Design and Implementation of Cost Effective Multi-factor Authentication Framework for ATM Systems

Banks and financial institutions all over the world have adopted and continue to adopt Automated Teller Machine (ATM) systems into their transactions to extend banking hours, and also provide convenience for their customers. ATM systems are networked computerized systems, and as the case is in these systems, their security must be given the highest priority. Among the many strategies for ensuring secured networked systems, authentication is very important. Authentication is the process of verifying the identity of a user or a process that attempts to access information resources from a system. Good authentication methods and schemes are one of the best standard ways of implementing security on computerized systems. The importance of selecting an environment appropriate authentication method is perhaps the most crucial decision in designing secure systems. Authentication protocols are capable of simply authenticating the connecting party or authenticating the connecting party as well as authenticating itself to the connecting party. The verification process is usually based on authentication factors like facts, characteristics, behaviors, or knowledge known only to both the claimant and the verifier. Based on these authentication factors, authentication is classified into knowledge-based (KBA), token-based (TBA) and biometrics-based (BBA) authentications. In this paper, we designed and implemented a hybrid and secure cost-effective authentication framework for ATM systems based on the strengths of the three main authentication classifications.