Possible Serious Security Flaw In ATMs

Posted by Zonk on Thursday November 30, 2006 @10:45AM from the my-money-is-flighty-enough-as-it-is dept.

sfjoe writes "According to a story at MSNBC.com, researchers at Algorithmic Research (ARX) have shown it may be possible for 'someone with access to the ATM network to attack the special computers that transmit bank account numbers and PIN codes, called hardware security modules'. Using these methods, an attacker could trick the security modules into exposing a PIN. It has long been considered impossible to access PINs as they are traveling through the ATM network without the encryption key used by the card-issuing bank. If PINs can be compromised, the almost 8 billion transactions per year they handle may be in danger. Not to mention all the transaction at retail stores."

1 of 167 comments (clear)

Min score:

Reason:

Sort:

Diebold by ObsessiveMathsFreak · 2006-11-30 11:26 · Score: 0, Flamebait

I knew something smelt rotten the moment the first windows dialog box flashed on as I was entering my pin. Looking into it I found that a lot of ATMs nowadays run on Windows, some ATM software supplied by Diebold. It wouldn't surprise me in the least to find out that the ATM network is about as secure as Joe Six Pack's passwordless WLAN, XP SP1 ridden, all users admins, very own home network.

--
May the Maths Be with you!