Browse Prior Art Database

System & Method for ATM to Authenticate & Authorize Mobile Application

IP.com Disclosure Number: IPCOM000244875D
Publication Date: 2016-Jan-25
Document File: 5 page(s) / 82K

Publishing Venue

The IP.com Prior Art Database

Abstract

A system to enhance ATM security by replacing PIN entry through keypad with over-the-cloud OTP authentication transmitted to ATM through mobile vibration signal. More complex PIN combination is an add on security benefit which includes non-numeric characters. This system also improves ATM self-service efficiency by providing pre-setting the transaction details through a secured mobile application.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 01 of 5

System

System

&&& Method for ATM to Authenticate

Method for ATM to Authenticate Method for ATM to Authenticate

&&& Authorize Mobile Application

Authorize Mobile Application

Disclosed is a system for automated authentication and authorization between mobile application and automatic teller machine (ATM) using one-time password through physical vibration contact.

This system enhances ATM security by replacing the vulnerable PIN entry through keypad with over-the-cloud OTP authentication through mobile app. Mobile vibration signal is used to transmit the OTP to prevent shoulder surfing. More complex PIN combination is enabled with non-numeric characters to further enhance the security. The system also improves ATM self-service efficiency by providing pre-setting the transaction details through a secured mobile application.

Background and Problem ========

An automatic teller machine (ATM), also known as an automated banking machine (ABM, Canadian English), cash machine, cashpoint, cashline, or colloquially hole in the wall (British and South African English), is an electronic telecommunications device that enables the customers of a financial institution to perform financial transactions , particularly cash withdrawal, without the need for a human cashier, clerk or bank teller.

ATM card with a magnetic stripe or a plastic smart card with a chip that contains a unique card number and some security information such as an expiration date, CVVC (CVV) and Data Authentication (static or dynamic). Card user authentication is provided by requiring user to enter a personal identification number (PIN).

This two factor authentication (Card + PIN), prevalent card skimming and various PIN theft schemes have rendered them vulnerable.

Some the ways fraudsters use to steal PIN are:
- Shoulder Surfing
- Rigged ATM under surveillance by fraudsters using video camera or false PIN keypad
- Fake ATM
- Hacked ATM network that transports un-encrypted PIN

1


Page 02 of 5

Key Idea
========

The disclosed system enhances ATM Security by replace existing PIN entry through keypad with - Over-the-cloud (out-of-band) authentication through mobile app;

- Transmitting OTP to ATM through vibration signal to prevent shoulder surfing;

- More complex PIN combination which includes non-numeric characters;

The disclosed system improves ATM self-service efficiency by

- Pre-setting of the transaction details in mobile application while queueing (e.g. preselect cash withdrawal amount)

- Automating the transaction once device is authenticated & authorized physically by ATM (through vibration signal)

Advantage & Value
================

1. As an add-on feature to existing already popular internet banking mobile application
2. User do not need to remember ATM PIN or manually input the complex One-Time password as it will automatically transmit from mobile device to ATM physically through vibration signal
3. Almost all of the mobile phones are equipped with vibration function and there is...