Re: ATM card pins

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

John Moore (jmoore@speedchoice.com)
Sat, 8 Aug 1998 17:59:37 -0700

Next message: EpicTeU@aol.com: "Winsock Connections exploits"
Previous message: Rodney Thayer: "Fwd: Re: RC6 legal status"
Maybe in reply to: Bruce Schneier: "Re: RC6 legal status"

A decade or so ago my company was a subsidiary of Visa and we worked on
network security among other things. At that time, PINs were surprisingly
secure:
        -An ATM is built as vaults within vaults. The electronics is inaccessible
to the person
         who services the money drop, etc. Tamper and heat sensors send alarms to
the network.
        -In the networks I am familiar with, the ATM encrypts the PIN using DES. It
then sends the message
         through the network. At any time where the PIN goes through a foreign
network, it has to be decrypted
         and reencrypted. This is done in boxes that are also built like vaults and
which do the encryption
         and decryption internally, and hold the keys internally. They were
specifically designed to provide
         physical and electronic security for key storage.
        -No human ever has a DES key for the system. Keys are generated, and then
distributed by various
       schemes. The one I was familiar with involved storing the key (itself
encrypted) in a handheld
         device. When the key was transferred to the box, it was erased from the
generator. When it was
         transferred from the box, it was erased from the box (there was some way
to give the key to more
         than one physical box but the mechanism was simpler).
        -PINs are never stored in plaintext. The encrypted pin is stored on the
database. I believe it is
         stored as a one-way hash but I am not sure. In any case, the database is
quite secure from snooping.

On the other hand, two decades ago we implemented the first statewide EFT
switch in the US. At that time the banks refused to encrypt anything. One
could read PIN/PAN (account #) pairs off of the line monitor. Presumably by
now they have encrypted.

We proposed an encryption scheme to them, and even wrote up how to select
keys by rolling dice and random number tables. It apparently confused them,
so they did nothing at all.

>
John

John Moore
Phoenix, AZ

ozone@primenet.com <mailto:ozone@primenet.com>

Next message: EpicTeU@aol.com: "Winsock Connections exploits"
Previous message: Rodney Thayer: "Fwd: Re: RC6 legal status"
Maybe in reply to: Bruce Schneier: "Re: RC6 legal status"

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

All trademarks and copyrights are the property of their respective owners.
Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:10:56