Security
A first approximation of security exposures in Electronic funds transfer systems can be done without delimiting their components. Electronic funds transfer systems have three components; namely communication links, computers, and terminals(ATMs). To begin with, communication links are subject to attacks. There are two techniques made recourse to as far as the inception of messages is concerned. On the one, they are subject to attack by the use of passive techniques such as listening. On the other, they might be subject to attack by active techniques such as data alteration and substitution. Moreover, both techniques can be used in combination. The second component is computer security. There are different techniques that can be used in order to have access to a computer such as the access to it via a remote terminal or other peripheral devices as the card reader. As a result of such attacks, abusers could copy, replace or even destroy programs or data saved in or being processed in a computer system. As for terminal security, it is of a great importance in cases where cipher keys reside in terminals. In the absence of physical security, an abuser may be probe for a key or substitute its value. In order to avoid such abuses, the preserving of both the integrity of non-secret parameters and the confidentiality of secret parameters should be incorporated. Moreover, the use of public key cryptosystem (PKC) where public keys in the Electronic funds transfer are made recourse to prove to be insecure in the absence of physical security at the entry points. Moreover, as a public key allows the terminal the authentication of the response messages received from the issuer, for the generation of the MACs on transaction request messages sent to the issuer, a secret key is still needed. In the conduction of transactions at the Electronic funds transfer terminal, the only required thing is personal verification. That is, the authentication of a message between the EFT terminal and the issuer is theoretically not required. In such a case, the installation of a public key in the Electronic funds transfer terminal would be adequate as far as the permission of personal verification is concerned.fgg
Read more about this topic: Security Of Automated Teller Machines
Famous quotes containing the word security:
“Thanks to recent trends in the theory of knowledge, history is now better aware of its own worth and unassailability than it formerly was. It is precisely in its inexact character, in the fact that it can never be normative and does not have to be, that its security lies.”
—Johan Huizinga (1872–1945)
“It seems to me that our three basic needs, for food and security and love, are so mixed and mingled and entwined that we cannot straightly think of one without the others. So it happens that when I write of hunger, I am really writing about love and the hunger for it, and warmth and the love of it and the hunger for it ... and then the warmth and richness and fine reality of hunger satisfied ... and it is all one.”
—M.F.K. Fisher (b. 1908)
“The most disgusting cad in the world is the man who, on grounds of decorum and morality, avoids the game of love. He is one who puts his own ease and security above the most laudable of philanthropies.”
—H.L. (Henry Lewis)