Thursday, April 7, 2011

How ATMs Work?

This is a very interesting process, initially I didn’t have a clue about how an ATM works. The technology behind the machine is pretty simple except the security concepts behind it. I will not go into the details of security techniques in this article perhaps on another.
Here’s how the process flows,

There are two main categories of transactions initiated from an ATM,
ONUS – Card and ATM from same financial institute (Ex: HSBC ATM card on HSBC Bank’s ATM)
OFFUS – Card and ATM from different financial institutes (Ex: HSBC VISA enabled ATM card on Standard charted VISA enabled ATM)

Detailed transaction flow of an ATM (ATM screen flow could change from ATM to ATM. Therefore this is a generic flow almost all ATMs are based on) 
  1. ONUS -Customer inserts a card to the ATM > Enters the PIN > transaction > select the account > enter other required details for the transaction (Ex: for a withdrawal, withdrawal amount)Then a message will be generated and sent to the ATM switch (PIN is encrypted) > ATM switch will send the encrypted PIN to the HSM > HSM will respond whether its correct or not > If the PIN is incorrect transaction will get voided and the customer will be asked to enter the PIN again > If the PIN is correct the transaction will be forwarded to the Core Banking System >  The Core Banking System will check the customer account and approve or disapprove the transaction > if the transaction is disapproved a message will be shown on the ATM screen, mostly a descriptive message > if the transaction is approved the switch will instruct the ATM how to proceed (Ex: for a withdrawal the switch will tell the ATM to dispense number of bill from Bins). Apart from the above process there will be additional messages between the ATM machine and the ATM switch. This is to get a list of accounts attached for the card. This is not available in OFFUS transactions. Therefore, customers will be able to transact from their primary accounts only (One account for Savings and one account for current)
  2. OFFUS-Another banks customer inserts a ATM card > The ATM switch will forward the transaction to VISA network > the VISA network will do the necessary currency conversions and forward it to the issuing bank

