multi level robust data security system nearly 3.2 million debit cards in 2016, was caused by a...

Download Multi Level Robust Data Security System nearly 3.2 million debit cards in 2016, was caused by a malware

Post on 25-Jun-2020




0 download

Embed Size (px)


  • Multi Level Robust Data Security System

    R.Anirudh Reddy1, T.Vasudeva Reddy1, G.Akhil2, S.ManinderReddy2,

    P.S.S.Pavan Kumar2,N.Siva Dinesh2

    Faculty1, Student2, Electronics and Communication Engineering1,2,

    B.V.Raju Institute of Technology1,2, Narsapur, Hyderabad, Telangana, India

    April 28, 2018


    Nowadays security aspect is one of the prime concerns. In the rapid changing environment its not easy to main- tain integrity and authenticity of persons. There is a lot of risk to losing money and identity if we lose our ATM PIN.At present, In Automatic Teller Machines (ATMs), the authentication of users bank card is based on pin number. So it is a risky factor to solely depend upon single phase of authentication, so there is need of multilevel data secu- rity system which leads to the addition of Biometric ver- ification.Biometric authentication of any kind is the pro- cess by which a person can be distinguished from one an- other by assessing one or more physical attributes. Adding together fingerprint recognition and iris recognition along with pin number would definitely make the authentication of users bank card safer..In the process of accessing the bank card, the pin number, fingerprint recognition, iris recogni- tion make the first, second and third level of security. The user can either opt for fingerprint recognition or iris recog- nition or both i.e. based on his required level of security but


    International Journal of Pure and Applied Mathematics Volume 118 No. 24 2018 ISSN: 1314-3395 (on-line version) url: Special Issue

  • entering pin number is mandatory as a first level of security. Global System for Mobile (GSM) helps the user in knowing his transactions occurring with or without his knowledge. A Globally Positioned System (GPS) finds the position of that place i.e. in terms of latitude and longitude, where the bank card is authenticated.

    Key Words:Fingerprint Recognition, IRIS Recognition, GSM, GPS,Raspberry-Pi,Security

    1 Introduction

    In the current framework the way banking andtransaction system is reforming with time in global scope, the validation, authentication and endorsement of a person is very predominant and should be of more concern. Due to the rapid digitalization of the world the tally of individuals using ATM is in great number when compared to that of people not utilizing them. Nowadays the prompt and immediate requirement of any individual is money and its security. People these days are laboriously concerned about earning the money, so they implicitlyhave the right to secure their money. Due to the technical advancements in ATMs individuals are able to transact money, check the account balance and in recent times payment of bills and transfer of money is also possible through point of sale terminals(POS). From ATMs the transactions are done with the help of either debit card or credit card which are provided by the respective banks of the personnels.The card that is given to the in- dividuals subsists of a magnetic strip and a memory chip embedded in it which has the coded information along with unique identity of the corresponding individual.

    The ATM machine takes the card as an input and reads the data of the card through the magnetic strip. But as we all know that there are two sides of a coin, the technological advances also assisted the fraudsters in recreating the actual cards of users i.e.., cloned cards and they are using them without the cognizance of the authorized user.

    To impede these fraudulent activities biometric verification sub- stitutes as the solution for foolproof security.


    International Journal of Pure and Applied Mathematics Special Issue


    The motivation behind this concept of putting couple ofauthenti- cation steps after entering pin number for accessing the bank card is described in the following paragraphs.

    The largest data breach in Indias banking system, which affected nearly 3.2 million debit cards in 2016, was caused by a malware injection. While the debit card data was compromised between 21 May and 11 July of 2016, it was not until September 2016 that the banking system became aware of this large-scale data breach [5].

    The breach is said to have originated in malware introduced in systems of Hitachi Payment Services, enabling fraudsters to steal information allowing them to steal funds. Hitachi, which provides ATM, point of sale (POS) and other services. The malware, being sophisticated in its design, had been able to work undetected and had concealed its tracks.

    Banks received multiple complaints from customers about cards being used in China at various ATMs and point of sale terminals. A forensic audit has been ordered by Payments Council of India on Indian bank servers and systems to detect the origin of frauds that might have hit customer accounts.

    The reason why such cyber attacks are happening today is be- cause of the ineffective implementation of the payment security standards. Organizations need to pay a lot more emphasis to this than they currently do. With demonetization, and with an increase in the number of digital payments, such attacks are going to get worse.


    ATM is Automated Teller Machine. Its been a boon to the peo- ple as it is modeling the livesof theindividualseffortless. All that is obligatory to have access to the ATM is, the card given to the accountholder by the respective bank and the pin number .By hav- ing those, one can withdraw money from any ATM machine of that corresponding bank. All that we have nowadays at the ATMs is two factor authentications. That is a card and the pin. The first phase of authentication being the card and it is followed by the valid pin number. In the current scenario, with the aid of technical


    International Journal of Pure and Applied Mathematics Special Issue

  • furtherances, the fraudsters are able to make a guile copy of those actual cards and reuse them without the perception of the actual authorized user.

    Figure 1: Internal Structure of ATM

    This is an example of UML internal structure diagram which shows composite structure of a bank Automated TellerMachine (ATM). The motive of this diagram is to display the internal ar- chitecture of a bank ATM and correlation between different block of the ATM. Bank ATM is typically made up of several devices such as central processor unit (CPU), crypto processor, memory, customer display, function key buttons (usually located near the display), magnetic and/or smart chip card reader, encrypting PIN Pad, customer receipt printer, vault, modem.

    Card Reader: functionality is to accept the valid card inserted by the user. Keypad: Use for PIN code input, choices, amount of money etc as the input to the ATM machine. Display Screen: It is a small screen used for displaying the activ- ities of the process for users convenience. Screen Buttons: When options are given on the screen one user can choose any of the options accordingly +by the use of button on left or right side of the screen. These buttons select the option


    International Journal of Pure and Applied Mathematics Special Issue

  • from the screen. Cash Dispenser: Withdrawal money is given by this slot. De- posit Slot: To deposit money this slot is use. Speaker: Speaker facilities to the customer by giving auricular feedback.

    Figure 2: Interactive Components of ATM

    In the consideration of ATM, the concern of security is of prime importance because all over the world, there is an increasing use of ATMs and so the risks of hacking them to be a reality more than ever before. The purpose of ATMs is to supply cash in the form bank notes and to charge a respective bank account. In the case of withdrawal of money, different routines were used. For illustration, punched cards were used. By the manoeuvre of such cards, only single payment was authorized. Thereby, an individual had to get a bunch of cards from the respective bank because the punched cards were not returned to the user. Another exemplar was the use of a magnetic card which had a finite life. The use of magnetic cards enabled for specimen, twenty withdrawals of money. Personal identification number (PIN) has been of very supreme importance in the operation of ATM.

    The There are possibilities of hacking keys or duplicated; Signa- tures could be forged, passwords could be easily 65Stolen or hacked by a specialist people. To avoid all these accidental loses, we should


    International Journal of Pure and Applied Mathematics Special Issue

  • enter biometric security and all our fears could be laid to rest. Bio- metric security system simply allows indentifying yourselves by your inherent biological feature like eye, fingerprint, voice; facial charac- teristics etc. By verifying your biological or physical characteristics you can authenticate yourself very easily just like your signature on a check


    Passwords and PIN numbers are the uncomplicated and key tar- gets to be purloined or discovered by any means and after that they can beexploited by people with criminal mindset over the internet and also at other business places for their use. Moving towards biometric security from the conventional PIN code access control- ling, may mitigate the chances offrauds and it may also expels the need of multi password authenticity system. So our proposal is to make use of biometrics as the multiple phases of authentication that would assuredly result in resolute level of security. Biometric security solution is the way of validating the phy


View more >