Product Profile
The chosen financial institution for this report is Commonwealth Bank Australia. It is the largest banking institution in Australia. The institution has a broadly diversified portfolio of financial products and services. The bank offers loans, investment trading, credit cards, and insurance protection and so on to its customers. It offers business finance related product, services such as, transaction accounts, credit, and debit cards business insurance to its every customer. The report focuses the use, operation, and services of the ATM products offered by the common wealth bank of Australia. There are a number of services that is offered by ATM, which includes quick money withdrawn, money transfer, quick exchanges and so on. An ATM card is a payment card that is generally issued by a financial institution enabling its customer in accessing an automated teller machine. Commonwealth bank offers a varied range of credit and debit cards that simplifies the regular transactions of the customer. It offers a basic debit card for convenient access to the bank account of the customer. With this card, the customers or more specifically the cardholders get an access to contactless technology using the masterCard payPass. This master card comes with added security options that help in protecting the transactions. The security features incorporated with the ATM card offered by Commonwealth bank includes CHIP technology, a card security code, unique card number and online security through both common wealth bank and master card’s secure code online registration service. The report focuses on the different technologies that are employed by an ATM product along with the different security problems that a product might face. The report further evaluates the legal, ethical, privacy and security issues along with the future technology and trends associated with ATM cards.
ATM service offered by the Commonwealth bank is a part of electronic banking services. It offers convenience in conducting most of the banking transactions at any point of time. The ATM card allows the customers in conducting banking transactions with electronic equipment. Commonwealth bank of Australia is a multinational bank, operating in Australia, New Zealand, Asia, US and UK (Commbank.com.au. 2017). It offers a wide range of financial services to its customers, which include retail, business as well as institutional banking. Commonwealth bank was founded in the year 1911 by government of Australia. The corporate responsibility of the bank focuses on driving positive change across the country by helping in education, community and good business practice. Commonwealth bank aims at serving a diverse community by providing equal access and proper support even to the people with disability. Varieties of services are offered by the organization to its customer, in order to provide them with an excellent user experience and hassle free banking operations.
ATM cards are widely used across the world as a tool for money withdrawal as well as for carrying out online transactions. An ATM card can be described as a payment card that is issued by a respective financial institution of the customer that enables one to access ATM machines and conduct online transactions. The ATM card offered by the Commonwealth bank provides a wide range of services, which includes cash withdrawal, paying and transferring money online, obtaining account information and so on. The ATM services not only allows a quick cash withdrawal, it further helps in paying the utility bills, transferring funds, requesting for new services and to fetch the details of recent transactions as well.
Computer Based Information System
An ATM or automatic teller machine allows an ATM cardholder to complete few basic transactions without the help or interference of the bank. The machine is well equipped and offers a variety of services. The machine is capable of accepting the deposit along with facility of credit card payment and reporting the account information. Only the customers or the account holders can only access this electronic machine as prior to the use of ATM services, the user must prove their authenticity. The ATM card provided to the customer is used in processing all types of transaction in the ATM machine. The ATM card is encoded with a magnetic strip that contains an identification code. This identification code is validates the authenticity of the customer. The identification code present in the magnetic strip is transmitted to the central computer of the bank by a modem once the cardholder places the card in the specific card slot of the machine (Sullivan 2014). Users need to insert the card in the specified slot in order to gain access to their account and process the essential account transactions. Shepherd-Barron invented this technology in the year 1960.
The input devices associated with an ATM machine includes a card reader and a keypad, while the output devices include speaker, display screen, receipt printer and cash depositor.
Figure 1: Representing the block diagram of ATM
(Source: More and Markande 2016)
ATM technology is seeing a rapid evolution with continuous advancements and modification in hardware communication and security technologies. The technological advancement is essential in order to cope up with the growing demand of ATM facilities across the world. Increase in sophisticated cash deposit methods with the help of ATM machines have been possible with proper technological advancements in hardware, software, database, customer data and security protection. The technologies employed in these fields are elaborated in the following sections (Jog et al. 2013).
The minimum hardware requirement for an ATM machine includes CPU Intel core i5 750 with a minimum RAM of 2GB. The HDD requirement is 200 GB with a network adapter and X.25 controller. One of the major requirements of an Automated teller machine is an uninterruptible power supply. The system is to be sturdy enough to handle the load and offer an uninterrupted service to the customers 24*7 (Sakharova 2012). The machine needs to interact with the customers in order to gather transaction information, which is needed to be transmitted to the central computer. Therefore, the hardware configuration of the system is needed to be up to date in order to eliminate the chances of technical failure in the system. The major hardware components associated with an ATM machine includes cassettes, memory drives, dispensers, switches touch screen, a keyboard, a card reader, receipt printer along with a ticket printer, networking port and disks.
The ATM machine is a functional unit that consists of various sub components. The software installed within the system helps the customers in accessing their bank accounts remotely. Furthermore, the ATM needs to communicate with the central bank’s server with the help of a dial up communication link. Majority of the ATM uses Microsoft windows operating system. Technological advancements towards the software requirements of an ATM is necessary for eliminating the risk of system failure. The memory system of the ATM machine is non-volatile and proper data communication protocol is implemented in the system, which ensures reliability (Ramakrishna, Pramod and Kumar 2015).
Hardware
The ATM database is an important component of the entire ATM operation. It stores the data of the user along with the details of the transactions carried on by the cardholders. The database is linked with the central computer system of the bank that helps in validating the authenticity of the users. The database stores all the essential information such as the card number, the details of the cardholder and the pin that the cardholder needs to provide for carrying out a monetary transaction. This information however, is secured in the database with proper encryption methods that prevent any unauthorized access to the confidential information. Therefore, the bank ensures that the ATM database is properly designed and coded accompanied with adequate security measures. The technological advancement in the ATM database is necessary, as the machine communicates each transaction to the database in order to obtain the customer’s verification.
The ATM at first needs to validate the customer data before processing any request that is initiated by a customer. The customer details are stored and maintained by the bank in proper storage systems. The ATM operations, credit card usages and management of investment capital require huge transactional speed. Customers’ data is stored in an integrated database that is directly linked with the different ATM machines of the bank. Technological advancement has ensured proper security if the customers’ data so that no intruder can misuse it.
Once a cardholder places his/ her card in the card reader, the data of the card is captured and is transferred to the central computer system database of the bank for verification. Once the data is verified, the machine carries on with further transaction (Ayyagari 2012).
Customers’ data is the most vital resource of any institution. Therefore, ensuring proper protection of the same is essential. The core information used in any ATM transaction is verification of the customers’ details. Commonwealth bank is a leading multinational bank with millions of data stored in their database. The institution ensures proper data protection and encryption standards in maintaining the privacy and confidentiality of the data. Lack of proper data protection may lead to misuse of the customers’ data, which cannot be afforded.
The information entrusted by the customers is protected as any breaches in confidential data can levy a huge loss on the organization. Proper security measures include up to date IT systems, antivirus and up to date firewall protection. Furthermore, regular back up to the customer data is essential using an offsite data backup service. This can minimize the effect of malicious attack on the customer data and can further help in easy data recovery. Proper information security systems are maintained within the financial institution for protection of the customers’ data and records.
Proper security protection is essential in order to ensure that the customers’ data are not compromised. Commonwealth bank ensures that the ATM service is compatible with proper security standards. The encryption standard used by the bank in checking the authenticity of the card and the pin is triple DES.
Software
There are many security features that are used to increase the security of ATM cards. A security chip is embedded in the ATM card that enhances the payment security. This chip generally creates unique data with every new transaction that makes the counterfeiting even more difficult. Furthermore, there are additional security measures, such as SecureCode, that come along with ATM cards. Financial institutions often undertake tokenization for reducing the fraud associated with online and contactless payments.
Transaction using an ATM card or contactless payment has a number of security concerns. Different occurrence of the security breaches in use of ATM cards can be seen. Staring from the security breach due to loss of the card to hacking of the pin details in launching a breach is seen in the past. Digital security risks associated with the use of ATM card include unauthorized use of the card, hardware theft, software theft, information theft, system failure along with internet and network attacks. These digital security risks associated with an ATM card is elaborated in the following sections.
Unauthorized use of ATM card refers to the use of the card by a person other than the intended user; that is, a transaction or fund transfer from a customers’ account, which is initiated by the consumer without the actual authority to initiate the transaction. The unauthorized use of ATM card is may lead to a huge loss of the cardholder and in turn the financial institution. It is type of identity theft as well as an individual is using someone else’s card information to initiate a transaction.
According to RamaKalyani and UmaDevi (2012) with the increase in the use of credit and debit cards for online transactions, considerable credit card frauds has also increased. Customers’ data of an online baby products retailer named babygear.com was breached in September by a hacker in Yugoslavia. This breach could be shut down only in December; however, by that time the hacker could gain access to all the credit and debit card records stored within the system. Hundreds of customers of this online site were affected by this data breach, and by the time they could detect the unauthorized use of their card, hundreds of dollars have been lost already (Harrell and Langton 2013. ).
The Automated Teller machines are to be designed in a manner so that it provides multiple points of protection against the physical as well as the electronic thefts from the ATM machines (Raj and Julian 2015). The hardware theft in the Automated teller machine can result in the considerable loss of the institution. Therefore, it is essential for the financial institution to prevent the ATM from financial thefts.
Cybercrimes are wide-spread across the globe and can be defined as a situation when hackers gets access to a computer, making use of a malware. This is a dangerous threat to the safety of online transaction that a user may carry out using his ATM card (Patel and Singh 2013.). One of the significant vulnerabilities that hackers use to access the confidential information of the user is the vulnerability in the software as well as the improper computer and security configuration. In order to prevent these types of attacks in the system, it is essential for the financial institution to keep their security and software patches up to date. The security settings is needed to be configured for the operating system, the automatic teller machine is using along with the security software to readily detect a security breach. One of the significant examples of a digital security breach that spread across the world due to improper security configuration and un-patched operating system is the worldwide WannaCry ransomware attack that broke in this year in the month of May. According to Mohurle and Patil (2017) although digitalization has considerably improved the lifestyle of people, it is a primary reason that creates a problem of security for personal as well as the confidential information that might be stored within a system, here it is the database of the financial institution that is loaded with the every details of the customers. WannaCry ransomware attack has been the worst attack in the history of digital security breach that could only spread due to the negligence of the people. Software security is top-most essential when it comes to protection of a system from software theft, which may further lead to loss and misuse of the valuable information that is stored in the system. Therefore, taking a preventive measure is essential for keeping the entire system safe from the malicious use. In order to prevent a security theft, it is essential for the financial institution to install and keep an updated version of the software along with the usage of a reputable software suite in the systems.
Database
Information Theft is another concern associated with the digital security of the automated teller machines. Attackers often steal the personal information of people in order to use it for launching criminal offence. It can be termed as a crime where an imposter collects some vital information of a person in order to impersonate someone else. One of the leading examples of information theft is credit card frauds. This is because credit cards are quite easy to use fraudulently, as credit cards do not require any extra identification number to use. According to Harrell and Langton (2013), almost 7% of all US residents of age 16 or older were victims of identity or information theft in the year 2012. These people were the victims of the fraudulent use of the existing account information. One wide spread example of information theft is Facebook security scam. In the year, 2012, hackers hacked the Facebook accounts of many Facebook users with an aim of stealing users’ financial information. The hackers sent messages to the users directing them to a fake Facebook page compelling them to enter their login and credit card details in order to secure their account (Oko and Oruh 2012.).
System Failure refers to the malfunctioning of the hardware and operating system. System failure if a significant risk in digital security as it can stop all the vital operation. This is a significant risk because if a system failure occurs, it might lead to loss of vital information (Stallings and Brown 2012).
Internet and network attack is another significant digital security risk. Hackers might use the vulnerability in the network of the financial information to steal the vital information about the customers, which they can further use to launch a crime. Identity spoofing is a major tool used for launching a network attack. Attackers use special programs to construct IP packets that appear to originate from a valid address. These packets are used to modify, reroute and deletion of the confidential data of the network. Denial of service attack is another significant example of internet and network attack that prevents the normal use of the system by valid users.
ATM is nowadays not only used for money withdrawal but also has a variety of usages. ATM services offers number of services and therefore, debit cards, credit cards and so on are used for high value transactions. With the advent of digital money technologies, it is evident that this technology is sure to bring a revolution in the fields of digitala money and contactless payment.
Online banking is a technology that has revolutionized people’s perspective about banking. This technology allows the user in executing every financial transaction with the help of internet. This electronic payment system enables the customer in conducting a wide range of financial transaction through the website of the financial institution. This technology provides an ability to manage all the transactional accounts online with the help of internet and thus the user does not have to visit a bank branch. It provides a number of benefits to the user in terms of real time view of the finances that eliminates the need to visit the bank. This technology is further used in online shopping where a user can initiate a cashless payment. The feature of online banking is mobile friendly and a user can use the services of online banking in their smartphone as well (Onyesolu and Ezeani 2012). The smartphone application is capable of initiating and performing a contactless payment and therefore, it prevents the users in undergoing the hassle of carrying cash everywhere. Financial institutions make sure that the online transactions are secure enough to undergo vital operations such as, transactions and fund transfer online. This technology is capable of online payment of the utility bills, recharges and so on. Financial institution has set up a proper security system for ensuring a secure online transaction for the users (Taylor, Fritsch and Liederbach 2014). Online banking is capable of revolutionizing the field of contactless payments. However, there are major security issues associated with online banking that must be addressed in order to achieve a better result in this field.
Smartphone would be an active device of contactless payment in future. Use of Smartphone is growing at an exponential rate across the world and therefore, it is used as one of the major tools for conducting an online transaction. Different Smartphone application are capable of initiating a contactless payment just by waving it towards a point of sales machine. The near filed communication technology allows to make payment without the need to of a card. This technology allows the different devices communicate within a distance of 4 cm. Magnetic secure transmission technology also has a possibility to become a leading technology in field of contactless payment. This technology works by emission of magnetic signals from mobile devices that can be read by the magnetic strip card reader present at the traditional POS terminal. This makes the process of payment further easier.
The future technology of ATM is cad free banking. Card free access in ATM can be possible with the help of smartphone. The user just needs to have an access to the bank’s application through the smartphone. For initiating this feature, the user needs to request an eight-digit code from their bank application installed in their smartphone. The user then can use this code in the ATM in money withdrawal and performing other banking operation in an ATM, even in the absence of the card. This card-less technology is sure to have a widespread usage in future. This is because the user need not have to carry their cards everywhere, and just need to have an access to an auto generated number. This can considerably reduce the cases of ATM frauds and fraudulent transaction using a stolen ATM card. This auto-generated number is secure to use as this number automatically expires within 30 minutes. This eliminates the risks of fraudulent use of this code. Therefore, it can be said that using this card-free technology is more secure than using an ATM card in money withdrawal. This further reduces the chances of identity theft as the users have to prove their identity via the bank app in order to generate the code. This is done either with the help of a thumbprint or with the help of the online banking password (Patel and Singh 2013).
Therefore, it can be deduced that use of smartphone and card free banking is sure to revolutionize the future of ATM cards. It has the capability to reduce the usage of ATM cards, by promoting the use of card free options in banking (Ganji and Mannem 2012).
The contactless technology is new and is possibly one of the most striking inventions in the field of banking. This technology is capable of becoming increasingly common inner future. With the increase in use of Smartphone, this technology is sure to be adopted by majority of the users. However, there are certain issues that associated with these new payment technologies.
Contactless payment can be vulnerable to a number of threats. The concept of contactless payment has made it easier to make a purchase or pay the bills. However, its ease of use makes it even easier for the attackers to steal money (Liu, Kauffman and Ma 2015). A contactless card integrates a chip and antenna, which mainly responds to the POS terminal. For the system to work, the card should be at a close proximity to the readers, maximum being 4cm. In order to misuse the card, the attacker must have an access to the card (Ali et al. 2014). There are certain legal frameworks that every technology should abide by. This is essential to establish the technology in global business operations.
The ethical implication refers to the consequence of an action. Therefore, ethical issues are needed to be acknowledged before implementation of new technology. The ethical issues associated with the concept of contactless payment include the real time surveillance of customers’ data in order to offer a 24*7 service. Furthermore, the use of online banking apps are generating a huge amount of data, which are being collected and analyzed in order to understand the average usage of banking mobile application (Reed, Larus and Gannon 2012).
The Privacy issues associated with the implementation of new technologies include mass data collection on the online behavior of a user. It has to be kept in mind while implementing a new technology is that, the privacy and the confidentiality of the users’ data is kept intact. The system should be secure and sturdy enough to detect and eliminate any privacy threat to the information database of the financial institution, here the bank that is allowing an option of Card less payment, which is a technology that is capable of revolutionizing the future of payment methods and options.
Therefore, it can be said that, before implementation of any new technology, the financial institution should consider the ethical, privacy and legal issues associated with the system.
The different security issues that are associated with the implementation of new payment methods are discussed below (Wang, Gupta and Rao 2015)-
- One of the major security issues that are associated with the implementation of new online payment methods is maintaining the privacy and confidentiality of user’s information. If proper security measures are not implemented, hackers might target and steal the confidential information of the users in order to use the information for impersonating the user (Norman 2014).
- Another security issue associated with the implementation of new payment method is cyber attack. With the advent of technology, the hackers are using increasingly sophisticated methods for launching an attack. The hackers can make use of the vulnerability of a system in order to implant a malicious code into the system, which would further help them in collecting the confidential information of a user (Taylor, Fritsch and Liederbach 2014).
- Denial of service attack is another major security issue associated with the online payment methods (Yu 2014). The hackers can overload a network of a particular financial institution with unnecessary requests thus freezing the entire system, preventing the authorized users from accessing the system (Coleman 2013).
- Identity theft is another major security issue that can act as a huge problem in implementation of card less ATM facilities (Holt and Turner 2012). The concept of card-less ATM although defines a proper security in terms of token expiry within 30 minutes of its generation, there is a risk of eavesdropping while that code is in usage, which might further lead to the identity theft and misuse of the code and the account information of the user for launching fraudulent transactions.
- Hacking is another security issues associated with the implementation of the new technology. Proper security of the system is needed to be ensured in order to prevent any unauthorized access to the system. The information system should be properly patched and kept up to date in order to prevent any unauthorized access. The new system should be secured enough in order to prevent any unauthorized access to the system (Alomari et al. 2012).
Conclusion
Therefore, from the above discussion, it can be concluded that the Commonwealth bank provides excellent financial services to its customers making use of the modern technologies. The ATM services provided by the intuition are effective and secure enough to provide an uninterrupted service to its customers. The report discusses the different ATM services that are provided by the Commonwealth bank. The credit and debit card services offered bank is secure enough to undergo hassle free transaction. The report further discusses the different computer based technologies that is employed in developing and designing the ATM product, focusing on the hardware, software, database, customer data and security protection. The different examples of the security breaches associated with the use of ATM cards are mentioned in the report. It further elaborates the world wide security breach of WannaCry ransomware. The security problems associated with the use of ATM cards are evaluated on basis of the unauthorized use of ATM cards, hardware theft of the ATM machines, software theft, information theft, system failure along with the internet and network attacks. Network attacks are most common security problems and digital security risk. The report further discusses the future technologies and trends in respect of the ATM cards. Use of smartphone in online banking is wide spread. As majority of the people nowadays have access to smartphone, it has a capability of becoming one of the major tools of online banking in future. The report discusses the concept of card less banking and evaluates its possibilities of becoming a leading technology in future. However, there are certain legal, ethical and privacy issues that are associated with the implementation of card free banking. The security issues are needed to be analyzed properly before the implementation of the new payment methods.
Card free banking has the capability of becoming one of the leading technologies in the field of contactless payments. The recommendations for properly implementing the system are as follows-
- The system should be implemented in a secure environment that will eliminate the risk of unauthorized use and data theft.
- The legal and ethical issues should be considered while implementing the system.
- The system should be able to maintain the integrity and confidentiality of the data.
References
Ali, R., Barrdear, J., Clews, R. and Southgate, J., 2014. The economics of digital currencies.
Alomari, E., Manickam, S., Gupta, B.B., Karuppayah, S. and Alfaris, R., 2012. Botnet-based distributed denial of service (DDoS) attacks on web servers: classification and art. arXiv preprint arXiv:1208.0403.
Ayyagari, R., 2012. An exploratory analysis of data breaches from 2005-2011: Trends and insights. Journal of Information Privacy and Security, 8(2), pp.33-56.
Coleman, E.G., 2013. Coding freedom: The ethics and aesthetics of hacking. Princeton University Press.
Commbank.com.au. 2017. About Us – Learn more about Shareholders, Careers – CommBank. [online] Available at: https://www.commbank.com.au/about-us.html?ei=CB-footer_about-commbank [Accessed 11 Dec. 2017].
Ganji, V.R. and Mannem, S.N.P., 2012. Credit card fraud detection using anti-k nearest neighbor algorithm. International Journal on Computer Science and Engineering, 4(6), p.1035.
Harrell, E. and Langton, L., 2013. Victims of identity theft, 2012 (p. 12). US Department of Justice, Office of Justice Programs, Bureau of Justice Statistics.
Holt, T.J. and Turner, M.G., 2012. Examining risks and protective factors of on-line identity theft. Deviant Behavior, 33(4), pp.308-323.
Hussain, G.J. and Reddy, T.S., 2016. Advanced Anti-Theft ATM Security using Raspberry Pi.
Jog, V.V., Jain, D., Arora, R. and Bhat, B., 2013, April. Theft prevention ATM model using dormant monitoring for transactions. In Information & Communication Technologies (ICT), 2013 IEEE Conference on (pp. 1156-1159). IEEE.
Liu, J., Kauffman, R.J. and Ma, D., 2015. Competition, cooperation, and regulation: Understanding the evolution of the mobile payments technology ecosystem. Electronic Commerce Research and Applications, 14(5), pp.372-391.
Mohurle, S. and Patil, M., 2017. A brief study of wannacry threat: Ransomware attack 2017. International Journal, 8(5).
More, P. and Markande, S., 2016, August. Design and implementation of anti-theft module for ATM machine. In Inventive Computation Technologies (ICICT), International Conference on (Vol. 3, pp. 1-4). IEEE.
Norman, T.L., 2014. Integrated Security Systems Design: A Complete Reference for Building Enterprise-wide Digital Security Systems. Butterworth-Heinemann.
Oko, S. and Oruh, J., 2012. Enhanced ATM security system using biometrics. International Journal of Computer Science Issues, 9(5), pp.355-363.
Onyesolu, M.O. and Ezeani, I.M., 2012. ATM security using fingerprint biometric identifer: An investigative study. International Journal of Advanced Computer Science and Applications, 3(4), pp.68-72.
Patel, R.D. and Singh, D.K., 2013. Credit card fraud detection & prevention of fraud using genetic algorithm. International Journal of Soft Computing and Engineering, 2(6).
Raj, M.M.E. and Julian, A., 2015, March. Design and implementation of anti-theft ATM machine using embedded systems. In Circuit, Power and Computing Technologies (ICCPCT), 2015 International Conference on (pp. 1-5). IEEE.
RamaKalyani, K. and UmaDevi, D., 2012. Fraud detection of credit card payment system by genetic algorithm. International Journal of Scientific & Engineering Research, 3(7), pp.1-6.
RAMAKRISHNA, S., PRAMOD, M. and KUMAR, C.R., 2015. Security Based ATM Theft Monitoring System Design and Implementation.
Reed, D., Larus, J.R. and Gannon, D., 2012. Imagining the future: Thoughts on computing. Computer, 45(1), pp.25-30.
Sakharova, I., 2012, June. Payment card fraud: Challenges and solutions. In Intelligence and Security Informatics (ISI), 2012 IEEE International Conference on (pp. 227-234). IEEE.
Stallings, W. and Brown, L., 2012. Computer security. Principles and practice (2 nd ed). Edinburgh Gate: Pearson education limited.
Sullivan, R.J., 2014. Controlling security risk and fraud in payment systems. Economic Review-Federal Reserve Bank of Kansas City, p.5.
Taylor, R.W., Fritsch, E.J. and Liederbach, J., 2014. Digital crime and digital terrorism. Prentice Hall Press.
Wang, J., Gupta, M. and Rao, H.R., 2015. Insider threats in a financial institution: Analysis of attack-proneness of information systems applications. MIS quarterly, 39(1).
Yu, S., 2014. Distributed Denial of Service Attack and Defense(pp. 15-29). Springer New York.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
