Improvising Authenticity and Security of Automated Teller Machine Services

This work aims at improvising the security and authenticity of the Automated Teller Machine (ATM) using a trusted third party application. This system would in turn benefit all the customers who have a valid ATM card registered officially with their mobile number. This system provides the following facilities of withdrawing currency at any remote terminal, verification of the end users identity using Personal Identification Number and an authentic One-Time- Passkey (Pk) validation through the mobile. The customers, without any insider privileges, can withdraw currency without being detected by any mechanisms of theft of card and eaves dropping of the Password from the card holders within the terminal software are also the major threat yet to be addressed. A basic solution is the ATM systems having a two tier authentication Pk and Random Security Question (RSQ) are being generated and validated from the user’s input from the ATM Terminal with authenticity being ensured and the confidentiality being maintained. In such a system, the correctness burden on the terminal’s code is significantly less as the customers have been given the chance to authorize themselves from their hand-held devices and are allowed to withdraw currency in terminal only after their identity is proved by a series of authentication procedures. In this paper along with the dual tier authentication implementation, the issues arise along with them and the solvencies to these issues related to the generation of the RSQ and Pk independent and unique for each session are addressed.