Two phase automated tellar machine transaction for visually impaired
Voice guided Automated Teller Machine(ATM) are the type of ATM which letsvisually impaired people access the ATM services. Blind users insert wired Headsetsinto audio output jack on the ATM machine and ATM starts Interactive VoiceResponse through which they can use the machine independently. Visually impairedpeople are usually at a higher risk of frauds and various security vulnerabilitiesthan people with sight. In current system blind users have to revealboth factors of authentication (Personal Identification Number (PIN), ATM card)on public terminal like ATM or Point Of Sale (POS). Users enter their PIN onATM keypad which is susceptible to shoulder-surfing attacks and ATM fake deviceslike keypad overlay and is misused by attackers in the events of lost andstolen cards. We propose a system in which ATM transaction based on EMVchip(Europay Mastercard Visa) is divided into two phases. In the first phaseuser enters PIN and transaction details (Amount, Account Type) into personalizedEMV card (ATM card) through a mobile phone and EMV card reader formobile phones. Personalized EMV Card requires PIN before transaction detailscan be stored in it. Personalized EMV Card generates One Time Password of 4digit for the transaction. In the second phase user enters personalized EMV cardin ATM card slot and OTP generated in first phase on keypad of ATM and completesthe transaction. The PIN is not revealed on the ATM keybaord. Once OTPis verified by Issuer of the card, it cannot be used again to make new transactions.To generate new OTP PIN of the personalized EMV card is needed. If the cardis lost or stolen from blind user it cannot be used to make illegal transactions asPIN is not revealed on public terminals and is not known to the attacker. In thispaper we have proposed protocols for these two phases transaction processing.The proposed protocols are analyzed with respect to security and performanceand found effective for visually impaired. Proposed system does not require anyCryptographic key infrastructure change from the current system. Only EMVTransaction flow is divided in two phase which offers more security features thanthe current system for visually impaired.
- M Tech Dissertations