ATM Vulnerabilities Plague Citibank
Citibank's ATMs are in the news again, but this time -- though details are still scarce -- for some basic security issues.
So far, the speculation is that there could have been, at least, among others, two security issues. Unencrypted PINs transmitted from the ATMs to back end servers, and insecure servers themselves.
What makes this interesting, if its due to these two causes, is that the ATM machines themselves weren't tampered with, as has happened in the past.
Citibank's ATMs were also the subject of a recent Wired article.
So far, the speculation is that there could have been, at least, among others, two security issues. Unencrypted PINs transmitted from the ATMs to back end servers, and insecure servers themselves.
What makes this interesting, if its due to these two causes, is that the ATM machines themselves weren't tampered with, as has happened in the past.
Citibank's ATMs were also the subject of a recent Wired article.
posted by The IT Security Guy at 9:10 PM
1 Comments:
ATMs never send PINs unencrypted. PANs - yes, but PINs are always encrypted when being sent to the backend from an ATM.
Post a Comment
<< Home