Author: Stephen Davies Date: To: hampshire Subject: ATM's that use Windows (Was Re: Fw: [Hampshire] Killer Apps for Linux)
As someone who was involved in writing software for ATM's (10+ years
ago) I have to say that using Windows for them is a very backward step.
however this trend started about 10years ago. There were several reasons
for this.
1) The ATM's were essentially black boxes and you spoke to them over
X.25 using Diebold (or a modified form thereof ) protocols.
2) The banks wanted to start doing more 'Selling of other services'
through the ATM's
1 was not compatible with 2 so they moved to using some form of windows O/S.
Then the banks moved away from a very closed and secure X.25 network to
IP and not even keeping it physically separate from their own internal
Branch LAN/WAN
It all ends up where we are today.
Most ATM's run Windows and have to be massively overspec'd to cater for it.
They have little or no error recovery built into the software
The Banks Internal IP Networks are very insecure ( A few banks have got
wise to this and are making them physically separate)
They often rely on DHCP for their IP Addresses as the MSCP's who run the
networks can't be bothered (or know how) to set up a proper net using
Fixed IP Addresses
In my day, this was all a definite No-No Never scenario
They have got lazy.
One bank I setup the first ATM Network in this particular Eastern
European Country (Bank/Counter shall remain nameless) for over 10 years
ago moved to Windows+TCPIP etc about 5 years ago, Last year they got
hacked badly. It cost them $10M+ and in banking term, that is very bad.
About 10% of their ATM network was still running X.25. These were
untouched. So now, they are moving back to X.25 and replacing Windows
with DSL on a Flash Card. They are also replacing all the P4 CPU's etc
with fanless VIA(CPU) based system. These will be housed in a locked box
with a trip on the lock so that the security keys (held on EEPROM) get
blasted with 1000v if it it not opened correctly.
Oh and by the way, all the fancy ideas about selling other services via
ATM's soon bit the dust after huge numbers of customer complaints about
the length of queues etc. Some banks do have special terminals inside
their branches that allow customer to do things as if they were banking
via the internet. This is useful where there is not a large number of
private internet connections.
Sadly, there is no easy way here in the UK to be sure how secure the ATM
you are using is. I tend to use only those inside branches on my bank. I
never use ATM's which charge or ones in Shops apart from Supermarkets
(These are all run by the likes of HBOS, RBS, HSBC etc)
