ted@nmsu.edu (12/14/88)
After some checking, (and one very good reference) I have found out that in the case of ATM's serviced by the CIRRUS network: 1) the pin is verified with the issuing bank on every transaction, although there appears to be room for CIRRUS to interject a false verification for testing purposes. 2) all data traffic is encrypted with DES with key distribution by public-key methods. Lines that go out of service are automatically replaced by dial-ups as needed, so that tapping could be done without much chance of detection, but the cost of attacking a 4.8Kbit DES line is probably not worth the cost (but since atm's send pins and account numbers directly over the line, you would completely compromise those accounts). 3) CIRRUS does not apparently support return of account balance. This would explain why moving out of your local area (i.e. local banking group) causes your balance to disappear from the atm summary. None of this information indicates that the PIN is NOT stored on the card, only that atm's do not ever have to take the card's word that the pin is correct. The information that I have found does not say anything about the other major atm transaction networks (cash stream and the plus system), nor does it really say anything about the atm's themselves. Many thanks to Mark Schuldenfrei for pointing me at the August 85 issue of CACM which had a case study of CIRRUS (really an interview with one of the honshos).