Page |1

CHAPTER-1
INTRODUCTION

The rise of technology in India has brought into force many types of equipment that aim at
more customer satisfaction. ATM (Automated Teller Machine) is one such machine which
made money transactions easy for customers to bank. The other side of this improvement is
the enhancement of the culprit’s probability to get his ‘unauthentic’ share. Traditionally,
security is handled by requiring the combination of a physical access card and a PIN or other
password in order to access a customer’s account. This model invites fraudulent attempts
through stolen cards, badly-chosen or automatically assigned PINs, cards with little or no
encryption schemes, employees with access to non-encrypted customer account information
and other points of failure.
To achieve more reliable verification or identification we should use something that really
characterizes the given person. Biometrics offer automated methods of identity verification or
identification on the principle of measurable physiological or behavioural characteristics such
as a fingerprint or a voice sample. The characteristics are measurable and unique. These
characteristics should not be duplicable, but it is unfortunately often possible to create a copy
that is accepted by the biometric system as a true sample. This is a typical situation where the
level of security provided is given as the amount of money the impostor needs to gain an
unauthorized access.
Biometric authentication has been widely regarded as the most fool proof -or at least the
hardest to forge or spoof. Since the early 1980s, systems of identification and authentication
based on physical characteristics have been available to enterprise IT. These biometric
systems were slow, intrusive and expensive, but because they were mainly used forguarding
mainframe access or restricting physical entry to relatively few users, they proved workable
in some high-security situations. Twenty years later, computers are much faster and cheaper
than ever. This, plus new, inexpensive hardware, has renewed interest in biometrics.

PESIT-BSC DEPARTMENT OF MCA 2019

 Page |2

CHAPTER-2
LITERATURE REVIEW

The first ATMs were off-line machines, meaning money was not automatically withdrawn
from an account. The bank accounts were not (at that time) connected by a computer network
to the ATM (The New York Times 1961). Therefore, banks were at first very exclusive about
who they gave ATM privileges to. Giving them only to credit card holders (credit cards were
used before ATM cards) with good banking records (ATM Marketplace 2013). In modern
ATMs, customers authenticate themselves by using a plastic card with a magnetic stripe,
which encodes the customer's account number, and by entering a numeric pass code called a
PIN (personal identification number), which in some cases may be changed using the
machine.(BBC News 2010) Typically, if the number is entered incorrectly several times in a
row, most ATMs will retain the card as a security precaution to prevent an unauthorised user
from working out the PIN by pure guesswork (History of Telecommunications Conference
2008)

Problem Statement
The issue of people’s accounts being emptied by fraudsters when they are able to hack into
their cards to know their PIN.

Research Objectives
(i) To proffer solution to ATM fraud in the Banking Industry.
(ii) To stop the vice of people impersonating others to withdraw money on their
behalf from the ATM.

Significance of the Study

Once this study is carried out the issue of fraudsters making away with customers’ money
will be a thing of the past.

PESIT-BSC DEPARTMENT OF MCA 2019

 Page |3

CHAPTER-3
HOW THE BIOMETRIC ATM WORKS?

When a customer puts in a bank card, a stereo camera locates the face, finds the eye and
takes a digital image of the iris at a distance of up to three feet. The resulting computerized
"iris code" is compared with one the customer will initially provide the bank. The ATM won't
work if the two codes don't match. The entire process takes less than two seconds.
The system works equally well with customers wearing glasses or contact lenses and at
night. No special lighting is needed. The camera also does not use any kind of beam. Instead,
a special lens has been developed that will not only blow up the image of the iris, but provide
more detail when it does. Iris scans are much more accurate than other high-tech ID systems
available that scan voices, faces and fingerprints.
Scientists have identified 250 features unique to each person's iris-compared with about 40
for fingerprints-and it remains constant through a person's life, unlike a voice or a face.
Fingerprint and hand patterns can be changed through alteration or injury. The iris is the best
part of the eye to use as an identifier because there are no known diseases of the iris and eye
surgery is not performed on the iris. Iris identification is the most secure, robust and stable
form of identification known to man. It is far safer, faster, more secure and accurate than
DNA testing. Even identical twins do not have identical irises. The iris remains the same
from 18 months after birth until five minutes after death.
When the system is fully operational, a bank customer will have an iris record made for
comparison when an account is opened. The bank will have the option of identifying either
the left or right eye or both. It requires no intervention by the customer. They will simply get
a letter telling them they no longer have to use the PIN number. And, scam artists beware, a
picture of the card holder won't pass muster. The first thing the camera will check is whether
the eye is pulsating. If we don't see blood flowing through your eye, you're either dead or it's
a picture.

PESIT-BSC DEPARTMENT OF MCA 2019

 Page |4

CHAPTER-4
What is Biometric?

The term biometrics is derived from the Greek words Bio &Metric. The term Biometrics
relates to the measurement (metric) of characteristics of a living (Bio) thing in order to
identify a person. Biometrics uses various physiological or behavioural characteristics.
Common physiological biometric measurements include fingerprints, hand geometry, retina,
iris, facial images etc. While common behavioural biometric measurements include
signatures, voice recordings, keystroke rhythms etc. With an increasing importance of
security, there is a need to guaranty that only authenticated users have access to the system.
In recent years, biometrics authentication has seen considerable improvements in reliability
and accuracy, with some of the traits offering good performance. However, even the best
biometric traits till date are facing numerous problems some of them are inherent to the
technology itself. Biometric authentication systems generally suffer from enrolment problems
due to non-universal biometric traits, insufficient accuracy caused by noisy data acquisition
in certain environments. Biometric measurements are inherently varied because of the
existence of back-ground noise, signal distortion, biometric feature changes and
environmental variations. Identification based on a single bio-metric trait may not be
sufficiently robust and it has a limited ability to overcome spoofing.
One way to overcome these problems is the use of multi-biometrics. A multi biometric
system uses multiple sensors for data acquisition. This allows capturing multiple samples of a
single biometric trait and/or samples of multiple biometric traits. This approach is enables to
provide significant improvement over unimodal biometric system in terms of higher accuracy

Biometric System Components and Process

Four major components are usually present in a biometric system:
1. A mechanism to scan and capture a digital representation of a living person’s
biometric characteristic.
2. Software to process the raw data into a format (called a template) that can be used for
storing and matching
3. .Matching software to compare a previously stored biometric template with a template
from a live sample.
4. An interface with the application system to communicate the match result.

PESIT-BSC DEPARTMENT OF MCA 2019

 Page |5

CHAPTER-5
Biometrics and Privacy

1. Unlike more common forms of identification, biometric measures contain no personal

information and are more difficult to forge or steal.
2. Biometric measures can be used in place of a name or Social Security number to secure
anonymous transactions.
3. Some biometric measures (face images, voice signals and “latent” fingerprints left on
surfaces) can be taken without a person’s knowledge, but cannot be linked to an identity
without a pre-existing invertible database.
4. A Social Security or credit card number, and sometimes even a legal name, can identify a
person in a large population. This capability has not been demonstrated using any single
biometric measure.
5. Like telephone and credit card information, biometric databases can be searched outside of
their intended purpose by court order.
6. Unlike credit card, telephone or Social Security numbers, biometric characteristics change
from one measurement to the next.
7. Searching for personal data based on biometric measures is not as reliableor efficient as
using better identifiers, like legal name or Social Security number.
8. Biometric measures are not always secret, but are sometimes publicly observable and
cannot be revoked if compromised.

PESIT-BSC DEPARTMENT OF MCA 2019

 Page |6

CHAPTER-6
Biometric Applications

Biometric applications can be categorized in horizontal categories as well as vertical markets.

Biometrics are most frequently used in the following horizontal categories:

a)Citizen Identification:

Identify/authentify citizens interacting with government agencies

b)PC / Network Access:

Secure access to PCs, networks and other computer resources

c)Physical Access / Time and Attendance:

Secure access to a given area at a given time

d)Surveillance and Screening:

Identify/authentify individuals present in a given location

e)Retail / ATM / Point of Sale:

Provide identification/authentication for in-person transactions for goods/services

f)E-Commerce / Telephony:

Provideidentification/authentication for remote transactions for goods/services

g)Criminal Identification:

Identify/verifyindividuals in law enforcement applications.

Why use Biometric ATM ?

• Provides strong authentication
• Can be used instead of a PIN
• Hidden costs of ATM card management like card personalization, delivery,
management, re-issuance, PIN generation, help-desk, and re-issuance can be avoided
• It is accurate
• Flexible account access allows clients to access their accounts at their convenience

PESIT-BSC DEPARTMENT OF MCA 2019

 Page |7

CHAPTER-7
BIOMETRIC TECHNIQUES

There are lots of biometric techniques available nowadays. A few of them are in the stage of
the research only (e.g. the odour analysis), but a significant number of technologies is already
mature and commercially available (at least ten different types of biometrics are
commercially available nowadays: fingerprint, finger geometry, hand geometry, palm print,
iris pattern, retina pattern, facial recognition, voice comparison, signature dynamics and
typing rhythm)

Two types of identification

1. Physiological
• Fingerprint
• Face
• Hand
• Eye
2. Behavioral
• Voice
• Signature
• Keystroke

1.Physiological Biometrics:
Physiology is the characteristic of the body and thus it varies from person to person,
including fingerprint, hand geometry, face, and iris and retina recognition. The fingerprint is
using patterns which are aggregate characteristics of ridges and minutia points

2.Behavioral biometric:
Behavioral biometric is a biometric that is based on a behavioral trait of an individual.
Examples of behavioral biometrics includes speech patterns, signatures and keystrokes.
Contrast with physical biometric.

PESIT-BSC DEPARTMENT OF MCA 2019

 Page |8

7.1. Fingerprint technologies

The traditional method uses the ink to get the fingerprint onto a piece of paper. This piece of
paper is then scanned using a traditional scanner. This method is used only rarely todaywhen
an old paper-based database is being digitalised, a fingerprint found on a scene of a crime is
being processed or in law enforcement AFIS systems. Otherwise modern live fingerprint
readers are used. They do not require the ink anymore. These live fingerprint readers are most
commonly based on optical, thermal, silicon or ultrasonic principles
Optical fingerprint readers are the most common at present. They are based on reflection
changes at the spots where the finger papilar lines touch the reader’s surface.
The size of the optical fingerprint readers typically is around 10x10x5 cms. It is difficult to
minimize them much more as the reader has to comprise the source of light, reflection
surface and the light sensor.The optical fingerprint readers work usually reliably, but
sometimes have problems with dust if heavily used and not cleaned. The dust may cause
latent fingerprints, which may be accepted by the reader as a real fingerprint. Optical
fingerprint readers cannot be fooled by a simple picture of a fingerprint, but any 3D
fingerprint model makes a significant problem, all the reader checks is the pressure.

A fingerprint scanner system has two basic jobs :

• It needs to get an image of your finger.
• It needs to determine whether the pattern of ridges and valleys in this image matches
the pattern of ridges and valleys in pre-scanned images.
• Only specific characteristics, which are unique to every fingerprint, are filtered and
saved as an encrypted biometric key or mathematical representation.
No image of a fingerprint is ever saved, only a series of numbers (a binary code), which is
used for verification. The algorithm cannot be reconverted to an image, so no one can
duplicate your fingerprints.

PESIT-BSC DEPARTMENT OF MCA 2019

 Page |9

Fingerprint Recognition

Ridges and Valleys

PESIT-BSC DEPARTMENT OF MCA 2019

 P a g e | 10

7.2.IRIS RECOGNITION

In spite of all these security features, a new technology has been developed. Bank United of
Texas became the first in the United States to offer iris recognition technology at automatic
teller machines, providing the customers a card less, password-free way to get their money
out of an ATM. There's no card to show, there's no fingers to ink, no customer inconvenience
or discomfort. It's just a photograph of a Bank United customer's eyes. Just step up to the
camera while your eye is scanned. The iris -- the coloured part of the eye the camera will be
checking -- is unique to every person, more so than fingerprints.
Both pieces of software will be compiled and run on a Windows XP and a Linux system.
Once they are both functioning properly, they will be tweaked as much as possible to increase
performance (decreasing the time spent matching) and to decrease memory footprint.
Following that, the black boxes will be broken into two components – a server and a client –
to be used in a two-machine network. The client code will act as a user interface, passing all
input data to the server code, which will handle the calls to the iris recognition software,
further reducing the memory footprint and processor load required on the client end. In this
sense, the thin client architecture of many ATMs will be emulated.
We will then investigate the process of using the black box program to control a USB camera
attached to the computer to avoid the use of the folder of “live” images. Lastly, it may be
possible to add some sort of DES encryption to the client end to encrypt the input data and
decrypt the output data from the server – knowing that this will increase the processor load,
but better allowing us to gauge the time it takes to process.

PESIT-BSC DEPARTMENT OF MCA 2019

 P a g e | 11

Customer arrives at the ATM

Insert ATM Card

Enter PIN or Enrol Iris

PIN or Iris Accepted? No

Yes

Select Transaction Type

Perform the Transaction

No more Transactions No

Yes

Exit and Remove Card

Customer leaves the ATM venue

Activity Diagram for Customer’s Transaction

DEFINITION OF TERMS
1. ATM-Automated Teller Machine
2. PIN-Personal Identification Number
3. Biometric-The use of measurement of human features, such as fingers or eyes, in order to
identify people.
4. Security-Protection against attack of the ATM and the users’ accounts.
5. Encryption-Special coding of the ATM card for unauthorized persons not to have access to
accounts of others.

PESIT-BSC DEPARTMENT OF MCA 2019

 P a g e | 12

7.3.Hand geometry
Hand geometry is based on the fact that nearly every person’s hand is shaped differently and
that the shape of a person’s hand does not change after certain age. Hand geometry systems
produce estimates of certain measurements of the hand such as the length and the width of
fingers. Various methods are used to measure the hand. These methods are most commonly
based either on mechanical or optical principle. The latter ones are much more common
today. Optical hand geometry scanners capture the image of the hand and using the image
edge detection algorithm compute the hand’s characteristics. There are basically 2 sub-
categories of optical scanners. Devices from the first category create a black-and-white
bitmap image of the hand’s shape. This is easily done using a source of light and a black-and-
white camera. The bitmap image is then processed by the computer software. Only 2D
characteristics of the hand can be used in this case. Hand geometry systems from the other
category are more sophisticated.
Hand geometry scanners are easy to use. Where the hand must be placed accurately, guide
markings have been incorporated and the units are m
ounted so that they are at a comfortable height for majority of the population. The noise
factors such as dirt and grease do not pose a serious problem, as only the silhouette of the
hand shape is important. The only problem with hand geometry scanners is in the countries
where the public do not like to place their hand down flat on a surface where someone else’s
hand has been placed.A few hand geometry scanners produce onlythe video signal with the
hand shape. Image digitalization and processing is then done in the computer. On the other
side there exist very sophisticated and automated scanners that do everything by themselves
including the enrollment, data storage, verification and even simple networking with a master
device and multiple slave scanners

PESIT-BSC DEPARTMENT OF MCA 2019

 P a g e | 13

7.4.Facial recognition

Facial recognition is the most natural means of biometric identification. The method of
distinguishing one individual from another is an ability of virtually every human. Until
recently the facial recognition has never been treated as a science. Any camera (with a
sufficient resolution) can be used to obtain the image of the face. Any scanned picture can be
used as well. Generally speaking the better the image source (i.e. camera or scanner) the more
accurate results we get. The facial recognition systems usually use only the gray-scale
information. Colours(if available) are used as a help in locating the face in the image only.
Most of facial recognition systems require the user to stand a specific distance away from
the camera and look straight at the camera. This ensures that the captured image of the face is
within a specific size tolerance and keeps the features (e.g., the eyes) in as similar position
each time as possible.The first task of the processing software is to locate the face (or faces)
within the image. Then the facial character extracted. Facial recognition technology has
recently developed into two areas: facial metrics and eigen faces. Facial metrics technology
relies on the measurement of the specific facial features (the systems usually look for the
positioning ofthe eyes, nose and mouth and the distances betweent hese features).Another
method for facial recognition has been developed in the past three years. The method is based
on categorizing face saccording to the degree of fit with a fixed set of 150 master eigen
faces.This technique is in fact similar to the police method of creating a portrait, but the
image processing is automated and based on a real picture here. Every face is assigned a
degree of fit to each of the 150 master eigen faces, only the 40 template eigen faces with the
highest degree of fit are necessary to reconstruct the face with the accuracy of 99%.

PESIT-BSC DEPARTMENT OF MCA 2019

 P a g e | 14

CHAPTER-8
CONCLUSION

Thus, we are looking forward to an ATM model that is more reliable in providing security by
using iris scanner software. By keeping the time elapsed in the verification process to a
negligible amount we even try to maintain the efficiency of this ATM system to a greater
degree. Furthermore, since nearly all ATMs videotape customers engaging in transactions, it
is no broad leap to realize that banks already build an archive of their customer images, even
if they are not necessarily grouped with account information.
• Biometric tokens are the safest means of preventing ATM frauds.
• The main reason for introducing biometric systems is to increase overall security.
• Biometrics offers greater security and convenience than traditional methods of
personal recognition.
• In some applications, biometrics can replace or supplement the existing technology.
In others, it is the only viable approach.
The biometric system is only one part of an overall identification or authentication process,
and the other parts of that process will play an equal role in determining its effectiveness.

PESIT-BSC DEPARTMENT OF MCA 2019

 P a g e | 15

REFERENCES

 https://www.atmmarketplace.com/.../from-punchcard-to-prestaging-50-years-of-atm-
i...
 History of Telecommunications Conference, 2008.
 ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=4657302
 Machine Accepts Cash Deposits, The New York Times, 12 April 1961
 https://www.andrew.cmu.edu/user/alm3/papers/branch%20optimization.pdf
 Milligan, Brian (25 June 2007). "The man who invented the cash machine". BBC
News. Retrieved 26 April 2010.
 https://en.wikipedia.org/wiki/John_Shepherd-Barron
 http://www.seminarstopics.com

PESIT-BSC DEPARTMENT OF MCA 2019