3. Jens Martensson 3
History Of ATM
• Let us first get to know a brief history of this fantastic
machine
NCR
model -
5070 was
released
marking
the new
age for
ATM
which will
lead to
4million
ATMs in
2021
1980
NCR
launched
its first
ATM,
NCR
model
770
And the
use of
ATM
rose by
20%
1977
By the
end of
1971
around
1000+
ATM
machines
installed
around
the world
1971
The patent
was granted
for British
engineer
James
Goodfellow’
s concept of
a PIN that
could be
stored on
bank cards
1970
The ATM
made its
debut at
Barclays’
Enfield Town
branch in
north
London
Its invention
is credited to
British
inventor
John
Shepherd
Barron
1967
4. Jens Martensson 4
How ATM Works
Before diving into how an ATM works we first need to know what are the
various parts that constitute the ATM.
Parts of an ATM :
1. Input Devices
• Card Reader
• Keypad
2. Output Devices
• Speaker
• Display Screen
• Receipt Printer
• Cash Dispenser
3. Communication Modem
5. Jens Martensson 5
Card
Reader:Function:
The card reader captures the account information stored on the magnetic stripe on the back
of an ATM/debit or credit card. The host processor uses this information to route the
transaction to the cardholder's bank.
Working Principle :
The working of Card readers is divide into two types:
• Reads the information encoded in the
magnetic stripe located on the back of a
plastic badge• Magnetic stripe readers can be read by a
computer program through a serial port , USB
connection, or keyboard wedge , and are
generally categorized by the way they read a
badge• The magnetic stripe reader reads the
information by detecting the changes in
the magnetic field caused by the flux
reversals on the badge's magnetic stripe.
Magnetic Stripe
Reader
Chip Card Reader
(EMV)
• Each EMV card has an embedded
computer chip that stores cardholders’
bank details• When a chip card is dipped into a chip
card reader, the chip and reader
communicate with each other in an
encrypted language
• A new code is created for each
transaction and the data is encrypted the
moment the card is dipped. The encrypted
data is then sent to the acquirer
7. Jens Martensson 7
Keypad - The keypad lets the cardholder tell the bank what kind of transaction is required
(cash withdrawal, balance inquiry, etc.) and for what amount. Also, the bank requires the
cardholder's personal identification number (PIN) for verification. Federal law requires that the
PIN block be sent to the host processor in encrypted form
Speaker - The speaker provides the cardholder with auditory feedback when a key is pressed.
Display screen - The display screen prompts the cardholder through each step of the
transaction process. Leased-line machines commonly use a monochrome or color CRT(cathode
ray tube) display. Dial-up machines commonly use a monochrome or color LCD.
Receipt printer - The receipt printer provides the cardholder with a paper receipt of the
transaction.
Cash Dispenser - The heart of an ATM is the safe and cash-dispensing mechanism. The entire
bottom portion of most small ATMs is a safe that contains the cash.
8. Jens Martensson 8
WORKING MODES OF AN ATM
A leased-line ATM machine has a
4-wire, point to point dedicated
telephone line which helps in
connecting it with the host
processor. These types of
machines are preferred in places
where the user volume is high.
They are considered high end
and the operating costs of this
type of a machine is very high.
The dial-up ATM machines
only has a normal phone line
with a modem and a toll free
number. As these are normal
connections their initial
installation cost is very less
and their operating costs
only become a fraction of
that of a leased-line ATM.
10. Jens Martensson 10
ATM Communication encryption
Need for Encryption :
One common ATM security vulnerability involves so-called phantom withdrawals, in
which cash is taken from a cardholder's account, but neither the customer nor the bank
admits liability. Phantom withdrawals are sometimes the result of fraud on the part of
the customer, but ATMs can also be tricked into accepting bogus, skimmed or cloned
cards. ATMs generate a coded message, known as an Authorization Request
Cryptogram, which card issuers use to authenticate the card and card data.
AES
TRIPLE
DES
DES
11. Jens Martensson 11
Data Encryption Standard (DES)
Data Encryption Standard (DES) is a symmetric-key algorithm
it was constructed in the early 1970 at IBM (designed mostly by Horst Feistel)
it is a block cipher: the plaintext is processed to the ciphertext in number of block
hybrid of substitution cipher and permutation cipher
~ we are not able to use frequency analysis to crack DES
In the early 1970s it became apparent that the commercial sector
also has a need for cryptography
For example: corporate secrets must have been transmitted securely, ATM mach
needed encrypted messages etc.
12. Jens Martensson 12
Block size: 64 bits
Key size: 64 bits (56 relevant bits are used in the algorithm)
Number of rounds: 16
Number of subkeys: 16 (every subkey is 48 bits long)
Ciphertext size: 64 bits
Data Encryption Standard (DES) has a so-called Feistel-structure
1.) we have to split the plaintext into 64 bits long blocks
~ these blocks are the input in for the 16 rounds
2.) there are so-called rounds (iteration) during the encryption/decryption
~ for DES there are 16 rounds (substitutions, XOR operations etc.)
+ the input for every iteration is a 64 bits long block
3.) every round needs a different keys (it is called subkeys)
These keys are generated from the original 64 bits private key
4.) it’s main advantage is that encryption and decryption operations are very similar
(requiring only the reversal of the key schedule)
13. Jens Martensson 13
DIAGRAM OF DES
DATA ENCRYPTION
STANDARD
block of plaintext
(64 bits)
block ofciphertext
(64 bits)
T
R
A
N
S
P
O
S
I
T
I
O
N
T
R
A
N
S
P
O
S
I
T
I
O
N
R
O
U
N
D
1
R
O
U
N
D
2
R
O
U
N
D
3
...
R
O
U
N
D
1
6
key
(64 bits)
16. Jens Martensson 16
What is the initial permutation and its
inverse?
THESE TABLES DEFINE
THE LOCATION OF
THE GIVEN BITS
What is the PC-1 and PC-2 ?
PC-1
PC-2
some bits are
not used
this is why this
PC-2 selects 48
bits from the
original 56 bits
long key
17. Faults of the
DES
Cryptosystem
s
17
We can use brute-force approach to check all the possible
values for the keys
DES keyspace’s size = 2
56
the small size of the keyspace is the reason why DES
cryptosystem is no longer secure
“Deep Crack” has managed to crack DES with brute-force attack within 22 hours
~ it does not use any internal structure of the cryptosystem
just considers all the possible keys (linear search)
This is why DES was replaced by triple DES (TDES) and later with AES
Brute Force Attack
22. MAGSTRIPE
CARDS
Amagnetic stripe card is atype of card capable of storing
data by modifying themagnetism of tiny iron-based magnetic
particles on aband of magnetic material on the card.The
magnetic stripe, sometimes called swipe card or magstripe,
is read by swiping past a magnetic reading head. Magnetic
stripe cards are commonly used in credit cards, identity
cards, and transportation tickets.
22
Typical Magstripe ATM
Card
Information Encoded
within a Magnetic
Strip
23. Jens Martensson 23
How information is Stored in the magnetic
Strip
Data is in format of 1s
and 0s and thus storage
also happens in 1s or 0s
24. Jens Martensson 24
What Data Is
Stored in
Magstripes?
There are up to three tracks on magnetic cards known as tracks 1, 2,
and 3.
Track 3 is virtually unused by the major worldwide networks[, and
often isn't even physically present on the card by virtue of a narrower
magnetic stripe.Point-of-sale card readers almost always read track 1, or track 2, and
sometimes both, in case one track is unreadable. The minimum
cardholder account information needed to complete a transaction is
present on both tracks.
Track 1 has a higher bit density (210 bits per inch vs. 75), is the
only track that may contain alphabetic text, and hence is the
only track that contains the cardholder's name.
Let’s look into
the tracks
27. Jens Martensson 27
DEF CON 24
During DEF CON 24, Weston Hecker presented
Hacking Hotel Keys, and Point OfSales Systems. In
the talk, Hecker described the way magnetic strip
cards function and utilized spoofing software,[ and an
Arduino toobtain administrative access from hotel
keys, via service staff walking past him. Hecker claims
he used administrative keys from POS systems on
other systems, effectively providing access to any
system with a magnetic stripe reader, providing
access torun privileged commands
Vulnerabilities
of the
Magstripe
28. CHIP CARDS
Achip card is astandard-size plastic debit or credit card
which contains an embedded microchip as well as a
traditional magnetic stripe. The chip encrypts information to
increase data security when making transactions at stores,
terminals, or automated teller machines (ATMs). Chip cards
also are known as smart cards, chip-and-PIN cards, chip-
and-signature cards, and the Europay, MasterCard, Visa
(EMV) card.
28
Typical Chip ATM Card Chip of the Chip
Cards
29. Jens Martensson 29
How does a
chip Card
work?
The card when used for
payment generates a random
encrypted code which is
good for that transaction only
Based on that type of
encryption used the payment
terminal can use the
encryption keys to decrypt
the account information.
Payment is then authorised
and that too without
contacting the Card company
after you enter the PIN
(Provided you have sufficient
Balance)
30. Jens Martensson 30
Why is the chip card a problem for
hackers ??
But Nothing stays Un-hackable for
long. It only is a matter of time !!