SlideShare a Scribd company logo

ATM machine and its reverse engineering

Download as PPTX, PDF
Akash Chakraborty
Akash Chakraborty

We will focus on the reverse engineering of the ATM which has developed since the 1970s

Science
1 of 31
Reverse Engineering the ATM Todaywearegoingonanincrediblejourneyin reverseengineeringtheAutomatedtellermachine andseehowitiswhatitisnow.
Jens Martensson Topics To be Covered 1. HowATMworks 2. HowATMnetworkworks 3. Howwasandisthecommunication encrypted 4. DESandAESCryptosystems 5. AtmCardsandhowtheywork 6. Cardsecurity 2
Jens Martensson 3 History Of ATM • Let us first get to know a brief history of this fantastic machine NCR model - 5070 was released marking the new age for ATM which will lead to 4million ATMs in 2021 1980 NCR launched its first ATM, NCR model 770 And the use of ATM rose by 20% 1977 By the end of 1971 around 1000+ ATM machines installed around the world 1971 The patent was granted for British engineer James Goodfellow’ s concept of a PIN that could be stored on bank cards 1970 The ATM made its debut at Barclays’ Enfield Town branch in north London Its invention is credited to British inventor John Shepherd Barron 1967
Jens Martensson 4 How ATM Works Before diving into how an ATM works we first need to know what are the various parts that constitute the ATM. Parts of an ATM : 1. Input Devices • Card Reader • Keypad 2. Output Devices • Speaker • Display Screen • Receipt Printer • Cash Dispenser 3. Communication Modem
Jens Martensson 5 Card Reader:Function: The card reader captures the account information stored on the magnetic stripe on the back of an ATM/debit or credit card. The host processor uses this information to route the transaction to the cardholder's bank. Working Principle : The working of Card readers is divide into two types: • Reads the information encoded in the magnetic stripe located on the back of a plastic badge• Magnetic stripe readers can be read by a computer program through a serial port , USB connection, or keyboard wedge , and are generally categorized by the way they read a badge• The magnetic stripe reader reads the information by detecting the changes in the magnetic field caused by the flux reversals on the badge's magnetic stripe. Magnetic Stripe Reader Chip Card Reader (EMV) • Each EMV card has an embedded computer chip that stores cardholders’ bank details• When a chip card is dipped into a chip card reader, the chip and reader communicate with each other in an encrypted language • A new code is created for each transaction and the data is encrypted the moment the card is dipped. The encrypted data is then sent to the acquirer
Jens Martensson 6 MAGSTRIP READER CHIP READER
Jens Martensson 7 Keypad - The keypad lets the cardholder tell the bank what kind of transaction is required (cash withdrawal, balance inquiry, etc.) and for what amount. Also, the bank requires the cardholder's personal identification number (PIN) for verification. Federal law requires that the PIN block be sent to the host processor in encrypted form Speaker - The speaker provides the cardholder with auditory feedback when a key is pressed. Display screen - The display screen prompts the cardholder through each step of the transaction process. Leased-line machines commonly use a monochrome or color CRT(cathode ray tube) display. Dial-up machines commonly use a monochrome or color LCD. Receipt printer - The receipt printer provides the cardholder with a paper receipt of the transaction. Cash Dispenser - The heart of an ATM is the safe and cash-dispensing mechanism. The entire bottom portion of most small ATMs is a safe that contains the cash.
Jens Martensson 8 WORKING MODES OF AN ATM A leased-line ATM machine has a 4-wire, point to point dedicated telephone line which helps in connecting it with the host processor. These types of machines are preferred in places where the user volume is high. They are considered high end and the operating costs of this type of a machine is very high. The dial-up ATM machines only has a normal phone line with a modem and a toll free number. As these are normal connections their initial installation cost is very less and their operating costs only become a fraction of that of a leased-line ATM.
Jens Martensson 9 ATM NETWORK How the request for cash is generated and how that request is routed and returns the response
Jens Martensson 10 ATM Communication encryption Need for Encryption : One common ATM security vulnerability involves so-called phantom withdrawals, in which cash is taken from a cardholder's account, but neither the customer nor the bank admits liability. Phantom withdrawals are sometimes the result of fraud on the part of the customer, but ATMs can also be tricked into accepting bogus, skimmed or cloned cards. ATMs generate a coded message, known as an Authorization Request Cryptogram, which card issuers use to authenticate the card and card data. AES TRIPLE DES DES
Jens Martensson 11 Data Encryption Standard (DES) Data Encryption Standard (DES) is a symmetric-key algorithm it was constructed in the early 1970 at IBM (designed mostly by Horst Feistel) it is a block cipher: the plaintext is processed to the ciphertext in number of block hybrid of substitution cipher and permutation cipher ~ we are not able to use frequency analysis to crack DES In the early 1970s it became apparent that the commercial sector also has a need for cryptography For example: corporate secrets must have been transmitted securely, ATM mach needed encrypted messages etc.
Jens Martensson 12 Block size: 64 bits Key size: 64 bits (56 relevant bits are used in the algorithm) Number of rounds: 16 Number of subkeys: 16 (every subkey is 48 bits long) Ciphertext size: 64 bits Data Encryption Standard (DES) has a so-called Feistel-structure 1.) we have to split the plaintext into 64 bits long blocks ~ these blocks are the input in for the 16 rounds 2.) there are so-called rounds (iteration) during the encryption/decryption ~ for DES there are 16 rounds (substitutions, XOR operations etc.) + the input for every iteration is a 64 bits long block 3.) every round needs a different keys (it is called subkeys) These keys are generated from the original 64 bits private key 4.) it’s main advantage is that encryption and decryption operations are very similar (requiring only the reversal of the key schedule)
Jens Martensson 13 DIAGRAM OF DES DATA ENCRYPTION STANDARD block of plaintext (64 bits) block ofciphertext (64 bits) T R A N S P O S I T I O N T R A N S P O S I T I O N R O U N D 1 R O U N D 2 R O U N D 3 ... R O U N D 1 6 key (64 bits)
Working of the DES Algorithm 14
15 Left Circular Shift Let us work out an example:
Jens Martensson 16 What is the initial permutation and its inverse? THESE TABLES DEFINE THE LOCATION OF THE GIVEN BITS What is the PC-1 and PC-2 ? PC-1 PC-2  some bits are not used  this is why this PC-2 selects 48 bits from the original 56 bits long key
Faults of the DES Cryptosystem s 17  We can use brute-force approach to check all the possible values for the keys DES keyspace’s size = 2 56  the small size of the keyspace is the reason why DES cryptosystem is no longer secure “Deep Crack” has managed to crack DES with brute-force attack within 22 hours ~ it does not use any internal structure of the cryptosystem just considers all the possible keys (linear search) This is why DES was replaced by triple DES (TDES) and later with AES Brute Force Attack
Jens Martensson 18 AES Advanced Encryption Standars ItbecameapparentthatDESisnolongersecure:sotherewasaneed for anothertrulysecurecryptosystem AES(originalnameisRijndael)wasconstructedin2001by VincentRijmenandJoanDaemen thisisthestate-of-the-artcryptosystemevenin2018 itisaprivatekeycryptosystemwiththreedifferentkeylenghts–128, 192and256 itisablockcipherBUTithasnothingtodowithFeistelstructure ~itstoresthevalues(plaintext,key,ciphertext)inmatrixform
Jens Martensson 19 Features of AES Data representation 
Jens Martensson 20 Procedure of AES The Add Round Key nd XOR The Shift Rows Function MIX Columns
CAN WE CRACK AES ??
MAGSTRIPE CARDS Amagnetic stripe card is atype of card capable of storing data by modifying themagnetism of tiny iron-based magnetic particles on aband of magnetic material on the card.The magnetic stripe, sometimes called swipe card or magstripe, is read by swiping past a magnetic reading head. Magnetic stripe cards are commonly used in credit cards, identity cards, and transportation tickets. 22 Typical Magstripe ATM Card Information Encoded within a Magnetic Strip
Jens Martensson 23 How information is Stored in the magnetic Strip Data is in format of 1s and 0s and thus storage also happens in 1s or 0s
Jens Martensson 24 What Data Is Stored in Magstripes? There are up to three tracks on magnetic cards known as tracks 1, 2, and 3. Track 3 is virtually unused by the major worldwide networks[, and often isn't even physically present on the card by virtue of a narrower magnetic stripe.Point-of-sale card readers almost always read track 1, or track 2, and sometimes both, in case one track is unreadable. The minimum cardholder account information needed to complete a transaction is present on both tracks. Track 1 has a higher bit density (210 bits per inch vs. 75), is the only track that may contain alphabetic text, and hence is the only track that contains the cardholder's name. Let’s look into the tracks
THE TRACK- 1 25
THE TRACK- 2 26
Jens Martensson 27 DEF CON 24 During DEF CON 24, Weston Hecker presented Hacking Hotel Keys, and Point OfSales Systems. In the talk, Hecker described the way magnetic strip cards function and utilized spoofing software,[ and an Arduino toobtain administrative access from hotel keys, via service staff walking past him. Hecker claims he used administrative keys from POS systems on other systems, effectively providing access to any system with a magnetic stripe reader, providing access torun privileged commands Vulnerabilities of the Magstripe
CHIP CARDS Achip card is astandard-size plastic debit or credit card which contains an embedded microchip as well as a traditional magnetic stripe. The chip encrypts information to increase data security when making transactions at stores, terminals, or automated teller machines (ATMs). Chip cards also are known as smart cards, chip-and-PIN cards, chip- and-signature cards, and the Europay, MasterCard, Visa (EMV) card. 28 Typical Chip ATM Card Chip of the Chip Cards
Jens Martensson 29 How does a chip Card work? The card when used for payment generates a random encrypted code which is good for that transaction only Based on that type of encryption used the payment terminal can use the encryption keys to decrypt the account information. Payment is then authorised and that too without contacting the Card company after you enter the PIN (Provided you have sufficient Balance)
Jens Martensson 30 Why is the chip card a problem for hackers ?? But Nothing stays Un-hackable for long. It only is a matter of time !!
Thank YouAkash Chakraborty Akash.chak1999@gmail.com Akash.chakraborty@st.niituniversity.in People Encandiu m, Technolog y Non

Recommended

Examen clinique en prothèse partielle
Examen clinique en prothèse partielle Examen clinique en prothèse partielle
Examen clinique en prothèse partielle Abdeldjalil Gadra
 
Coude fractures
Coude fracturesCoude fractures
Coude fracturesmedo parta
 
技術的負債との戦い方
技術的負債との戦い方技術的負債との戦い方
技術的負債との戦い方Iosif Takakura
 
la Chirurgie
la Chirurgiela Chirurgie
la ChirurgieKaram Kabriti
 
Les differentes conception
Les differentes conception Les differentes conception
Les differentes conception Abdeldjalil Gadra
 
L'occlusion en prothèse totale amovible : POP-DVO-RC
L'occlusion en prothèse totale amovible : POP-DVO-RC L'occlusion en prothèse totale amovible : POP-DVO-RC
L'occlusion en prothèse totale amovible : POP-DVO-RC ChouroukOmari
 
La physiopathologie de l’arthrose
La physiopathologie de l’arthroseLa physiopathologie de l’arthrose
La physiopathologie de l’arthroseArthrolink des Laboratoires Expanscience
 
Msup fractures
Msup fracturesMsup fractures
Msup fracturesmedo parta
 

Recommended

Examen clinique en prothèse partielle
Examen clinique en prothèse partielle Examen clinique en prothèse partielle
Examen clinique en prothèse partielle Abdeldjalil Gadra
 
Coude fractures
Coude fracturesCoude fractures
Coude fracturesmedo parta
 
技術的負債との戦い方
技術的負債との戦い方技術的負債との戦い方
技術的負債との戦い方Iosif Takakura
 
la Chirurgie
la Chirurgiela Chirurgie
la ChirurgieKaram Kabriti
 
Les differentes conception
Les differentes conception Les differentes conception
Les differentes conception Abdeldjalil Gadra
 
L'occlusion en prothèse totale amovible : POP-DVO-RC
L'occlusion en prothèse totale amovible : POP-DVO-RC L'occlusion en prothèse totale amovible : POP-DVO-RC
L'occlusion en prothèse totale amovible : POP-DVO-RC ChouroukOmari
 
La physiopathologie de l’arthrose
La physiopathologie de l’arthroseLa physiopathologie de l’arthrose
La physiopathologie de l’arthroseArthrolink des Laboratoires Expanscience
 
Msup fractures
Msup fracturesMsup fractures
Msup fracturesmedo parta
 
La prothèse partielle en résine
La prothèse partielle en résineLa prothèse partielle en résine
La prothèse partielle en résineBougandoura Mehdi
 
4. phenomenes de croissance COURS ODF
4. phenomenes de croissance COURS ODF 4. phenomenes de croissance COURS ODF
4. phenomenes de croissance COURS ODF ssuser402aa2
 
Les couronnes céramométalliques 2
Les couronnes céramométalliques 2Les couronnes céramométalliques 2
Les couronnes céramométalliques 2Abdeldjalil Gadra
 
Les attachements prothétique
Les attachements prothétique Les attachements prothétique
Les attachements prothétique Abdeldjalil Gadra
 
Realisation du chassis au laboratoire
Realisation du chassis au laboratoireRealisation du chassis au laboratoire
Realisation du chassis au laboratoireAbdeldjalil Gadra
 
4 gingivectomie
4 gingivectomie4 gingivectomie
4 gingivectomieAbdeldjalil Gadra
 
Les intermédiaires de bridge
Les intermédiaires de bridgeLes intermédiaires de bridge
Les intermédiaires de bridgeAbdeldjalil Gadra
 
Diagnostic de l'edenté partiel5 6-7
Diagnostic de l'edenté partiel5 6-7Diagnostic de l'edenté partiel5 6-7
Diagnostic de l'edenté partiel5 6-7Abdeldjalil Gadra
 
Prevention infection compile4
Prevention infection compile4Prevention infection compile4
Prevention infection compile4Patou Conrath
 
Lexique odontologie
Lexique odontologieLexique odontologie
Lexique odontologiefati guzel
 
La couronne à tenon radiculaire type richmond [enregistrement automatique]
La couronne à tenon radiculaire type richmond [enregistrement automatique]La couronne à tenon radiculaire type richmond [enregistrement automatique]
La couronne à tenon radiculaire type richmond [enregistrement automatique]Abdeldjalil Gadra
 
Td explorations-radiologiques
Td explorations-radiologiquesTd explorations-radiologiques
Td explorations-radiologiquesfati guzel
 
Artériographie du membre supérieur
Artériographie du membre supérieurArtériographie du membre supérieur
Artériographie du membre supérieurimma-dr
 
1 generalites chirurgie parodontale
1 generalites chirurgie parodontale1 generalites chirurgie parodontale
1 generalites chirurgie parodontaleAbdeldjalil Gadra
 
6 la poche parodontale
6 la poche parodontale6 la poche parodontale
6 la poche parodontaleAbdeldjalil Gadra
 
Cours desmodonte
Cours desmodonteCours desmodonte
Cours desmodonteAbdeldjalil Gadra
 
Resorption alveolaire et montage des dents en prothese totale
Resorption alveolaire et montage des dents en prothese totaleResorption alveolaire et montage des dents en prothese totale
Resorption alveolaire et montage des dents en prothese totaledrjamel
 
Trt chirurgical
Trt chirurgical Trt chirurgical
Trt chirurgical Abdeldjalil Gadra
 
Bilan d'extension initial local d'un cancer rectal-.pdf
Bilan d'extension initial local d'un cancer rectal-.pdfBilan d'extension initial local d'un cancer rectal-.pdf
Bilan d'extension initial local d'un cancer rectal-.pdfBilalKaidi1
 
La couronne à incrustation vestibulaire (civ) 3
La couronne à incrustation vestibulaire (civ) 3La couronne à incrustation vestibulaire (civ) 3
La couronne à incrustation vestibulaire (civ) 3Abdeldjalil Gadra
 
Ppt on atm machine
Ppt on atm machinePpt on atm machine
Ppt on atm machinePrabhat Singh
 
A T M.ppt
A T M.pptA T M.ppt
A T M.pptSarojKumar864774
 

More Related Content

What's hot

La prothèse partielle en résine
La prothèse partielle en résineLa prothèse partielle en résine
La prothèse partielle en résineBougandoura Mehdi
 
4. phenomenes de croissance COURS ODF
4. phenomenes de croissance COURS ODF 4. phenomenes de croissance COURS ODF
4. phenomenes de croissance COURS ODF ssuser402aa2
 
Les couronnes céramométalliques 2
Les couronnes céramométalliques 2Les couronnes céramométalliques 2
Les couronnes céramométalliques 2Abdeldjalil Gadra
 
Les attachements prothétique
Les attachements prothétique Les attachements prothétique
Les attachements prothétique Abdeldjalil Gadra
 
Realisation du chassis au laboratoire
Realisation du chassis au laboratoireRealisation du chassis au laboratoire
Realisation du chassis au laboratoireAbdeldjalil Gadra
 
Les intermédiaires de bridge
Les intermédiaires de bridgeLes intermédiaires de bridge
Les intermédiaires de bridgeAbdeldjalil Gadra
 
Diagnostic de l'edenté partiel5 6-7
Diagnostic de l'edenté partiel5 6-7Diagnostic de l'edenté partiel5 6-7
Diagnostic de l'edenté partiel5 6-7Abdeldjalil Gadra
 
Prevention infection compile4
Prevention infection compile4Prevention infection compile4
Prevention infection compile4Patou Conrath
 
Lexique odontologie
Lexique odontologieLexique odontologie
Lexique odontologiefati guzel
 
La couronne à tenon radiculaire type richmond [enregistrement automatique]
La couronne à tenon radiculaire type richmond [enregistrement automatique]La couronne à tenon radiculaire type richmond [enregistrement automatique]
La couronne à tenon radiculaire type richmond [enregistrement automatique]Abdeldjalil Gadra
 
Td explorations-radiologiques
Td explorations-radiologiquesTd explorations-radiologiques
Td explorations-radiologiquesfati guzel
 
Artériographie du membre supérieur
Artériographie du membre supérieurArtériographie du membre supérieur
Artériographie du membre supérieurimma-dr
 
1 generalites chirurgie parodontale
1 generalites chirurgie parodontale1 generalites chirurgie parodontale
1 generalites chirurgie parodontaleAbdeldjalil Gadra
 
Resorption alveolaire et montage des dents en prothese totale
Resorption alveolaire et montage des dents en prothese totaleResorption alveolaire et montage des dents en prothese totale
Resorption alveolaire et montage des dents en prothese totaledrjamel
 
Bilan d'extension initial local d'un cancer rectal-.pdf
Bilan d'extension initial local d'un cancer rectal-.pdfBilan d'extension initial local d'un cancer rectal-.pdf
Bilan d'extension initial local d'un cancer rectal-.pdfBilalKaidi1
 
La couronne à incrustation vestibulaire (civ) 3
La couronne à incrustation vestibulaire (civ) 3La couronne à incrustation vestibulaire (civ) 3
La couronne à incrustation vestibulaire (civ) 3Abdeldjalil Gadra
 

What's hot (20)

La prothèse partielle en résine
La prothèse partielle en résineLa prothèse partielle en résine
La prothèse partielle en résine
 
4. phenomenes de croissance COURS ODF
4. phenomenes de croissance COURS ODF 4. phenomenes de croissance COURS ODF
4. phenomenes de croissance COURS ODF
 
Les couronnes céramométalliques 2
Les couronnes céramométalliques 2Les couronnes céramométalliques 2
Les couronnes céramométalliques 2
 
Les attachements prothétique
Les attachements prothétique Les attachements prothétique
Les attachements prothétique
 
Realisation du chassis au laboratoire
Realisation du chassis au laboratoireRealisation du chassis au laboratoire
Realisation du chassis au laboratoire
 
4 gingivectomie
4 gingivectomie4 gingivectomie
4 gingivectomie
 
Les intermédiaires de bridge
Les intermédiaires de bridgeLes intermédiaires de bridge
Les intermédiaires de bridge
 
Diagnostic de l'edenté partiel5 6-7
Diagnostic de l'edenté partiel5 6-7Diagnostic de l'edenté partiel5 6-7
Diagnostic de l'edenté partiel5 6-7
 
Prevention infection compile4
Prevention infection compile4Prevention infection compile4
Prevention infection compile4
 
Lexique odontologie
Lexique odontologieLexique odontologie
Lexique odontologie
 
La couronne à tenon radiculaire type richmond [enregistrement automatique]
La couronne à tenon radiculaire type richmond [enregistrement automatique]La couronne à tenon radiculaire type richmond [enregistrement automatique]
La couronne à tenon radiculaire type richmond [enregistrement automatique]
 
Td explorations-radiologiques
Td explorations-radiologiquesTd explorations-radiologiques
Td explorations-radiologiques
 
Artériographie du membre supérieur
Artériographie du membre supérieurArtériographie du membre supérieur
Artériographie du membre supérieur
 
1 generalites chirurgie parodontale
1 generalites chirurgie parodontale1 generalites chirurgie parodontale
1 generalites chirurgie parodontale
 
6 la poche parodontale
6 la poche parodontale6 la poche parodontale
6 la poche parodontale
 
Cours desmodonte
Cours desmodonteCours desmodonte
Cours desmodonte
 
Resorption alveolaire et montage des dents en prothese totale
Resorption alveolaire et montage des dents en prothese totaleResorption alveolaire et montage des dents en prothese totale
Resorption alveolaire et montage des dents en prothese totale
 
Trt chirurgical
Trt chirurgical Trt chirurgical
Trt chirurgical
 
Bilan d'extension initial local d'un cancer rectal-.pdf
Bilan d'extension initial local d'un cancer rectal-.pdfBilan d'extension initial local d'un cancer rectal-.pdf
Bilan d'extension initial local d'un cancer rectal-.pdf
 
La couronne à incrustation vestibulaire (civ) 3
La couronne à incrustation vestibulaire (civ) 3La couronne à incrustation vestibulaire (civ) 3
La couronne à incrustation vestibulaire (civ) 3
 

Similar to ATM machine and its reverse engineering

Magnetic stripe on the back of credit card
Magnetic stripe on the back of credit cardMagnetic stripe on the back of credit card
Magnetic stripe on the back of credit cardSudhanshu Rathore
 
How do at ms work.ppt
How do at ms work.pptHow do at ms work.ppt
How do at ms work.pptNaveen Sihag
 
Automated Teller Machine
Automated Teller MachineAutomated Teller Machine
Automated Teller MachineDiotima Gupta
 
Automated teller machine
Automated teller machineAutomated teller machine
Automated teller machineVidya Sagar
 
Atm technology and operations
Atm technology and operationsAtm technology and operations
Atm technology and operationsAnil Chaurasiya
 
Social services and human rights to know.ppt
Social services and human rights to know.pptSocial services and human rights to know.ppt
Social services and human rights to know.pptBharathR164555
 
An atm with an eye
An atm with an eyeAn atm with an eye
An atm with an eyeChand Pasha
 
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...TUESDAY Business Network
 
ATM Processing and Location Strategy
ATM Processing and Location StrategyATM Processing and Location Strategy
ATM Processing and Location StrategyINDIAN OVERSEAS BANK
 
Magnetic stripe on the back of credit card
Magnetic stripe on the back of credit cardMagnetic stripe on the back of credit card
Magnetic stripe on the back of credit cardVaishnavi
 
smartcard-120830090352-phpapp02.pdf
smartcard-120830090352-phpapp02.pdfsmartcard-120830090352-phpapp02.pdf
smartcard-120830090352-phpapp02.pdfssuser5b47c8
 
smartcard-121018150432-phpapp01.pdf
smartcard-121018150432-phpapp01.pdfsmartcard-121018150432-phpapp01.pdf
smartcard-121018150432-phpapp01.pdfssuser5b47c8
 

Similar to ATM machine and its reverse engineering (20)

Ppt on atm machine
Ppt on atm machinePpt on atm machine
Ppt on atm machine
 
A T M.ppt
A T M.pptA T M.ppt
A T M.ppt
 
Magnetic stripe on the back of credit card
Magnetic stripe on the back of credit cardMagnetic stripe on the back of credit card
Magnetic stripe on the back of credit card
 
Atm machine
Atm machineAtm machine
Atm machine
 
How do at ms work.ppt
How do at ms work.pptHow do at ms work.ppt
How do at ms work.ppt
 
Atm Research
Atm Research Atm Research
Atm Research
 
Automated Teller Machine
Automated Teller MachineAutomated Teller Machine
Automated Teller Machine
 
Automated teller machine
Automated teller machineAutomated teller machine
Automated teller machine
 
Atm technology and operations
Atm technology and operationsAtm technology and operations
Atm technology and operations
 
ATM
ATMATM
ATM
 
Social services and human rights to know.ppt
Social services and human rights to know.pptSocial services and human rights to know.ppt
Social services and human rights to know.ppt
 
An atm with an eye
An atm with an eyeAn atm with an eye
An atm with an eye
 
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
 
ATM Processing and Location Strategy
ATM Processing and Location StrategyATM Processing and Location Strategy
ATM Processing and Location Strategy
 
Smartcard
SmartcardSmartcard
Smartcard
 
Magnetic stripe on the back of credit card
Magnetic stripe on the back of credit cardMagnetic stripe on the back of credit card
Magnetic stripe on the back of credit card
 
smartcard-120830090352-phpapp02.pdf
smartcard-120830090352-phpapp02.pdfsmartcard-120830090352-phpapp02.pdf
smartcard-120830090352-phpapp02.pdf
 
Sploitego
SploitegoSploitego
Sploitego
 
Atm machine
Atm machineAtm machine
Atm machine
 
smartcard-121018150432-phpapp01.pdf
smartcard-121018150432-phpapp01.pdfsmartcard-121018150432-phpapp01.pdf
smartcard-121018150432-phpapp01.pdf
 

Recently uploaded

Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Patrick Diehl
 
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxanandsmhk
 
Zoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfZoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfSumit Kumar yadav
 
GFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptxGFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptxAleenaTreesaSaji
 
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...Lokesh Kothari
 
Botany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdfBotany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdfSumit Kumar yadav
 
Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)PraveenaKalaiselvan1
 
Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )aarthirajkumar25
 
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...ssifa0344
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Nistarini College, Purulia (W.B) India
 
Cultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptxCultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptxpradhanghanshyam7136
 
Grafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeGrafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeSatoshi NAKAHIRA
 
Presentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptxPresentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptxgindu3009
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...RohitNehra6
 
Chemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfChemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfSumit Kumar yadav
 
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...Sérgio Sacani
 
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Sérgio Sacani
 
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43b
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43bNightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43b
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43bSérgio Sacani
 
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...jana861314
 
Green chemistry and Sustainable development.pptx
Green chemistry and Sustainable development.pptxGreen chemistry and Sustainable development.pptx
Green chemistry and Sustainable development.pptxRajatChauhan518211
 

Recently uploaded (20)

Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?
 
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
 
Zoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfZoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdf
 
GFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptxGFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptx
 
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
 
Botany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdfBotany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdf
 
Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)
 
Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )
 
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...
 
Cultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptxCultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptx
 
Grafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeGrafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real time
 
Presentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptxPresentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptx
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...
 
Chemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfChemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdf
 
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
 
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
 
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43b
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43bNightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43b
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43b
 
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
 
Green chemistry and Sustainable development.pptx
Green chemistry and Sustainable development.pptxGreen chemistry and Sustainable development.pptx
Green chemistry and Sustainable development.pptx
 

ATM machine and its reverse engineering

  • 2. Jens Martensson Topics To be Covered 1. HowATMworks 2. HowATMnetworkworks 3. Howwasandisthecommunication encrypted 4. DESandAESCryptosystems 5. AtmCardsandhowtheywork 6. Cardsecurity 2
  • 3. Jens Martensson 3 History Of ATM • Let us first get to know a brief history of this fantastic machine NCR model - 5070 was released marking the new age for ATM which will lead to 4million ATMs in 2021 1980 NCR launched its first ATM, NCR model 770 And the use of ATM rose by 20% 1977 By the end of 1971 around 1000+ ATM machines installed around the world 1971 The patent was granted for British engineer James Goodfellow’ s concept of a PIN that could be stored on bank cards 1970 The ATM made its debut at Barclays’ Enfield Town branch in north London Its invention is credited to British inventor John Shepherd Barron 1967
  • 4. Jens Martensson 4 How ATM Works Before diving into how an ATM works we first need to know what are the various parts that constitute the ATM. Parts of an ATM : 1. Input Devices • Card Reader • Keypad 2. Output Devices • Speaker • Display Screen • Receipt Printer • Cash Dispenser 3. Communication Modem
  • 5. Jens Martensson 5 Card Reader:Function: The card reader captures the account information stored on the magnetic stripe on the back of an ATM/debit or credit card. The host processor uses this information to route the transaction to the cardholder's bank. Working Principle : The working of Card readers is divide into two types: • Reads the information encoded in the magnetic stripe located on the back of a plastic badge• Magnetic stripe readers can be read by a computer program through a serial port , USB connection, or keyboard wedge , and are generally categorized by the way they read a badge• The magnetic stripe reader reads the information by detecting the changes in the magnetic field caused by the flux reversals on the badge's magnetic stripe. Magnetic Stripe Reader Chip Card Reader (EMV) • Each EMV card has an embedded computer chip that stores cardholders’ bank details• When a chip card is dipped into a chip card reader, the chip and reader communicate with each other in an encrypted language • A new code is created for each transaction and the data is encrypted the moment the card is dipped. The encrypted data is then sent to the acquirer
  • 6. Jens Martensson 6 MAGSTRIP READER CHIP READER
  • 7. Jens Martensson 7 Keypad - The keypad lets the cardholder tell the bank what kind of transaction is required (cash withdrawal, balance inquiry, etc.) and for what amount. Also, the bank requires the cardholder's personal identification number (PIN) for verification. Federal law requires that the PIN block be sent to the host processor in encrypted form Speaker - The speaker provides the cardholder with auditory feedback when a key is pressed. Display screen - The display screen prompts the cardholder through each step of the transaction process. Leased-line machines commonly use a monochrome or color CRT(cathode ray tube) display. Dial-up machines commonly use a monochrome or color LCD. Receipt printer - The receipt printer provides the cardholder with a paper receipt of the transaction. Cash Dispenser - The heart of an ATM is the safe and cash-dispensing mechanism. The entire bottom portion of most small ATMs is a safe that contains the cash.
  • 8. Jens Martensson 8 WORKING MODES OF AN ATM A leased-line ATM machine has a 4-wire, point to point dedicated telephone line which helps in connecting it with the host processor. These types of machines are preferred in places where the user volume is high. They are considered high end and the operating costs of this type of a machine is very high. The dial-up ATM machines only has a normal phone line with a modem and a toll free number. As these are normal connections their initial installation cost is very less and their operating costs only become a fraction of that of a leased-line ATM.
  • 9. Jens Martensson 9 ATM NETWORK How the request for cash is generated and how that request is routed and returns the response
  • 10. Jens Martensson 10 ATM Communication encryption Need for Encryption : One common ATM security vulnerability involves so-called phantom withdrawals, in which cash is taken from a cardholder's account, but neither the customer nor the bank admits liability. Phantom withdrawals are sometimes the result of fraud on the part of the customer, but ATMs can also be tricked into accepting bogus, skimmed or cloned cards. ATMs generate a coded message, known as an Authorization Request Cryptogram, which card issuers use to authenticate the card and card data. AES TRIPLE DES DES
  • 11. Jens Martensson 11 Data Encryption Standard (DES) Data Encryption Standard (DES) is a symmetric-key algorithm it was constructed in the early 1970 at IBM (designed mostly by Horst Feistel) it is a block cipher: the plaintext is processed to the ciphertext in number of block hybrid of substitution cipher and permutation cipher ~ we are not able to use frequency analysis to crack DES In the early 1970s it became apparent that the commercial sector also has a need for cryptography For example: corporate secrets must have been transmitted securely, ATM mach needed encrypted messages etc.
  • 12. Jens Martensson 12 Block size: 64 bits Key size: 64 bits (56 relevant bits are used in the algorithm) Number of rounds: 16 Number of subkeys: 16 (every subkey is 48 bits long) Ciphertext size: 64 bits Data Encryption Standard (DES) has a so-called Feistel-structure 1.) we have to split the plaintext into 64 bits long blocks ~ these blocks are the input in for the 16 rounds 2.) there are so-called rounds (iteration) during the encryption/decryption ~ for DES there are 16 rounds (substitutions, XOR operations etc.) + the input for every iteration is a 64 bits long block 3.) every round needs a different keys (it is called subkeys) These keys are generated from the original 64 bits private key 4.) it’s main advantage is that encryption and decryption operations are very similar (requiring only the reversal of the key schedule)
  • 13. Jens Martensson 13 DIAGRAM OF DES DATA ENCRYPTION STANDARD block of plaintext (64 bits) block ofciphertext (64 bits) T R A N S P O S I T I O N T R A N S P O S I T I O N R O U N D 1 R O U N D 2 R O U N D 3 ... R O U N D 1 6 key (64 bits)
  • 14. Working of the DES Algorithm 14
  • 15. 15 Left Circular Shift Let us work out an example:
  • 16. Jens Martensson 16 What is the initial permutation and its inverse? THESE TABLES DEFINE THE LOCATION OF THE GIVEN BITS What is the PC-1 and PC-2 ? PC-1 PC-2  some bits are not used  this is why this PC-2 selects 48 bits from the original 56 bits long key
  • 17. Faults of the DES Cryptosystem s 17  We can use brute-force approach to check all the possible values for the keys DES keyspace’s size = 2 56  the small size of the keyspace is the reason why DES cryptosystem is no longer secure “Deep Crack” has managed to crack DES with brute-force attack within 22 hours ~ it does not use any internal structure of the cryptosystem just considers all the possible keys (linear search) This is why DES was replaced by triple DES (TDES) and later with AES Brute Force Attack
  • 19. Jens Martensson 19 Features of AES Data representation 
  • 20. Jens Martensson 20 Procedure of AES The Add Round Key nd XOR The Shift Rows Function MIX Columns
  • 22. MAGSTRIPE CARDS Amagnetic stripe card is atype of card capable of storing data by modifying themagnetism of tiny iron-based magnetic particles on aband of magnetic material on the card.The magnetic stripe, sometimes called swipe card or magstripe, is read by swiping past a magnetic reading head. Magnetic stripe cards are commonly used in credit cards, identity cards, and transportation tickets. 22 Typical Magstripe ATM Card Information Encoded within a Magnetic Strip
  • 23. Jens Martensson 23 How information is Stored in the magnetic Strip Data is in format of 1s and 0s and thus storage also happens in 1s or 0s
  • 24. Jens Martensson 24 What Data Is Stored in Magstripes? There are up to three tracks on magnetic cards known as tracks 1, 2, and 3. Track 3 is virtually unused by the major worldwide networks[, and often isn't even physically present on the card by virtue of a narrower magnetic stripe.Point-of-sale card readers almost always read track 1, or track 2, and sometimes both, in case one track is unreadable. The minimum cardholder account information needed to complete a transaction is present on both tracks. Track 1 has a higher bit density (210 bits per inch vs. 75), is the only track that may contain alphabetic text, and hence is the only track that contains the cardholder's name. Let’s look into the tracks
  • 27. Jens Martensson 27 DEF CON 24 During DEF CON 24, Weston Hecker presented Hacking Hotel Keys, and Point OfSales Systems. In the talk, Hecker described the way magnetic strip cards function and utilized spoofing software,[ and an Arduino toobtain administrative access from hotel keys, via service staff walking past him. Hecker claims he used administrative keys from POS systems on other systems, effectively providing access to any system with a magnetic stripe reader, providing access torun privileged commands Vulnerabilities of the Magstripe
  • 28. CHIP CARDS Achip card is astandard-size plastic debit or credit card which contains an embedded microchip as well as a traditional magnetic stripe. The chip encrypts information to increase data security when making transactions at stores, terminals, or automated teller machines (ATMs). Chip cards also are known as smart cards, chip-and-PIN cards, chip- and-signature cards, and the Europay, MasterCard, Visa (EMV) card. 28 Typical Chip ATM Card Chip of the Chip Cards
  • 29. Jens Martensson 29 How does a chip Card work? The card when used for payment generates a random encrypted code which is good for that transaction only Based on that type of encryption used the payment terminal can use the encryption keys to decrypt the account information. Payment is then authorised and that too without contacting the Card company after you enter the PIN (Provided you have sufficient Balance)
  • 30. Jens Martensson 30 Why is the chip card a problem for hackers ?? But Nothing stays Un-hackable for long. It only is a matter of time !!