Automated teller Machine
An NCR Personas 75-Series interior, multi-function ATM.
Smaller indoor ATMs dispense money inside convenience stores and other busy areas, such as this off-premise Wincor Nixdorf mono-function ATM in Sweden.
An automated teller machine (ATM) is a computerized telecommunications device that provides the customers of a financial institution with access to financial transactions in a public space without the need for a human clerk or bank teller. On most modern ATMs, the customer is identified by inserting a plastic ATM card with a magnetic stripe or a plastic smartcard with a chip that contains a unique card number and some security information, such as an expiration date or CVC (CVV). Security is provided by the customer entering a personal identification number (PIN).
Using an ATM, customers can access their bank accounts in order to make cash withdrawals (or credit card cash advances) and check their account balances. ATMs are known by various casual terms including automated banking machine, money machine, cash machine, hole-in-the-wall, cashpoint or Bancomat (in Europe and Russia).
History
Reg Varney using the first ATM in 1967A mechanical cash dispenser was developed and built by Luther George Simian and installed in 1939 in New York City by the City Bank of New York, but removed after 6 months due to the lack of customer acceptance.The ATM got smaller, faster and easier over the years. Thereafter, the history of ATMs paused for over 25 years, until De La Rue developed the first electronic ATM, which was installed first in Enfield Town in North London on 27 June 1967 by Barclays Bank.. This instance of the invention is credited to John Shepherd-Barron, although various other engineers were awarded patents for related technologies at the time. Shepherd-Barron was awarded an OBE in the 2005 New Year's Honors List. The first person to use the machine was Reg Varney of "On the Buses" fame, a British Television programme from the 1960s.The first ATMs accepted only a single-use token or voucher, which was retained by the machine. These worked on various principles including radiation and low-coercively magnetism that was wiped by the card reader to make fraud more difficult.The idea of a PIN stored on the card was developed by the British engineer John Rose in 1965.
However, the modern, networked ATM was invented in Dallas, Texas, by Don Wetzel in 1968. Wetzel was a department head at an automated baggage-handling company called Docutel. In 1995 the Smithsonian's National Museum of American History recognized Docutel and Wetzel as the inventors of the ATM.
ATMs first came into wide UK use in 1973; the IBM 2984 was designed at the request of Lloyds Bank. The 2984 CIT (Cash Issuing Terminal) was the first true Cashpoint, similar in function to today's machines; Cashpoint is still a registered trademark of Lloyds TSB in the U.K. All were online and issued a variable amount which was immediately deducted from the account. A small number of 2984s were supplied to a USA bank. Notable historical models of ATMs include the IBM 3624 and 473x series, Diebold 10xx and TABS 9000 series, and NCR 5xxx series.
Location
An ATM Encrypting PIN Pad with German markings
ATMs are placed not only near or inside the premises of banks, but also in locations such as shopping centers/malls, airports, grocery stores, petrol/gas stations, restaurants, or any place large numbers of people may gather. These represent two types of ATM installations: on and off premise. On premise ATMs are typically more advanced, multi-function machines that complement an actual bank branch's capabilities and thus more expensive. Off premise machines are deployed by financial institutions and also ISOs (or Independent Sales Organizations) where there is usually just a straight need for cash, so they typically are the cheaper mono-function devices. In Canada, when an ATM is not operated by a financial institution it is known as a "White Label ATM".In North America, banks often have drive-through lanes providing access to ATMs.
Many ATMs have a sign above them indicating the name of the bank or organization owning the ATM, and possibly including the list of ATM networks to which that machine is connected. This type of sign is called a topper.
Financial networks
The logos of a number of interbank networks this ATM is connected to are shown.
Most ATMs are connected to interbank networks, enabling people to withdraw and deposit money from machines not belonging to the bank where they have their account or in the country where their accounts are held (enabling cash withdrawals in local currency). Some examples of interbank networks include PLUS, Cirrus, Interact and LINK.
ATMs rely on authorization of a financial transaction by the card issuer or other authorizing institution via the communications network. This is often performed through an ISO 8583 messaging system.
Many banks charge ATM usage fees. In some cases, these fees are charged solely to users who are not customers of the bank where the ATM is installed; in other cases, they apply to all users. Many people oppose these fees because ATMs are actually less costly for banks than withdrawals from human tellers
In order to allow a more diverse range of devices to attach to their networks, some interbank networks have passed rules expanding the definition of an ATM to be a terminal that either has the vault within its footprint or utilizes the vault or cash drawer within the merchant establishment, which allows for the use of a scrip cash dispenser.
A Diebold 1063ixwith a dial-up modem visible at the base
ATMs typically connect directly to their ATM Transaction Processor via either a dial-up modem over a telephone line or directly via a leased line. Leased lines are preferable to POTS lines because they require less time to establish a connection. Leased lines may be comparatively expensive to operate versus a POTS line, meaning less-trafficked machines will usually rely on a dial-up modem. That dilemma may be solved as high-speed Internet VPN connections become more ubiquitous. Common lower-level layer communication protocols used by ATMs to communicate back to the Bank include SNA over SDLC, TC500 over Async, X.25, and TCP/IP over Ethernet.
In addition to methods employed for transaction security and secrecy, all communications traffic between the ATM and the Transaction Processor may also be encrypted via methods such as SSL.
Global use
An ATM in the Tokyo subway
There are no hard international or government-compiled numbers totaling the complete number of ATMs in use worldwide. Estimates developed by ATMIA place the number of ATMs in use at over 1.5 million as of August 2006.
For the purpose of analyzing ATM usage around the world, financial institutionsgenerally divide the world into seven regions, due to the penetration rates, usagestatistics, and features deployed. Four regions (USA, Canada, Europe, and Japan) have high numbers of ATMs per million people and generally slowing growth rates.[10] Despite the large number of ATMs, there is additional demand for machines in the Asia/Pacific area as well as in Latin America. ATMs have yet to reach high numbers in the Near East/Africa.
Hardware
An ATM is typically made up of the following devices:
CPU (to control the user interface and transaction devices)
Magnetic and/or Chip card reader (to identify the customer)
PIN Pad (similar in layout to a Touch tone or Calculator keypad), often manufactured as part of a secure enclosure.
Secure cryptoprocessor, generally within a secure enclosure.
Display (used by the customer for performing the transaction)
Function key buttons (usually close to the display) or a Touch screen (used to select the various aspects of the transaction)
Record Printer (to provide the customer with a record of their transaction)
Vault (to store the parts of the machinery requiring restricted access)
Housing (for aesthetics and to attach signage to)
Software
A Wincor Nixdorf ATM running Windows 2000With the migration to commodity PC hardware, standard commercial "off-the-shelf" operating systems and programming environments can be used inside of ATMs. Typical platforms used in ATM development include RMX, OS/2, and Microsoft operating systems (such as MS-DOS, PC-DOS, Windows NT, Windows 2000, Windows XP Professional, or Windows XP Embedded). Java, Linux and Unix may also be used in these environments.
Security
An ATM with card reader and PIN keypad.
Security, as it relates to ATMs, has several dimensions. ATMs also provide a practical demonstration of a number of security systems and concepts operating together and how various security concerns are dealt with.
Physical
This is a Wincor Nixdorf Procash 2100xe Frontload that was opened with an angle grinder.
Early ATM security focused on making the ATMs invulnerable to physical attack; they were effectively safes with dispenser mechanisms. A number of attacks on ATMs resulted, with thieves attempting to steal entire ATMs by ram-raiding. Since late 1990s, criminal groups operating in Japan improved ram-raiding by stealing and using a truck loaded with a heavy construction machinery to effectively demolish or uproot an entire ATM and any housing to steal its cash.
Another attack method is to seal all openings of the ATM with silicone and fill the vault with a combustible gas or to place an explosive inside, attached, or near the ATM. This gas or explosive is ignited and the vault is opened or distorted by the force of the resulting explosion and the criminals can break in.
Modern ATM physical security, per other modern money-handling security, concentrates on denying the use of the money inside the machine to a thief, by means of techniques such as dye markers and smoke canisters.
Rules are usually set by the government or ATM operating body that dictate what happens when integrity systems fail. Depending on the jurisdiction, a bank may or may not be liable when an attempt is made to dispense a customer's money from an ATM and the money either gets outside of the ATM's vault, or was exposed in a non-secure fashion, or they are unable to determine the state of the money after a failed transaction. Bank customers often complain that banks have made it difficult to recover money lost in this way, but this is often complicated by the Bank's own internal policies regarding suspicious activities typical of the criminal element.
Reliability
An ATM running Microsoft Windows that has crashed.
Before an ATM is placed in a public place, it typically has undergone extensive testing with both test money and the backend computer systems that allow it to perform transactions. Banking customers also have come to expect high reliability in their ATMs,which provides incentives to ATM providers to minimize machine and network failures. Financial consequences of incorrect machine operation also provide high degrees of incentive to minimize malfunctions.
ATMs and the supporting electronic financial networks are generally very reliable, with industry benchmarks typically producing 98.25% customer availability for ATMs and up to 99.999% availability for host systems. If ATMs do go out of service, customers could be left without the ability to make transactions until the beginning of their bank's next time of opening hours.
Of course, not all errors are to the detriment of customers; there have been cases of machines giving out money without debiting the account, or giving out higher value notes as a result of incorrect denomination of banknote being loaded in the money cassettes. Errors that can occur may be mechanical (such as card transport mechanisms; keypads; hard disk failures); software (such as operating system; device driver; application); communications; or purely down to operator error.
Some ATMs may put up warning messages to customers to not use them when it detects possible tampering.The concept and various methods of copying the contents of an ATM card's magnetic stripe on to a duplicate card to access other people's financial information was well known in the hacking communities by late 1990.In 1996 Andrew Stone, a computer security consultant from Hampshire in the UK was convicted of stealing in excess of £1 million Sterling (at the time equivalent to US$1.6 million) by pointing high definition video cameras at ATMs from a considerable distance, and by recording the card numbers, expiry dates, etc. from the embossed detail on the ATM cards along with video footage of the PINs being entered. After getting all the information from the videotapes, he was able to produce clone cards which not only allowed him to withdraw the full daily limit for each account, but also allowed him to sidestep withdrawal limits by using multiple copied cards. In court, it was shown that he could withdraw as much as £10,000 per hour by using this method. Stone was sentenced to five years and six months in prison.
An NCR Personas 75-Series interior, multi-function ATM.
Smaller indoor ATMs dispense money inside convenience stores and other busy areas, such as this off-premise Wincor Nixdorf mono-function ATM in Sweden.
An automated teller machine (ATM) is a computerized telecommunications device that provides the customers of a financial institution with access to financial transactions in a public space without the need for a human clerk or bank teller. On most modern ATMs, the customer is identified by inserting a plastic ATM card with a magnetic stripe or a plastic smartcard with a chip that contains a unique card number and some security information, such as an expiration date or CVC (CVV). Security is provided by the customer entering a personal identification number (PIN).
Using an ATM, customers can access their bank accounts in order to make cash withdrawals (or credit card cash advances) and check their account balances. ATMs are known by various casual terms including automated banking machine, money machine, cash machine, hole-in-the-wall, cashpoint or Bancomat (in Europe and Russia).
History
Reg Varney using the first ATM in 1967A mechanical cash dispenser was developed and built by Luther George Simian and installed in 1939 in New York City by the City Bank of New York, but removed after 6 months due to the lack of customer acceptance.The ATM got smaller, faster and easier over the years. Thereafter, the history of ATMs paused for over 25 years, until De La Rue developed the first electronic ATM, which was installed first in Enfield Town in North London on 27 June 1967 by Barclays Bank.. This instance of the invention is credited to John Shepherd-Barron, although various other engineers were awarded patents for related technologies at the time. Shepherd-Barron was awarded an OBE in the 2005 New Year's Honors List. The first person to use the machine was Reg Varney of "On the Buses" fame, a British Television programme from the 1960s.The first ATMs accepted only a single-use token or voucher, which was retained by the machine. These worked on various principles including radiation and low-coercively magnetism that was wiped by the card reader to make fraud more difficult.The idea of a PIN stored on the card was developed by the British engineer John Rose in 1965.
However, the modern, networked ATM was invented in Dallas, Texas, by Don Wetzel in 1968. Wetzel was a department head at an automated baggage-handling company called Docutel. In 1995 the Smithsonian's National Museum of American History recognized Docutel and Wetzel as the inventors of the ATM.
ATMs first came into wide UK use in 1973; the IBM 2984 was designed at the request of Lloyds Bank. The 2984 CIT (Cash Issuing Terminal) was the first true Cashpoint, similar in function to today's machines; Cashpoint is still a registered trademark of Lloyds TSB in the U.K. All were online and issued a variable amount which was immediately deducted from the account. A small number of 2984s were supplied to a USA bank. Notable historical models of ATMs include the IBM 3624 and 473x series, Diebold 10xx and TABS 9000 series, and NCR 5xxx series.
Location
An ATM Encrypting PIN Pad with German markings
ATMs are placed not only near or inside the premises of banks, but also in locations such as shopping centers/malls, airports, grocery stores, petrol/gas stations, restaurants, or any place large numbers of people may gather. These represent two types of ATM installations: on and off premise. On premise ATMs are typically more advanced, multi-function machines that complement an actual bank branch's capabilities and thus more expensive. Off premise machines are deployed by financial institutions and also ISOs (or Independent Sales Organizations) where there is usually just a straight need for cash, so they typically are the cheaper mono-function devices. In Canada, when an ATM is not operated by a financial institution it is known as a "White Label ATM".In North America, banks often have drive-through lanes providing access to ATMs.Many ATMs have a sign above them indicating the name of the bank or organization owning the ATM, and possibly including the list of ATM networks to which that machine is connected. This type of sign is called a topper.
Financial networks
The logos of a number of interbank networks this ATM is connected to are shown.
Most ATMs are connected to interbank networks, enabling people to withdraw and deposit money from machines not belonging to the bank where they have their account or in the country where their accounts are held (enabling cash withdrawals in local currency). Some examples of interbank networks include PLUS, Cirrus, Interact and LINK.
ATMs rely on authorization of a financial transaction by the card issuer or other authorizing institution via the communications network. This is often performed through an ISO 8583 messaging system.
Many banks charge ATM usage fees. In some cases, these fees are charged solely to users who are not customers of the bank where the ATM is installed; in other cases, they apply to all users. Many people oppose these fees because ATMs are actually less costly for banks than withdrawals from human tellers
In order to allow a more diverse range of devices to attach to their networks, some interbank networks have passed rules expanding the definition of an ATM to be a terminal that either has the vault within its footprint or utilizes the vault or cash drawer within the merchant establishment, which allows for the use of a scrip cash dispenser.
A Diebold 1063ixwith a dial-up modem visible at the base
ATMs typically connect directly to their ATM Transaction Processor via either a dial-up modem over a telephone line or directly via a leased line. Leased lines are preferable to POTS lines because they require less time to establish a connection. Leased lines may be comparatively expensive to operate versus a POTS line, meaning less-trafficked machines will usually rely on a dial-up modem. That dilemma may be solved as high-speed Internet VPN connections become more ubiquitous. Common lower-level layer communication protocols used by ATMs to communicate back to the Bank include SNA over SDLC, TC500 over Async, X.25, and TCP/IP over Ethernet.
In addition to methods employed for transaction security and secrecy, all communications traffic between the ATM and the Transaction Processor may also be encrypted via methods such as SSL.
Global use
An ATM in the Tokyo subway
There are no hard international or government-compiled numbers totaling the complete number of ATMs in use worldwide. Estimates developed by ATMIA place the number of ATMs in use at over 1.5 million as of August 2006.
For the purpose of analyzing ATM usage around the world, financial institutionsgenerally divide the world into seven regions, due to the penetration rates, usagestatistics, and features deployed. Four regions (USA, Canada, Europe, and Japan) have high numbers of ATMs per million people and generally slowing growth rates.[10] Despite the large number of ATMs, there is additional demand for machines in the Asia/Pacific area as well as in Latin America. ATMs have yet to reach high numbers in the Near East/Africa.
Hardware
An ATM is typically made up of the following devices:
CPU (to control the user interface and transaction devices)
Magnetic and/or Chip card reader (to identify the customer)
PIN Pad (similar in layout to a Touch tone or Calculator keypad), often manufactured as part of a secure enclosure.
Secure cryptoprocessor, generally within a secure enclosure.
Display (used by the customer for performing the transaction)
Function key buttons (usually close to the display) or a Touch screen (used to select the various aspects of the transaction)
Record Printer (to provide the customer with a record of their transaction)
Vault (to store the parts of the machinery requiring restricted access)
Housing (for aesthetics and to attach signage to)
Software
A Wincor Nixdorf ATM running Windows 2000With the migration to commodity PC hardware, standard commercial "off-the-shelf" operating systems and programming environments can be used inside of ATMs. Typical platforms used in ATM development include RMX, OS/2, and Microsoft operating systems (such as MS-DOS, PC-DOS, Windows NT, Windows 2000, Windows XP Professional, or Windows XP Embedded). Java, Linux and Unix may also be used in these environments.
Security
An ATM with card reader and PIN keypad.
Security, as it relates to ATMs, has several dimensions. ATMs also provide a practical demonstration of a number of security systems and concepts operating together and how various security concerns are dealt with.
Physical
This is a Wincor Nixdorf Procash 2100xe Frontload that was opened with an angle grinder.
Early ATM security focused on making the ATMs invulnerable to physical attack; they were effectively safes with dispenser mechanisms. A number of attacks on ATMs resulted, with thieves attempting to steal entire ATMs by ram-raiding. Since late 1990s, criminal groups operating in Japan improved ram-raiding by stealing and using a truck loaded with a heavy construction machinery to effectively demolish or uproot an entire ATM and any housing to steal its cash.
Another attack method is to seal all openings of the ATM with silicone and fill the vault with a combustible gas or to place an explosive inside, attached, or near the ATM. This gas or explosive is ignited and the vault is opened or distorted by the force of the resulting explosion and the criminals can break in.
Modern ATM physical security, per other modern money-handling security, concentrates on denying the use of the money inside the machine to a thief, by means of techniques such as dye markers and smoke canisters.
Rules are usually set by the government or ATM operating body that dictate what happens when integrity systems fail. Depending on the jurisdiction, a bank may or may not be liable when an attempt is made to dispense a customer's money from an ATM and the money either gets outside of the ATM's vault, or was exposed in a non-secure fashion, or they are unable to determine the state of the money after a failed transaction. Bank customers often complain that banks have made it difficult to recover money lost in this way, but this is often complicated by the Bank's own internal policies regarding suspicious activities typical of the criminal element.
Reliability
An ATM running Microsoft Windows that has crashed.
Before an ATM is placed in a public place, it typically has undergone extensive testing with both test money and the backend computer systems that allow it to perform transactions. Banking customers also have come to expect high reliability in their ATMs,which provides incentives to ATM providers to minimize machine and network failures. Financial consequences of incorrect machine operation also provide high degrees of incentive to minimize malfunctions.
ATMs and the supporting electronic financial networks are generally very reliable, with industry benchmarks typically producing 98.25% customer availability for ATMs and up to 99.999% availability for host systems. If ATMs do go out of service, customers could be left without the ability to make transactions until the beginning of their bank's next time of opening hours.
Of course, not all errors are to the detriment of customers; there have been cases of machines giving out money without debiting the account, or giving out higher value notes as a result of incorrect denomination of banknote being loaded in the money cassettes. Errors that can occur may be mechanical (such as card transport mechanisms; keypads; hard disk failures); software (such as operating system; device driver; application); communications; or purely down to operator error.
Some ATMs may put up warning messages to customers to not use them when it detects possible tampering.The concept and various methods of copying the contents of an ATM card's magnetic stripe on to a duplicate card to access other people's financial information was well known in the hacking communities by late 1990.In 1996 Andrew Stone, a computer security consultant from Hampshire in the UK was convicted of stealing in excess of £1 million Sterling (at the time equivalent to US$1.6 million) by pointing high definition video cameras at ATMs from a considerable distance, and by recording the card numbers, expiry dates, etc. from the embossed detail on the ATM cards along with video footage of the PINs being entered. After getting all the information from the videotapes, he was able to produce clone cards which not only allowed him to withdraw the full daily limit for each account, but also allowed him to sidestep withdrawal limits by using multiple copied cards. In court, it was shown that he could withdraw as much as £10,000 per hour by using this method. Stone was sentenced to five years and six months in prison.
