North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ATM failure - No the other kind of ATM

  • From: mike harrison
  • Date: Wed Sep 05 18:37:04 2001

> Somehow I think they would be extremely reluctant to tell anyone what they 
> use inside their ATMs....

Security through obscurity... most of them are not even encrypted
and if they use dial-up lines (instead of dedicated lines)
it's often just like the point of sale stuff.. 1200/2400 baud dial-on
demand,  it takes a few seconds to sync, send a short text string, get a
reply auth.

On the other side.. I just inherited some hardware encrypted triple-des
modems and serial interface cards, as well as a Cylink V.35 hardware
encryption 'shim' with valid keys for a large banks wire transfer
department... I guess I should ship it to them. From Argentina? 
(Just kidding, I like being an American Citizen) 

As a part of other work we do here, we deal with ACH money transfers.
The backup method of connection to one institution that we help a customer
move millions per day through is a plain text e-mail to an AOL address.
We've tried to explain, even refused to send the files, but no clue is in 
sight. They don't even want them zipped. Secure e-commerce is a
farce, even at the corporate giant level.  --Mike--