Security
A first approximation of security exposures in Electronic funds transfer systems can be done without delimiting their components. Electronic funds transfer systems have three components; namely communication links, computers, and terminals(ATMs). To begin with, communication links are subject to attacks. There are two techniques made recourse to as far as the inception of messages is concerned. On the one, they are subject to attack by the use of passive techniques such as listening. On the other, they might be subject to attack by active techniques such as data alteration and substitution. Moreover, both techniques can be used in combination. The second component is computer security. There are different techniques that can be used in order to have access to a computer such as the access to it via a remote terminal or other peripheral devices as the card reader. As a result of such attacks, abusers could copy, replace or even destroy programs or data saved in or being processed in a computer system. As for terminal security, it is of a great importance in cases where cipher keys reside in terminals. In the absence of physical security, an abuser may be probe for a key or substitute its value. In order to avoid such abuses, the preserving of both the integrity of non-secret parameters and the confidentiality of secret parameters should be incorporated. Moreover, the use of public key cryptosystem (PKC) where public keys in the Electronic funds transfer are made recourse to prove to be insecure in the absence of physical security at the entry points. Moreover, as a public key allows the terminal the authentication of the response messages received from the issuer, for the generation of the MACs on transaction request messages sent to the issuer, a secret key is still needed. In the conduction of transactions at the Electronic funds transfer terminal, the only required thing is personal verification. That is, the authentication of a message between the EFT terminal and the issuer is theoretically not required. In such a case, the installation of a public key in the Electronic funds transfer terminal would be adequate as far as the permission of personal verification is concerned.fgg
Read more about this topic: Security Of Automated Teller Machines
Famous quotes containing the word security:
“To have in general but little feeling, seems to be the only security against feeling too much on any particular occasion.”
—George Eliot [Mary Ann (or Marian)
“Modern children were considerably less innocent than parents and the larger society supposed, and postmodern children are less competent than their parents and the society as a whole would like to believe. . . . The perception of childhood competence has shifted much of the responsibility for child protection and security from parents and society to children themselves.”
—David Elkind (20th century)
“It is hard for those who have never known persecution,
And who have never known a Christian,
To believe these tales of Christian persecution.
It is hard for those who live near a Bank
To doubt the security of their money.”
—T.S. (Thomas Stearns)