Slashdot Mirror

← Back to Stories (view on slashdot.org)

Diebold Marries VMs with ATMs to Secure Banking Data

Posted by timothy on from the do-you-machine-take-this-data dept.

gManZboy writes "Automatic teller machine maker Diebold has taken a novel approach to protecting bank customer data: virtualization. Virtualized ATMs store all customer data on central servers, rather than the ATM itself, making it difficult for criminals to steal data from the machines. In places including Brazil, customer data has been at risk when thieves pulled or dynamited ATMs out of their settings and drove off with them. With threats increasing worldwide at many retail points of sale, such as supermarket checkout counters and service station gas pumps, Diebold needed to guarantee the security of customer data entered at the 50,000 ATMs that it manages. Diebold last year partnered with VMware to produce a zero-client ATM. No customer data is captured and stored on the ATM itself." Perhaps Diebold should take the same approach to vote-tabulating machines.

25 of 151 comments (clear)

  1. Erm... by Spad · · Score: 4, Insightful

    Presumably the money is all sitting in a VM at one of Diebold's datacentres as well?

    Who the hell steals an ATM out of the wall to get customer data? You just send out a phishing email and you'll probably get 100x the return without having to blow a bloody wall to pieces and steal what amounts to a large cube of metal.

    Also, who the hell was storing any significant customer data on the ATMs in the first place?

    1. Re:Erm... by lucm · · Score: 4, Insightful

      Who the hell steals an ATM out of the wall to get customer data? You just send out a phishing email and you'll probably get 100x the return without having to blow a bloody wall to pieces and steal what amounts to a large cube of metal.

      Who said that they stole ATMs to get customer data? It was a "happy" side effect since the money and the data were stored in the same container. It's like a pickpocket that wants the money in your wallet but also ends up with your swingers club membership card and the pictures of your children.

      --
      lucm, indeed.
    2. Re:Erm... by cruff · · Score: 2

      Who the hell steals an ATM out of the wall to get customer data?

      Presumably the real reason for ripping it out of the wall is to get to the cash contained therein. According to TFA, the more refined thieves install some malware on the ATM which is running Windows XP or OS/2 that gathers the information and saves it to an encrypted file on storage local to the ATM, then they read out the encrypted file later. In the virutalization scheme, the ATMs become a thin client only responsible for updating the display and sending key presses and card information back to the centralized VM. Of course, this does not appear to prevent someone from adding some hardware to piggy back on the card reader and keyboard and save it to memory in the skimming device itself.

    3. Re:Erm... by icebike · · Score: 5, Insightful

      Who said that they stole ATMs to get customer data? It was a "happy" side effect since the money and the data were stored in the same container. It's like a pickpocket that wants the money in your wallet but also ends up with your swingers club membership card and the pictures of your children.

      Are you so sure it actually runs that way, even in Brazil? I've never seen an ATM without a network connection of some sort.

      I seriously doubt there is any customer date in the ATM. Refreshing that daily would be a nightmare.
      Having the system on a VM seems to be necessary because Diebold insists on using Windows in the boxes. Windows, left laying around in public!! Idiots! By having VMware, running, they can give each customer a fresh virtual machine to run the transaction, saving them a whole lot of programming to make sure all cached data is cleared from memory. (In other words saving them from having to do a competent job in the first place).

      A simple terminal system would do the same. There never was a valid use case for having any data resident in the cash machine.

      The more you read the story the less you are sure that what they are reporting is actually what is happening, because it is so incredibly dumb. But then this is Diebold, so.....

      --
      Sig Battery depleted. Reverting to safe mode.
    4. Re:Erm... by RemyBR · · Score: 2

      Exactly what I was thinking. Here in Brazil these kinds of ATM robbering using explosives make the news at least once a week, but I can't remember hearing even once that they were after customer data. Actually I ever thought that the ATMs were more like dumb terminals to start with. There's no need to store any kind of customer data on them.

      As for the robbering, what banks are doing is to mark the bills with ink when the ATMs are forced open, and there's even regulation in place that say people and commerce should not accept marked bills.

      --
      Cosplayers.net - The Cosplayers Network
    5. Re:Erm... by lucm · · Score: 2

      Who said that they stole ATMs to get customer data? It was a "happy" side effect since the money and the data were stored in the same container. It's like a pickpocket that wants the money in your wallet but also ends up with your swingers club membership card and the pictures of your children.

      Are you so sure it actually runs that way, even in Brazil? I've never seen an ATM without a network connection of some sort.

      I seriously doubt there is any customer date in the ATM. Refreshing that daily would be a nightmare.

      Best case scenario yes, the network is up. But what if the network is down? Do you lock out the customer? Nah, you make sure that the card is valid (simple algorithm or the chip) and you log the transactions so you can consolidate them later (and track down the people who withdrew too much money).

      Sometimes when you see a message saying that the account balance is not available, you can bet that you are dealing with a node that is disconnected from the mothership and will stack up transactions until it can upload the details for later consolidation.

      People think that ATM are very very high tech but in fact, it's just a tad more optimal than good ol' checks. There is always a consolidation that will occur downstream.

      --
      lucm, indeed.
    6. Re:Erm... by fuzzyfuzzyfungus · · Score: 4, Insightful

      Luckily, some fancy VM setup definitely prevents customer data from passing through the local PIN pad and/or touchscreen controller hardware. Thankfully, hardware keyloggers suddenly give up in defeat if they are asked to log keystrokes going to a super-secure remote VM...

    7. Re:Erm... by lgw · · Score: 2

      The simpler the terminal, the more obvious any modification.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    8. Re:Erm... by bws111 · · Score: 3, Insightful

      Best security practice is to not have ATMs. Or electronic banking. Or paper checks. Or bank accounts. Or credit/debit cards. Or even cash. All of them have been abused by criminals. However, out here in the real world most people don't live in a constant state of paranoia about what criminals might do, and they don't like it when they can't access their money.

    9. Re:Erm... by Anonymous Coward · · Score: 2, Informative

      I work in network operations for a company that does core processing for banks. None of our thousands of ATMs store customer data on the ATM and I can't imagine a reason any of our competitors would do it differently than we do.

      The ATM is going to have to report back to whatever server or mainframe maintains the account balance regardless, why would you cache that information on the ATM?

    10. Re:Erm... by Darinbob · · Score: 2

      But even in the real world you want your banks to make a half hearted attempt at security, and they're not even doing that much usually. You don't have to be paranoid to lock your doors at night.

  2. Won't protect from skimming by jordan314 · · Score: 2

    This is a good idea, but it doesn't protect the customer from a skimmer skimming the card and a video camera recording their pin.

    1. Re:Won't protect from skimming by z0idberg · · Score: 2

      or from meteorite strike.

  3. I can't believe that even Diebold by Presto+Vivace · · Score: 5, Interesting

    ever stored customer data in the ATM terminal itself. I always assumed that the info was all in the bank's server. Things are worse than I imagined.

    1. Re:I can't believe that even Diebold by tverbeek · · Score: 2

      So they've figured out that they should be doing something that anyone with any sense whatsoever would have been doing from Square One?

      --
      http://alternatives.rzero.com/
    2. Re:I can't believe that even Diebold by Pieroxy · · Score: 2

      So they've figured out that they should be doing something that anyone with any sense whatsoever would have been doing from Square One?

      Yes. That's called progress. For them at least.

      --
      Write boring code, not shiny code!
    3. Re:I can't believe that even Diebold by Midnight_Falcon · · Score: 4, Informative
      Don't use your credit card at a restaurant then. Almost all point of sale systems cache locally to some extent, often for up to a month!

      These systems were all built with bad network communication in mind -- verifying over phones, etc, which causes them to have to store this credit card data (PAN data). Because modern systems are just upgrades on these old codebases, little has changed but to give it the bare amount of encryption/etc for PCI compliance, which is routinely ignored by small businesses.

  4. Encryption? by hawguy · · Score: 2

    I think proper use of encryption should protect the customer data on the local machine - store the decryption key on the server and only hand back to the ATM if it requests it over its private secure link. And if the intrusion sensor goes off on the ATM, delete the decryption key along with the public key that the ATM uses to authenticate itself -- make a technician visit the machine and look for tampering before reloading with the authentication key.

    I doubt any of these data thieves are keeping the ATM powered until they can take it back to their shop and and use data probes to capture data from a running machine.

    But is this really a problem? Do ATM's store easily recoverable data on a hard drive?

    I thought skimmers were the way to go if you wanted to steal account data from an ATM.

    1. Re:Encryption? by Pieroxy · · Score: 2

      I think proper use of encryption

      I stopped right there. You know we're talking about Diebold right?

      --
      Write boring code, not shiny code!
  5. Not really by Anonymous Coward · · Score: 2, Informative

    I stopped reading when it said that ATMs store customer data on the machine. That's the most ridiculous thing I've ever heard. ATMs have always accessed customer data from central servers.

    If that weren't the case, I could just visit all the ATMs for my bank and withdrawl my account balance. There would be no way the machines would know I've made withdrawls.

    Fuck, does the Diebold tech just walk from machine to machine each day with a floppy disk?

    I've delt with ATMs before, and they usually have a DSL connection with a static IP and a VPN back to the central server. The ones I have worked with run Windows XP. If you steal one, you're just getting a computer. The ATM software won't work because of IP restrictions at the central server (you have to be on the DSL at the location). The firewalls in the ATM providing the VPN connection do not allow anything out or in except over that VPN. There is no customer data. Customer data is stored in RAM by the Diebold software when it is accessed. I suppose that's a security risk, but what else can you do?

    I think the entire article is full of shit.

  6. Obvious joke by dkleinsc · · Score: 4, Funny

    According to Ohio Revised Code 3101.01(A), effective in 2004, marrying VMs and ATMs is illegal.

    --
    I am officially gone from /. Long live http://www.soylentnews.com/
  7. Re:Voting machines? by Pieroxy · · Score: 4, Funny

    Have you seen the documentary where the guy finds out that the "secure database" where they collate votes is a simple Access file?

    And so? Are you going to tell me that Access is insecure now?

    Sheesh, you find these MS haters around every corner these days...

    --
    Write boring code, not shiny code!
  8. Re:And they can guarantee you Ohio by Black+Parrot · · Score: 2

    This is the company that all but flat-out said they were tampering with a US election, right? And we trust them with... anything?

    They're more careful with the important stuff, like money.

    --
    Sheesh, evil *and* a jerk. -- Jade
  9. Re:Voting machines? by thechemic · · Score: 2

    It's not about being a MS hating. The reason they used MS Access as a platform to store voting data is so that their cronies could go to Staple-Max and pickup a copy of MS Access. Then with a minute or two in a private voting booth with access to the voting machine you could easily modify the vote and be on your way. Please watch documentaries and read articles regarding Diebold voting fraud. It's been going on for over 15 years now (perhaps longer). You might want to get up to speed on the whole topic before running around calling people haters.

    --
    Let's make like a bird... and get the flock outta here.
  10. Re:Are you sure? by lucm · · Score: 4, Informative

    I always thought that when the balance was not available meant that the ATM was out of paper. It's the only time I don't get a receipt. I have my profile set to automatically generate a receipt.

    It depends on your local ATM I guess, but just for fun, next time you can't get a balance before withdrawing, try to take out more money than you have (if the ATM limit is high enough) and you'll have the answer. They will put a negative balance in your bank account and call you to complain a few days later.

    This happened to a friend of mine who was sure the ATM was broken so he kept taking money out. Tsk tsk. Beating the bank - not possible!

    --
    lucm, indeed.