Information Security in ATM Systems: A Comprehensive Analysis
VerifiedAdded on 2025/07/21
|11
|1567
|217
AI Summary
Desklib provides solved assignments and past papers to help students succeed.
Assessment 2
Security fundamentals
Student Name:
Student ID:
Security fundamentals
Student Name:
Student ID:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Contents
Introduction......................................................................................................................................3
Question 1........................................................................................................................................4
Question 2........................................................................................................................................5
Question 3........................................................................................................................................6
Question 4........................................................................................................................................7
Circumstance 1:...........................................................................................................................7
Circumstance 2:...........................................................................................................................7
Question 5........................................................................................................................................8
Conclusion.....................................................................................................................................10
References......................................................................................................................................11
Introduction......................................................................................................................................3
Question 1........................................................................................................................................4
Question 2........................................................................................................................................5
Question 3........................................................................................................................................6
Question 4........................................................................................................................................7
Circumstance 1:...........................................................................................................................7
Circumstance 2:...........................................................................................................................7
Question 5........................................................................................................................................8
Conclusion.....................................................................................................................................10
References......................................................................................................................................11
Introduction
The assignment is about information security. The assignment will cover the CIA triads
requirements in the scenario of ATMs. It will also cover the reluctant elements with the use of
biometric in the security system. This also includes different ways to counter these issues. In
next section, the report includes the circumstances in which the false negatives can be more
serious in comparison to false positive. Then in the final section of the report is based on the
encryption, this includes the de-cipher of the given ciphertext.
The assignment is about information security. The assignment will cover the CIA triads
requirements in the scenario of ATMs. It will also cover the reluctant elements with the use of
biometric in the security system. This also includes different ways to counter these issues. In
next section, the report includes the circumstances in which the false negatives can be more
serious in comparison to false positive. Then in the final section of the report is based on the
encryption, this includes the de-cipher of the given ciphertext.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Question 1
CIA triads are the main components of the security system. ATMs are also required to ensure the
CIA components to maintain security. Confidentiality relates to the prevention of data disclosure.
Integrity relates to the non-modification of data by any unauthorized person. Availability relates
to that the required services and data should be available to the authorized person when needed
(Chafai, 2012). In order to ensure the availability of ATM’s services, backups should be created
to different geographic locations. For example, in case any natural disaster occurs then it will
affect the whole geographical area, thus backups of data in different location can ensure the data
availability. Also the ATM should have the ability to handle the load. For example, integrity of
the data can be violated in the ATMs, when accidentally malware is inserted in the system, this
may allow the unauthorized person to modify the data. To ensure eth data integrity OS hardening
should be done along with the implementation of secured policies, IPS implementation, and
encryption (Henderson, 2017). For example, Confidentiality breach can occur in the ATMs when
user accidentally shares the PIN with someone else. In order to ensure confidentiality in the
ATM system, multifactor authentication should be done. The channel of communication between
the bank and user must be secured with encryption and encrypt the PIN also if possible. This is
the responsibility of end-user to make sure that they use a secure and strong pin while securing
the PIN of a card. Banks are also required to guarantee the privacy to avoid hacking whenever
there is interaction between the Bank server and ATM (Chia, 2012). To guarantee their integrity
is preserved and customer data is safe, it is essential to use sophisticated, effective technology
and adequate analysis & ATM collaboration.
CIA triads are the main components of the security system. ATMs are also required to ensure the
CIA components to maintain security. Confidentiality relates to the prevention of data disclosure.
Integrity relates to the non-modification of data by any unauthorized person. Availability relates
to that the required services and data should be available to the authorized person when needed
(Chafai, 2012). In order to ensure the availability of ATM’s services, backups should be created
to different geographic locations. For example, in case any natural disaster occurs then it will
affect the whole geographical area, thus backups of data in different location can ensure the data
availability. Also the ATM should have the ability to handle the load. For example, integrity of
the data can be violated in the ATMs, when accidentally malware is inserted in the system, this
may allow the unauthorized person to modify the data. To ensure eth data integrity OS hardening
should be done along with the implementation of secured policies, IPS implementation, and
encryption (Henderson, 2017). For example, Confidentiality breach can occur in the ATMs when
user accidentally shares the PIN with someone else. In order to ensure confidentiality in the
ATM system, multifactor authentication should be done. The channel of communication between
the bank and user must be secured with encryption and encrypt the PIN also if possible. This is
the responsibility of end-user to make sure that they use a secure and strong pin while securing
the PIN of a card. Banks are also required to guarantee the privacy to avoid hacking whenever
there is interaction between the Bank server and ATM (Chia, 2012). To guarantee their integrity
is preserved and customer data is safe, it is essential to use sophisticated, effective technology
and adequate analysis & ATM collaboration.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Question 2
It is observed that together with some unique key, an ATM device includes 0-9 numeric key. It is
recognized that the thief reaches the 5 numeric buttons already, as per the specified situation.
Thus, he has the possibilities to combine ATM passwords which should be pursued within the
remaining 5 buttons. Because a PIN of ATM comprises of 4 numbers, it enables the thief to enter
4 numbers where the amount is 0000 at the reduced stage and 9999 at the greater stage because 0
is the lowest and 9 is the largest value in the integer value. Thus, the highest combination is the
following:
5P4 = 120
It is observed that together with some unique key, an ATM device includes 0-9 numeric key. It is
recognized that the thief reaches the 5 numeric buttons already, as per the specified situation.
Thus, he has the possibilities to combine ATM passwords which should be pursued within the
remaining 5 buttons. Because a PIN of ATM comprises of 4 numbers, it enables the thief to enter
4 numbers where the amount is 0000 at the reduced stage and 9999 at the greater stage because 0
is the lowest and 9 is the largest value in the integer value. Thus, the highest combination is the
following:
5P4 = 120
Question 3
Biometric is a way of authentication. This includes recognition of fingerprint, face, voice, DNA
verification, etc. for authentication. People are reluctant to the use of biometrics for the
authentication purpose. There are mainly following reasons behind the reluctance.
1. Accuracy issue: Decent user authorization is a big issue with bio-metrics application. It
becomes incorrect when evaluating the components of the body and should be correctly
authenticated to achieve correct results or outcomes. In addition, absence of attention in
bio-metric authentication could seriously harm the results of the same. To void this
situation, multifactor authentication system should be used along with the biometric
authentication system (Howell, 2017).
2. Failure points: the complete system is interconnected and a failure point could result in
the entire system being shut down. Also, there may be a situation that the ATM machines
will not operate correctly and could further disrupt the accounts of customers with the
help of the same. The Biometrics functionality relies on the recognition of the
individual’s face and a similar way could result as the complete system failure.
3. Cost issues: Because the use of bio-metrics is expensive in nature, it becomes
complicated to use, which can be either a nation or business level. Therefore, it is
necessary to properly evaluate or analyze the region or place before applying bio-metrics.
In addition, financial institution support can be used to correctly implement bio-metrics
(Frew, 2016).
Biometric is a way of authentication. This includes recognition of fingerprint, face, voice, DNA
verification, etc. for authentication. People are reluctant to the use of biometrics for the
authentication purpose. There are mainly following reasons behind the reluctance.
1. Accuracy issue: Decent user authorization is a big issue with bio-metrics application. It
becomes incorrect when evaluating the components of the body and should be correctly
authenticated to achieve correct results or outcomes. In addition, absence of attention in
bio-metric authentication could seriously harm the results of the same. To void this
situation, multifactor authentication system should be used along with the biometric
authentication system (Howell, 2017).
2. Failure points: the complete system is interconnected and a failure point could result in
the entire system being shut down. Also, there may be a situation that the ATM machines
will not operate correctly and could further disrupt the accounts of customers with the
help of the same. The Biometrics functionality relies on the recognition of the
individual’s face and a similar way could result as the complete system failure.
3. Cost issues: Because the use of bio-metrics is expensive in nature, it becomes
complicated to use, which can be either a nation or business level. Therefore, it is
necessary to properly evaluate or analyze the region or place before applying bio-metrics.
In addition, financial institution support can be used to correctly implement bio-metrics
(Frew, 2016).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Question 4
Following the situation, the existence of false negatives beyond false positives is highlighted.
Circumstance 1:
As stated above, the significant bio-metrics feature is focused on face recognition, in an urgent
scenario it would be treble the proprietor of a safe or locker. As a consequence of which the
owner continues to suffer and the scenario tends to turn out to be the false negatives. This is also
recognized that accessing location information can be permitted in a negative approach in bio-
metric. It is defined here that the person's date will be stored in different databases. In some
situations, it is also found that the person’s identification can’t be obtained because of the
technical problems. A person’s identity is not known as the primary issues which can be faced.
Circumstance 2:
This situation copes with physically harming individuals and creating near-death situations.
Employees running with cardiac arrest would not get a lot of help from other peers because bio-
metrics would not acknowledge the same thing. Rather, it could enforce more medical harm on
main staff and play with the lives. This kind of scenario appears to be incorrect and could be
hazardous for the whole workforce. The second type of problems that can be encountered is the
loss of personal personality. There is an extensive number of illegal actions that can be carried
out since the use of biometrics is late. Considering the point of connection, it has the capacity to
close the overall basis, along with various kinds of items that are needed to put data back. It
emerges to restore the vast amount of administrations needed for this particular concept or
thought (Howell, 2017).
Following the situation, the existence of false negatives beyond false positives is highlighted.
Circumstance 1:
As stated above, the significant bio-metrics feature is focused on face recognition, in an urgent
scenario it would be treble the proprietor of a safe or locker. As a consequence of which the
owner continues to suffer and the scenario tends to turn out to be the false negatives. This is also
recognized that accessing location information can be permitted in a negative approach in bio-
metric. It is defined here that the person's date will be stored in different databases. In some
situations, it is also found that the person’s identification can’t be obtained because of the
technical problems. A person’s identity is not known as the primary issues which can be faced.
Circumstance 2:
This situation copes with physically harming individuals and creating near-death situations.
Employees running with cardiac arrest would not get a lot of help from other peers because bio-
metrics would not acknowledge the same thing. Rather, it could enforce more medical harm on
main staff and play with the lives. This kind of scenario appears to be incorrect and could be
hazardous for the whole workforce. The second type of problems that can be encountered is the
loss of personal personality. There is an extensive number of illegal actions that can be carried
out since the use of biometrics is late. Considering the point of connection, it has the capacity to
close the overall basis, along with various kinds of items that are needed to put data back. It
emerges to restore the vast amount of administrations needed for this particular concept or
thought (Howell, 2017).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Question 5
In the provided case scenario, the simple text is encrypted by using the Caesar Cipher
substitution. After that this encrypted text was again encrypted by using Vignere Cipher and the
key for encryption was 567. Then after the completion of these two encryptions, the message
was again encrypted by using Vernam cipher that is single-time pad along with the provided key
and the length of the key is 30. The complete encrypted cipher text was an outcome of a
transposition technique. Vernam Cipher is the Transposition technique used in this scenario. In
order to decrypt this, first start with the last technique of encryption. The steps of the decryption
process are as following:
Encrypted or cipher text DJOCIT WWDN TYWTNAPRP BBMV SIWRVHCUTO
The below given is the conversion of the alphabetical cipher text into the numerical values.
Encrypted
text in
numerical
form
3,9,14,2,8,19,22,22,3,13,19,24,22,19,13,0,15,17,15,1,1,12,21,18,8,22,17,21,7,2,20,19,14
1. Vernam Cipher decryption
(a) Subtract the numerical values with provided values of key
Such as , 3-5 will give -2 and 9-7 will give 2
By taking mod 26 of the values will give the final outcome like 3-5 mod 26 will be 24
and 9-7 mod 26 will be 28.
Numerical
values of
cipher
Text
3,9,14,2,8,19,22,22,3,13,19,24,22,19,13,0,15,17,15,1,1,12,21,18,8,22,17,21,7,2,20,19,14
Given key 5,7,3,10,9,14,12,8,1,4,6,3,5,9,14,2,5,10,7,4,6,7,12,9,3,5,2,11,13,4,2,5,7
Subtractio
n
-2,2,11,-8,-1,5,10,14,2,9,13,21,17,10,-1,5,10,14,2,9,12,21,17,10,-1,-2,10,7,8,-3,-
5,5,9,9,5,17,15,10, -6,-2,18,14
Mod 26 24,28,37,18,25,31,36,40,28,35,39,47,43,36,25,24,36,33,34,23,21,31,35,35,31,43,41,36,20,2
4,44,40,33
2. Vignere cipher decryption
(a) Take provide key for the decryption that is 567
(b) Then use the outcomes of vernam decipher numerical values and tehn subtract it with the
provided key that is 567 and after that take mod 26.
(c) Like,
In the provided case scenario, the simple text is encrypted by using the Caesar Cipher
substitution. After that this encrypted text was again encrypted by using Vignere Cipher and the
key for encryption was 567. Then after the completion of these two encryptions, the message
was again encrypted by using Vernam cipher that is single-time pad along with the provided key
and the length of the key is 30. The complete encrypted cipher text was an outcome of a
transposition technique. Vernam Cipher is the Transposition technique used in this scenario. In
order to decrypt this, first start with the last technique of encryption. The steps of the decryption
process are as following:
Encrypted or cipher text DJOCIT WWDN TYWTNAPRP BBMV SIWRVHCUTO
The below given is the conversion of the alphabetical cipher text into the numerical values.
Encrypted
text in
numerical
form
3,9,14,2,8,19,22,22,3,13,19,24,22,19,13,0,15,17,15,1,1,12,21,18,8,22,17,21,7,2,20,19,14
1. Vernam Cipher decryption
(a) Subtract the numerical values with provided values of key
Such as , 3-5 will give -2 and 9-7 will give 2
By taking mod 26 of the values will give the final outcome like 3-5 mod 26 will be 24
and 9-7 mod 26 will be 28.
Numerical
values of
cipher
Text
3,9,14,2,8,19,22,22,3,13,19,24,22,19,13,0,15,17,15,1,1,12,21,18,8,22,17,21,7,2,20,19,14
Given key 5,7,3,10,9,14,12,8,1,4,6,3,5,9,14,2,5,10,7,4,6,7,12,9,3,5,2,11,13,4,2,5,7
Subtractio
n
-2,2,11,-8,-1,5,10,14,2,9,13,21,17,10,-1,5,10,14,2,9,12,21,17,10,-1,-2,10,7,8,-3,-
5,5,9,9,5,17,15,10, -6,-2,18,14
Mod 26 24,28,37,18,25,31,36,40,28,35,39,47,43,36,25,24,36,33,34,23,21,31,35,35,31,43,41,36,20,2
4,44,40,33
2. Vignere cipher decryption
(a) Take provide key for the decryption that is 567
(b) Then use the outcomes of vernam decipher numerical values and tehn subtract it with the
provided key that is 567 and after that take mod 26.
(c) Like,
Numerical
Outcome
of vernam
Cipher
24,28,37,18,25,31,36,40,28,35,39,47,43,36,25,24,36,33,34,23,21,31,35,35,31,43,41,36,20,2
4,44,40,33
Key 5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,
Subtractio
n
19,22,30,13,19,24,31,34,21,30,33,40,38,30,18,19,30,26,29,17,14,26,29,28,26,37,34,31,14,1
7,39,34,26
3. Ceaser Cipher Substitution – brute force
In this method, use the brute force method which will use shifting method from 1 to 15. But the
answer is found in one shift only so there is no requirement to go ahead.
After
shiftin
g
values
by 1
20.23.31.14.20.25.32,35,22,31,34,41,39,31,19,20,31,27,30,18,15,27,30,29,27,38,35,32,15,18,40
,35,27
Final
result
TWENTY FIVE HOMESESTEAD ROAD CALIFORNIA
Outcome
of vernam
Cipher
24,28,37,18,25,31,36,40,28,35,39,47,43,36,25,24,36,33,34,23,21,31,35,35,31,43,41,36,20,2
4,44,40,33
Key 5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,5,6,7,
Subtractio
n
19,22,30,13,19,24,31,34,21,30,33,40,38,30,18,19,30,26,29,17,14,26,29,28,26,37,34,31,14,1
7,39,34,26
3. Ceaser Cipher Substitution – brute force
In this method, use the brute force method which will use shifting method from 1 to 15. But the
answer is found in one shift only so there is no requirement to go ahead.
After
shiftin
g
values
by 1
20.23.31.14.20.25.32,35,22,31,34,41,39,31,19,20,31,27,30,18,15,27,30,29,27,38,35,32,15,18,40
,35,27
Final
result
TWENTY FIVE HOMESESTEAD ROAD CALIFORNIA
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Conclusion
The report covered the concept of security in an ATM system. The report included the
requirements of availability of the data, integrity, and confidentiality of the data. There are issues
with the use of biometrics like cost, accuracy and other failure points. There are various methods
to cop up with these problems. With the help of two scenarios, it can be concluded that the false-
negative can cause serious harm than the false positive.
The report covered the concept of security in an ATM system. The report included the
requirements of availability of the data, integrity, and confidentiality of the data. There are issues
with the use of biometrics like cost, accuracy and other failure points. There are various methods
to cop up with these problems. With the help of two scenarios, it can be concluded that the false-
negative can cause serious harm than the false positive.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
References
Chafai, S. (2012). Bank Fraud & ATM Security. Retrieved 23 August 2019, from
https://resources.infosecinstitute.com/bank-fraud-atm-security/#gref
Chia, T. (2012). Confidentiality, Integrity, Availability: The three components of the CIA Triad
« Stack Exchange Security Blog. Retrieved 23 August 2019, from
https://security.blogoverflow.com/2012/08/confidentiality-integrity-availability-the-three-
components-of-the-cia-triad/
Frew, J. (2016). 6 Reasons Why Biometrics Are NOT the Way of the Future. Retrieved 23
August 2019, from https://www.makeuseof.com/tag/6-reasons-biometrics-not-way-future/
Henderson, A. (2017). The CIA Triad: Confidentiality, Integrity, Availability - Panmore
Institute. Retrieved 23 August 2019, from http://panmore.com/the-cia-triad-confidentiality-
integrity-availability
Howell, K. (2017). 3 Problems with Biometric Security, including Fingerprint ID. Retrieved 23
August 2019, from https://blog.ipswitch.com/3-reasons-biometrics-are-not-secure
Mani, V. (2018). Key Elements of an ATM Security Review - The Digital Transformation
People. Retrieved 23 August 2019, from
https://www.thedigitaltransformationpeople.com/channels/cyber-security/key-elements-atm-
security-review/
Rouse, M. (2019). What is confidentiality, integrity, and availability (CIA triad)? - Definition
from WhatIs.com. Retrieved 23 August 2019, from
https://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA
Chafai, S. (2012). Bank Fraud & ATM Security. Retrieved 23 August 2019, from
https://resources.infosecinstitute.com/bank-fraud-atm-security/#gref
Chia, T. (2012). Confidentiality, Integrity, Availability: The three components of the CIA Triad
« Stack Exchange Security Blog. Retrieved 23 August 2019, from
https://security.blogoverflow.com/2012/08/confidentiality-integrity-availability-the-three-
components-of-the-cia-triad/
Frew, J. (2016). 6 Reasons Why Biometrics Are NOT the Way of the Future. Retrieved 23
August 2019, from https://www.makeuseof.com/tag/6-reasons-biometrics-not-way-future/
Henderson, A. (2017). The CIA Triad: Confidentiality, Integrity, Availability - Panmore
Institute. Retrieved 23 August 2019, from http://panmore.com/the-cia-triad-confidentiality-
integrity-availability
Howell, K. (2017). 3 Problems with Biometric Security, including Fingerprint ID. Retrieved 23
August 2019, from https://blog.ipswitch.com/3-reasons-biometrics-are-not-secure
Mani, V. (2018). Key Elements of an ATM Security Review - The Digital Transformation
People. Retrieved 23 August 2019, from
https://www.thedigitaltransformationpeople.com/channels/cyber-security/key-elements-atm-
security-review/
Rouse, M. (2019). What is confidentiality, integrity, and availability (CIA triad)? - Definition
from WhatIs.com. Retrieved 23 August 2019, from
https://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA
1 out of 11
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.