Security
A first approximation of security exposures in Electronic funds transfer systems can be done without delimiting their components. Electronic funds transfer systems have three components; namely communication links, computers, and terminals(ATMs). To begin with, communication links are subject to attacks. There are two techniques made recourse to as far as the inception of messages is concerned. On the one, they are subject to attack by the use of passive techniques such as listening. On the other, they might be subject to attack by active techniques such as data alteration and substitution. Moreover, both techniques can be used in combination. The second component is computer security. There are different techniques that can be used in order to have access to a computer such as the access to it via a remote terminal or other peripheral devices as the card reader. As a result of such attacks, abusers could copy, replace or even destroy programs or data saved in or being processed in a computer system. As for terminal security, it is of a great importance in cases where cipher keys reside in terminals. In the absence of physical security, an abuser may be probe for a key or substitute its value. In order to avoid such abuses, the preserving of both the integrity of non-secret parameters and the confidentiality of secret parameters should be incorporated. Moreover, the use of public key cryptosystem (PKC) where public keys in the Electronic funds transfer are made recourse to prove to be insecure in the absence of physical security at the entry points. Moreover, as a public key allows the terminal the authentication of the response messages received from the issuer, for the generation of the MACs on transaction request messages sent to the issuer, a secret key is still needed. In the conduction of transactions at the Electronic funds transfer terminal, the only required thing is personal verification. That is, the authentication of a message between the EFT terminal and the issuer is theoretically not required. In such a case, the installation of a public key in the Electronic funds transfer terminal would be adequate as far as the permission of personal verification is concerned.fgg
Read more about this topic: Security Of Automated Teller Machines
Famous quotes containing the word security:
“To have in general but little feeling, seems to be the only security against feeling too much on any particular occasion.”
—George Eliot [Mary Ann (or Marian)
“Our security depends on the Allied Powers winning against aggressors. The Axis Powers intend to destroy democracy, it is anathema to them. We cannot provide that aid if the public are against it; therefore, it is our responsibility to persuade the public that aid to the victims of aggression is aid to American security. I expect the members of my administration to take every opportunity to speak to this issue wherever they are invited to address public forums in the weeks ahead.”
—Franklin D. Roosevelt (1882–1945)
“We now in the United States have more security guards for the rich than we have police services for the poor districts. If you’re looking for personal security, far better to move to the suburbs than to pay taxes in New York.”
—John Kenneth Galbraith (b. 1908)