ATM Security: Maintaining Confidentiality, Integrity and Availability
Added on 2023-06-13
10 Pages2628 Words282 Views
Question 1.
ATM is an electronic device that helps to withdraw money without going to the bank. It is
extremely effective and is present in every city, village or country in the world. The customer,
who is withdrawing money, should have a valid bank account with balance in it (De Gramatica et
al., 2015). The major advantage of this electronic device is that there is no time restriction and
the client can withdraw his or her money anytime. Moreover, a huge amount of money could be
extracted from the account and thus it is extremely advantageous for the customer.
The ATM or the Automated Teller Machine users are solely provided with personal
identification number or PIN and an ATM card. The presence of both of these is required for any
transaction. This PIN is a unique number of four digit and it is kept hidden or private. There are
three basic requirements for maintenance of privacy and security in the PIN and other bank
account details (Peltier, 2016). These are known as CIA or simply confidentiality, integrity and
availability. The descriptions of these three requirements with proper examples are given below:
i) Confidentiality: The most important requirement for any ATM card is confidentiality. This can
be referred to as privacy. This confidentiality is maintained by the customers by not sharing the
credentials with the other users so that the data is not hacked at any cost.
The degree of importance of the confidentiality factor is extremely high as the PIN could
easily be utilized for any type of illegal activities by the hackers.
The two examples of confidentiality are as follows:
i) ATM card and PIN should be present to make the transaction.
ii) If the credentials would be lost, hackers would utilize them.
ATM is an electronic device that helps to withdraw money without going to the bank. It is
extremely effective and is present in every city, village or country in the world. The customer,
who is withdrawing money, should have a valid bank account with balance in it (De Gramatica et
al., 2015). The major advantage of this electronic device is that there is no time restriction and
the client can withdraw his or her money anytime. Moreover, a huge amount of money could be
extracted from the account and thus it is extremely advantageous for the customer.
The ATM or the Automated Teller Machine users are solely provided with personal
identification number or PIN and an ATM card. The presence of both of these is required for any
transaction. This PIN is a unique number of four digit and it is kept hidden or private. There are
three basic requirements for maintenance of privacy and security in the PIN and other bank
account details (Peltier, 2016). These are known as CIA or simply confidentiality, integrity and
availability. The descriptions of these three requirements with proper examples are given below:
i) Confidentiality: The most important requirement for any ATM card is confidentiality. This can
be referred to as privacy. This confidentiality is maintained by the customers by not sharing the
credentials with the other users so that the data is not hacked at any cost.
The degree of importance of the confidentiality factor is extremely high as the PIN could
easily be utilized for any type of illegal activities by the hackers.
The two examples of confidentiality are as follows:
i) ATM card and PIN should be present to make the transaction.
ii) If the credentials would be lost, hackers would utilize them.
ii) Integrity: It helps to maintain the data integrity and so that no data is altered at any cost
(Siponen, Mahmood & Pahnila, 2014).
The degree of importance of the integrity factor is extremely high as if the data would be
changed, it could be used by the hackers.
The two examples of integrity are as follows:
i) Altering data of ATM card and PIN.
ii) Unintentional change of data.
iii) Availability: The availability of relevant information and the hardware is required for making
the transaction (Von Solms & Van Niekerk, 2013).
The degree of importance of the availability factor is high as without the information and
hardware, transaction will not be made.
The examples of availability are as follows:
i) Absence of hardware will not allow transaction.
ii) Absence of information will not allow transaction.
Question 2.
According to the given scenario, a thief has broken the Automated Teller Machine or an
ATM after using a screwdriver and finally has jammed the card reader of that particular ATM
machine. Next, this thief has broken the five keys from the keypad of the ATM.
Meanwhile, a customer gets in the ATM for withdrawing cash. He is successful in
withdrawing cash, however unsuccessful in taking out the card; since the card reader is jammed.
(Siponen, Mahmood & Pahnila, 2014).
The degree of importance of the integrity factor is extremely high as if the data would be
changed, it could be used by the hackers.
The two examples of integrity are as follows:
i) Altering data of ATM card and PIN.
ii) Unintentional change of data.
iii) Availability: The availability of relevant information and the hardware is required for making
the transaction (Von Solms & Van Niekerk, 2013).
The degree of importance of the availability factor is high as without the information and
hardware, transaction will not be made.
The examples of availability are as follows:
i) Absence of hardware will not allow transaction.
ii) Absence of information will not allow transaction.
Question 2.
According to the given scenario, a thief has broken the Automated Teller Machine or an
ATM after using a screwdriver and finally has jammed the card reader of that particular ATM
machine. Next, this thief has broken the five keys from the keypad of the ATM.
Meanwhile, a customer gets in the ATM for withdrawing cash. He is successful in
withdrawing cash, however unsuccessful in taking out the card; since the card reader is jammed.
He thus, goes out for calling of help for getting out his ATM card from the machine.
The thief now wants to discover the PIN of the customer.
Total number of keys in PIN= 4
Total number of keys broken by the thief = 5.
Therefore, the total number of possibilities of permutation of the four keys is give below:
5P4 = 5!/(5 - 4)! = 5!/4! = 120.
Hence, the thief can detect up to 120 ways of permutation.
However, there is a restriction of 3 times in every ATM. After the third wrong attempt, the
card would be blocked.
Question 3.
Biometric authentication systems are utilized for the proper and systematic identification
of any specific individual with the help of his or her biological features. The identity of the user
is verified with this type of system and thus is extremely effective and popular in respect to
others (Bhagavatula et al., 2015). The methods of the biometric authentication are utilized for the
protection of several types of systems. The logical systems that are facilitated through the access
points of hardware to all the physical systems that are protected by the physical barriers, like
secured research sites and secured facilities, are secured with biometric.
There are various types of biometric authentication systems that are utilized for
successfully identifying the individuals. The most popular types are the fingerprint recognition,
face recognition, scanning of iris, cornea, and hand palm, and voice recognition. These biometric
authentication systems help the individual to protect their valuables or get entry to any secured or
protected building (Frank et al., 2013). The most significant benefit of this type of system is that
The thief now wants to discover the PIN of the customer.
Total number of keys in PIN= 4
Total number of keys broken by the thief = 5.
Therefore, the total number of possibilities of permutation of the four keys is give below:
5P4 = 5!/(5 - 4)! = 5!/4! = 120.
Hence, the thief can detect up to 120 ways of permutation.
However, there is a restriction of 3 times in every ATM. After the third wrong attempt, the
card would be blocked.
Question 3.
Biometric authentication systems are utilized for the proper and systematic identification
of any specific individual with the help of his or her biological features. The identity of the user
is verified with this type of system and thus is extremely effective and popular in respect to
others (Bhagavatula et al., 2015). The methods of the biometric authentication are utilized for the
protection of several types of systems. The logical systems that are facilitated through the access
points of hardware to all the physical systems that are protected by the physical barriers, like
secured research sites and secured facilities, are secured with biometric.
There are various types of biometric authentication systems that are utilized for
successfully identifying the individuals. The most popular types are the fingerprint recognition,
face recognition, scanning of iris, cornea, and hand palm, and voice recognition. These biometric
authentication systems help the individual to protect their valuables or get entry to any secured or
protected building (Frank et al., 2013). The most significant benefit of this type of system is that
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Information Security: ATM, Biometric Authentication, and Transposition Cipherlg...
|14
|2706
|261
Information Security: ATM Requirements, Biometric Authentication, Encryption Methodslg...
|10
|1864
|148
Information Security: ATM, Biometric Authentication, Transposition Cipherlg...
|10
|3198
|200
Information Security: ATM Confidentiality, Integrity and Availabilitylg...
|11
|3557
|353
Information Security: Examples of Confidentiality, Integrity and Availability Requirements Associated with ATM Machineslg...
|6
|1854
|399
Information Security: ATM, Biometric Authentication, and Caesar Cipherlg...
|10
|3304
|496