ATM's and Security

This is a discussion on ATM's and Security within the A Brief History of Cprogramming.com forums, part of the Community Boards category; Interesting atricle imo. Even though they stress the corrupt employee angle i'm sures could do it. http://www.newscientist.com/news/news.jsp?id=ns99993424...

  1. #1
    RoD
    RoD is offline
    Redundantly Redundant RoD's Avatar
    Join Date
    Sep 2002
    Location
    Missouri
    Posts
    6,331

    ATM's and Security

    Interesting atricle imo. Even though they stress the corrupt employee angle i'm sures could do it.

    http://www.newscientist.com/news/news.jsp?id=ns99993424

  2. #2
    Funniest man in this seat minesweeper's Avatar
    Join Date
    Mar 2002
    Posts
    801
    What's with the bit about the PIN number being a function of the account number?

    Over here at least we can choose our own PIN number.

    To be honest though it doesn't really worry me. It relies on someone in the bank being dishonest and this is the case anywhere. Everytime you order something over the phone on a credit or debit card you give your number to a stranger. Even when you use a card over the counter, the person only has to remember about 15 numbers and a name, not that hard with some practice.

    It does surprise me that banks would be that slack though. With the potential lawsuits against the bank you would think they would sort it out.

  3. #3
    RoD
    RoD is offline
    Redundantly Redundant RoD's Avatar
    Join Date
    Sep 2002
    Location
    Missouri
    Posts
    6,331
    Yea im not really concerned, its more the way it was done that interests me...

  4. #4
    It's full of stars adrianxw's Avatar
    Join Date
    Aug 2001
    Posts
    4,831
    This one from a few days back I think could cause bigger problems.
    Wave upon wave of demented avengers march cheerfully out of obscurity unto the dream.

  5. #5
    RoD
    RoD is offline
    Redundantly Redundant RoD's Avatar
    Join Date
    Sep 2002
    Location
    Missouri
    Posts
    6,331
    Up until now, SSL systems had been thought to be completely secure.
    Only by fools and morons. Yea this could be an issue also, but nothing is ever secure 100%.

  6. #6
    www.entropysink.com
    Join Date
    Feb 2002
    Posts
    605
    Originally posted by minesweeper
    What's with the bit about the PIN number being a function of the account number?

    Over here at least we can choose our own PIN number.

    That's true, but you will still have a native PIN. The PIN you choose is derived by adding a number to the calculated PIN.

    Look at it this way.....

    Your native PIN is 1234, and you want a PIN of 4321. To derive this, the system adds 3117 to your native PIN (ignoring carries) which gives your custom PIN of 4321. This offset is either stored on the server, or on the card.

    The encryption used is NBS/DES.
    Visit entropysink.com - It's what your PC is made for!

Popular pages Recent additions subscribe to a feed

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21