The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Baru-baru ini, penjenayah sering menggunakan serangan logik ke rangkaian Mesin Teler Automatik (ATM) dan institusi kewangan (FI) untuk mencuri wang tunai. Kami mencadangkan langkah keselamatan yang menggunakan peranti persisian dalam ATM untuk urus niaga kad pintar untuk mengelakkan "pengeluaran tunai tanpa kebenaran" daripada serangan logik, dan rangka kerja asas sebagai model umum ukuran dalam kertas lain. Memandangkan langkah itu boleh menghalang serangan logik tersebut dengan perkakasan kalis gangguan, agak sukar bagi penjenayah untuk berkompromi dengan langkah tersebut. Walau bagaimanapun, penjenayah masih boleh melakukan pelbagai jenis serangan logik ke ATM, seperti "deposit tanpa kebenaran", untuk mencuri wang tunai. Dalam kertas ini, kami mencadangkan langkah keselamatan menggunakan peranti persisian untuk menghalang deposit tanpa kebenaran dengan kad pintar. Langkah tersebut perlu melindungi pelbagai sub-proses transaksi dalam transaksi deposit daripada pelbagai jenis serangan logik dan diselaraskan dengan sistem/operasi ATM sedia ada. Pelaksanaan rangka kerja asas yang sesuai diperlukan untuk ukuran dan reka bentuk pelaksanaan tersebut mengelirukan kerana banyak perkara yang perlu dipertimbangkan. Oleh itu, langkah itu juga menyediakan analisis model pelaksanaan rangka kerja asas untuk memperoleh pelaksanaan yang sesuai bagi setiap titik pertahanan dalam transaksi deposit. Dua jenis pelaksanaan ukuran diperolehi sebagai hasil analisis.
Hisao OGATA
Hitachi-Omron Terminal Solutions, Corp.,Yokohama National University
Tomoyoshi ISHIKAWA
Hitachi-Omron Terminal Solutions, Corp.
Norichika MIYAMOTO
Hitachi-Omron Terminal Solutions, Corp.
Tsutomu MATSUMOTO
Yokohama National University
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Salinan
Hisao OGATA, Tomoyoshi ISHIKAWA, Norichika MIYAMOTO, Tsutomu MATSUMOTO, "An ATM Security Measure to Prevent Unauthorized Deposit with a Smart Card" in IEICE TRANSACTIONS on Information,
vol. E103-D, no. 3, pp. 590-601, March 2020, doi: 10.1587/transinf.2019EDP7143.
Abstract: Recently, criminals frequently utilize logical attacks to Automated Teller Machines (ATMs) and financial institutes' (FIs') networks to steal cash. We proposed a security measure utilizing peripheral devices in an ATM for smart card transactions to prevent “unauthorized cash withdrawals” of logical attacks, and the fundamental framework as a generalized model of the measure in other paper. As the measure can prevent those logical attacks with tamper-proof hardware, it is quite difficult for criminals to compromise the measure. However, criminals can still carry out different types of logical attacks to ATMs, such as “unauthorized deposit”, to steal cash. In this paper, we propose a security measure utilizing peripheral devices to prevent unauthorized deposits with a smart card. The measure needs to protect multiple transaction sub-processes in a deposit transaction from multiple types of logical attacks and to be harmonized with existing ATM system/operations. A suitable implementation of the fundamental framework is required for the measure and such implementation design is confusing due to many items to be considered. Thus, the measure also provides an implementation model analysis of the fundamental framework to derive suitable implementation for each defense point in a deposit transaction. Two types of measure implementation are derived as the result of the analysis.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2019EDP7143/_p
Salinan
@ARTICLE{e103-d_3_590,
author={Hisao OGATA, Tomoyoshi ISHIKAWA, Norichika MIYAMOTO, Tsutomu MATSUMOTO, },
journal={IEICE TRANSACTIONS on Information},
title={An ATM Security Measure to Prevent Unauthorized Deposit with a Smart Card},
year={2020},
volume={E103-D},
number={3},
pages={590-601},
abstract={Recently, criminals frequently utilize logical attacks to Automated Teller Machines (ATMs) and financial institutes' (FIs') networks to steal cash. We proposed a security measure utilizing peripheral devices in an ATM for smart card transactions to prevent “unauthorized cash withdrawals” of logical attacks, and the fundamental framework as a generalized model of the measure in other paper. As the measure can prevent those logical attacks with tamper-proof hardware, it is quite difficult for criminals to compromise the measure. However, criminals can still carry out different types of logical attacks to ATMs, such as “unauthorized deposit”, to steal cash. In this paper, we propose a security measure utilizing peripheral devices to prevent unauthorized deposits with a smart card. The measure needs to protect multiple transaction sub-processes in a deposit transaction from multiple types of logical attacks and to be harmonized with existing ATM system/operations. A suitable implementation of the fundamental framework is required for the measure and such implementation design is confusing due to many items to be considered. Thus, the measure also provides an implementation model analysis of the fundamental framework to derive suitable implementation for each defense point in a deposit transaction. Two types of measure implementation are derived as the result of the analysis.},
keywords={},
doi={10.1587/transinf.2019EDP7143},
ISSN={1745-1361},
month={March},}
Salinan
TY - JOUR
TI - An ATM Security Measure to Prevent Unauthorized Deposit with a Smart Card
T2 - IEICE TRANSACTIONS on Information
SP - 590
EP - 601
AU - Hisao OGATA
AU - Tomoyoshi ISHIKAWA
AU - Norichika MIYAMOTO
AU - Tsutomu MATSUMOTO
PY - 2020
DO - 10.1587/transinf.2019EDP7143
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E103-D
IS - 3
JA - IEICE TRANSACTIONS on Information
Y1 - March 2020
AB - Recently, criminals frequently utilize logical attacks to Automated Teller Machines (ATMs) and financial institutes' (FIs') networks to steal cash. We proposed a security measure utilizing peripheral devices in an ATM for smart card transactions to prevent “unauthorized cash withdrawals” of logical attacks, and the fundamental framework as a generalized model of the measure in other paper. As the measure can prevent those logical attacks with tamper-proof hardware, it is quite difficult for criminals to compromise the measure. However, criminals can still carry out different types of logical attacks to ATMs, such as “unauthorized deposit”, to steal cash. In this paper, we propose a security measure utilizing peripheral devices to prevent unauthorized deposits with a smart card. The measure needs to protect multiple transaction sub-processes in a deposit transaction from multiple types of logical attacks and to be harmonized with existing ATM system/operations. A suitable implementation of the fundamental framework is required for the measure and such implementation design is confusing due to many items to be considered. Thus, the measure also provides an implementation model analysis of the fundamental framework to derive suitable implementation for each defense point in a deposit transaction. Two types of measure implementation are derived as the result of the analysis.
ER -