Atm technology and operations

Banking Technology
ATM – Technology and
Operations

Banking Technology – M.Tech (IT)
In Brief
• Types, Models and Features of ATM
• Functions and Components of an ATM
• The Card
• Operations and Security
• Transaction Flow and Shared Networks
• Disputes and Resolution
• Frauds
• Customer Education

Introduction
• Philip Kotler once said- “Customer is the king. He is not
dependent on us. Rather we are dependent on him”.
• This dependency is causing banks to keep the customer
happy…ATM was perhaps the first step in this direction…
• Barclays claims to have installed the world’s first cash
Dispenser in 1967
• 1st
generation machines were offline
• Major step in 1972 when Lloyds Bank in the UK installed
in the first on-line “Cash-Point” machines developed by
IBM
• It took 16 years for the first 1,00,000 cash dispensers to be
installed, but only four years more for the next 1, 00,000
• Now, India alone has more than 1,60,000 ATMs

ATM Types & Features
• ATMs are broadly
classified under two types.
– Cash Dispensers
– Full Function ATMs.
• ATM Models –
– Lobby Type
– Wall Type
– Drive-in
•Bio-metrics enabled
•Audio visual support
•Special designs for the
physically challenged users

The ATM…
Components
Courtesy: PC Mag

Key Requirements at the ATM Level
• Transaction and operational security.
• Message Encryption (Triple DES)
• Vandalism and Tamper Proofing
• Authorization methods to suit variety of
authorization needs.
• Message tokenization.
• Management Reporting Capabilities
• Terminal interactive timer.

ATM Services…
• Cash Withdrawal
• Balance enquiry
• Mini statement
• Change of PIN
 Mobile Recharge / Top ups
 Airline Ticket Booking
 VISA Money Transfer/Card to card
transfer
 Funds Transfer to own accounts
 Donations to Trusts
 Utility Bills Payments
 Service Requests
 Fee Payment
 SMS Alert Registrations
 Registration for Mobile Banking /SMS
Alerts
 Direct Tax Payment
 Inter Bank/Intra Bank fund transfer
through IMPS
 Deposits of Cash / Cheque
 Donations
 Request for Cheque Books

The ATM Card
• A magnetic card with PIN
• The magnetic strip is present on the reverse
upper portion of the card & helps in
identification of cardholder & issuer
• The strip contains data for authorization of the
transactions
• Encoding standards for the 3 strips:
– Track 1-ISO 7813.
– Track 2-ISO 7813.
– Track 3- ISO 4909.

The Card

The Three Tracks…
• There are three tracks on the magstripe. Each track
is 0.110-inch wide. The ISO/IEC standard 7811,
which is used by banks, specifies:
• Track 1 is 210 bits per inch (bpi), and holds 79
six-bit plus parity bit read-only characters.
• Track 2 is 75 bpi, and holds 40 four-bit plus parity
bit characters.
• Track 3 is 210 bpi, and holds 107 four-bit plus
parity bit characters.

• The information on track one is contained in two formats -- A,
which is reserved for proprietary use of the card issuer, and B, which
includes the following:
• Start sentinel -- 1 character
• Format code="B" -- 1 character (alpha only)
• Primary account number -- up to 19 characters
• Separator -- 1 character
• Country code -- 3 characters
• Name -- 2-26 characters
• Expiration date or separator -- 4 characters or 1 character
• Discretionary data -- enough characters to fill out maximum record
length (79 characters total)
• End sentinel -- 1 character
• Longitudinal Redundancy Check (LRC), a form of computed check
character -- 1 character

• The format for track two, developed by the banking
industry, is as follows:
• Start sentinel -- 1 character
• Primary account number - up to 19 characters
• Country code -- 3 characters
• Expiration date or separator -- 4 characters or 1 character
• Discretionary data -- enough characters to fill out
maximum record length (40 characters total)
• LRC -- 1 character

Track 3
• Track three is a read/write track (that
includes an encrypted PIN, country
code, currency units, amount authorized),
but its usage is not standardized among
banks.

Details on an ATM Card
• Bank logo
• Customer name, date of issue and expiry date is
embossed on the front
• Scanned photograph along with signature on the
front
• Space for signature of the cardholder is available
on the reverse of the card
• Logo of Master/Visa/Electron/Cirrus is also
printed on the reverse side of the card if the bank
is a member of the above

Other Cards Too
• Now a lone ATM card is becoming a rarity.
• Cards that can be used with an ATM are:
– Debit Card
– Credit Card: Many credit cards allow
cardholders to get cash advances at ATMs,
although the cash advance feature is peripheral
to the much more common credit feature
– Soon, Smart Card too

On Site Vs Off Site ATM
• On-site ATM is located within the premises of
the branch and Off-site ATM is located far
away from the branch
• Every Branch should have an ATM (on-site).
• Off-site ATM location: influenced by a variety
of factors.

ATM
TERMINAL
S
W
I
T
C
H
DATABASE
BANK
Server
CARD
HOLDER
Cash if approved
Rejection on negative response
ATM Operation

TYPICAL CASH WITHDRAWAL FROM
AN ATM ACROSS A SHARED ATM
NETWORK

Security Features
• Enough controls to protect institutions and
cardholders from frauds
• PIN, which has 6561 permutations excluding
zero & 10,000 including it –
• Triple DES Encryption
• Hardware Security Module (HSM) for PIN
generation and Validation
• Operational security - access control, audit
trails
• Real Time Online Monitoring of the ATM
Network

Disputes & Resolution
• Transaction Log files from ATM Switch
• ATM journal
• Transaction in CBS
• Claim by other Agencies like NPCI /
VISA /Master / CCD
• Physical Cash at ATM

DCMS & DCRS
• Debit Card Management System – for issue
and maintenance of Debit Cards
• Debit Card Reconciliation System – for
Managing ATM transactions.

DCRS Inputs
DCRS receives the following files for processing:
•Transaction Log File from ATM Switch
•Transaction file from CBS
•NFS Issuer / Acquirer file from NPCI
•VISA Issuer / Acquirer, MDS and CCD files from
Credit Card Department.
•Electronic Journal files from ATM Service
Providers

The Reconciliation Process…
The recon process compares the following data:
•Transaction Log File from ATM Switch vs. Transactions files from CBS
•Transaction Log File from ATM Switch vs. NFS Issuer / Acquirer file from
NPCI
•Transaction Log File from ATM Switch vs. VISA Issuer / Acquirer file from
VISA, Master Debit Card files and CCD Files from Credit Card department.
•Transaction Log File from ATM Switch vs. Electronic Journal file from
ATM
In each recon process three reports will be generated.
•Matched report
•Unmatch1 report
•Unmatch2 report

ATM Frauds
• The security attacks on transactions typically take one of the
following ways:
– Through Lost, stolen or fraudulent cards.
– Invalid transactions are attempted using valid cards.
– Possibility of tampering/deleting/corrupting transaction messages.
– Messages can be tampered with altering the contents of transactions.
– Transaction messages are intercepted and recorded during
transmission and relayed later for personal financial gain.
• Key Fraud Types
– Skimming
– Theft (of PIN/Card)
– Robbery (of the user or of the machine)
– Shoulder surfing’ – where criminals look over a cash machine user’s
shoulder to watch them enter their PIN, then steal the card

Customer Education
• Be alert
• Trust no one
• Stay away from ill-lit ATMs
• Treat your ATM card like cash – with care, don’t
share & don’t write on it
• Keep PIN a secret
• Minimise the time
• Put away the cash

Atm technology and operations

More Related Content

What's hot

Similar to Atm technology and operations

More from Anil Chaurasiya

Recently uploaded

In this document

Atm technology and operations