credit or even to pay your bills
They are positioned near or inside banks, shopping centers, airports,

grocery stores, gas stations, restaurants, or any place large numbers of people may gather

ATM block diagram


CPU (to control the user interface and transaction devices) Magnetic card reader (to identify the customer) PIN Pad (similar in layout to a Calculator keypad)

Secure cryptoprocessor, generally within a secure enclosure Display (used by the customer for performing the transaction) Function key buttons (usually close to the display) or a Touchscreen Record Printer (to provide the customer with a record of their transaction) Vault (to store the parts of the machinery requiring restricted access) Housing (for aesthetics )

MAGNETIC CARD
Financial cards (credit/debit cards) , ID cards , subway tickets , drivers

licenses

Invented by IBM

Master Card 16 digit (4-9-1) , expiration date , Card Verification Code , magnetic

stripe , signature box

PIN Personal Identification Number - is a secret numeric password

that is used to identify whether you are authorized user or not. (4 digits number )

THE PROBLEM
Today one of the most widespread forms of crime is related to financials cards and ATM-s.
There are many groups and individuals who try to steal money from ATMs and peoples bank accounts in numerous ways every day.

Here are some of the most often forms of attack and some of the solutions and contra measures.

ATM Security

In Japan ATM-s containing palm and fingerprint scanners are used for many years now. ( Fujitsu Ltd. , Hitachi Ltd.)

ATM Security
Physical attacks :
Ram raiding Use of explosives Forms of protection : Concrete or steel pillars , electronic and mechanical

locks, sensors (vibration , temperature), Cash dyeing

ATM Security
Lebanese loop small , slim device that is hard to observe. It is inserted in the card reader mechanism by a criminal with intention to trap your card inside the ATM.

Forms of protection: Sensors that check if the card is in proper position , sensors that detect foreign objects inside ATM

ATM Security
SKIMMING - method that is most often used to acquire someone's credit card

data

Skimmer device that is used to read and store data from the credit card applying , false notifications

Forms of protection:

education speed control mechanisms Use of smart cards

ATM Security
PIN attacks :
shoulder surfing mini cams , directly

Private zones , mirrors , ergonomics education, **** symbols Use of EPPs (Ecrypting PIN Pads)

false PIN pad

PIN interception

LAST MINUTE ADVICES


Do not keep your PIN written on a piece of paper

along with your card. Do not use ATM if you spot any irregularities or abnormalities . Do not be embarrassed to cover PIN pad with your hand or your body . DO think that it can happen to you !