How to make the most of your time in line at an ATM? We suggest this exercise: imagine that you have X-ray vision, and try to trace the entire path that the bills take inside the device.
To make it easier for you to navigate, here is a post about the rich inner world of an ATM. We talk about the mechanical part and a little about the connection with the banking information circuit. We invite all curious people to cat.
Oldfags probably remember ATMs that accept money one bill at a time. Now this is a rarity - there is not one like it in Gazprombank.
From the deposit compartment, cash enters the transport mechanism of the receiver. The specific implementation of transport depends on the manufacturer. As a rule, this is a system of moving belts, feed and guide shafts.
One banknote at a time enters the validator . Its task is to check the denomination, currency and authenticity . To do this, the validator has a two-sided scanner, a set of sensors and electronic templates of all banknotes in circulation.
How the validation process works:
Quite an old ATM NCR 6676: system unit at the top, engineering control panel underneath, card reader with green backlight on the right
Together, the receiver, transport and validator resemble a bank counting machine with the function of nominal counting and checking banknotes. It is a complex device with many sensors and moving parts. It is not surprising that foreign objects entering the receiver are fatal to the ATM.
You will be lucky if the conditional paper clip is not firmly attached to the money. Then, under the influence of gravity, it will fall into the compartment for foreign objects, which is located directly under the receiver. But in most cases, a foreign object will either cause a malfunction or disable the ATM. So always check to see if there is a paperclip or coin stuck between the bills.
The bills pass through the validator, and then there are two options: the ATM accepts them for further circulation or rejects them.
The validator easily filters out counterfeit money by identifying a discrepancy with at least one of the features of a genuine banknote. Crumpled and torn banknotes will also not pass inspection: folds and tears make it difficult to evaluate all the signs. Finally, the validator will also return the tattered cash - it will be given away by the thickness of the paper and, again, poor readability of the signs.
The ATM distinguishes between counterfeit and damaged money, but treats them in the same way - returns them to the user. There is no special cassette for counterfeiting in our ATMs.
By the way, time for thinking is limited in all ATMs, this is a requirement of international payment systems. The timeout for each interaction is set when setting up the ATM software. Pressing a button or screen resets the counter.
If the validator rejected some of the bills and you did not have time to pick them up, then after the timeout expires, the ATM takes the money back and places it in a separate cassette.
If all the features match the electronic template, then the banknote is genuine. In this case, the validator passes it on to the next node - escrow. This is a module for temporary storage of cash; money is held in it while you stand at the ATM and check the amount of deposited funds on the screen. Until this moment inclusive, the banknotes still belong to you.
Once you confirm the funds have been credited to your account, your money will turn into data within the banking circuit. The banknotes inside the machine no longer belong to you - they begin to live their own lives. Then they have two options: collection and recycling.
From escrow, money is transferred by default to a deposit cassette - it stores all the bills that the validator has recognized as suitable for return to circulation. There is no sorting here: in what order the banknotes arrived, that is how they are placed in the cassette. An ATM may have one or more deposit cassettes.
Money remains in deposit cassettes until the next collection. After it, specialists in the bank cash department count the cash and compare this data with the list of transactions performed. Empty deposit cassettes are waiting for the next collection so that they can be returned to the ATM again.
Some ATMs have a recycling function - issuing banknotes deposited by clients to other clients. The main criterion for recycling: the condition of the banknotes must be suitable for return to circulation.
In such devices, money from escrow is sent not to a deposit cassette, but to cash recycling cassettes - one recycling cassette for each denomination. The ATM initially knows the denominations of all recycling cassettes, therefore, after validation, it sends each bill to the appropriate cassette.
Recycling ATMs have a limited number of recycling cassettes, only for the most popular denominations. If the bill does not match the face value of any recycling cassette, it is sent to the deposit cassette.
The benefits of recirculating ATMs are obvious: they need to be collected less frequently, and this function is partially undertaken by customers.
Let's leave paper bills at this. Your money has turned into transaction data, let's talk more about this data.
When you have confirmed the crediting of funds to your account, the ATM sends a request to the bank’s processing center: “Credit the amount XXX to the card with the number NNNN NNNN NNNN NNNN.”
The protocol by which the ATM communicates with the processing center depends on the software the device runs on. Most often, the role of the application level protocol is played by highly specialized control protocols with the function of transferring financial messages (NDC or DDC). More well-known protocols can also be used - for example, HTTPS.
In any case, the ATM builds a secure connection with the center. At Gazprombank we use an IPSec-VPN tunnel, which tunnels and encrypts traffic using the GOST algorithm. Inside the tunnel, data is also encrypted using TLS and 3DES.
The PC checks the PIN code, the card number and expiration date, the owner’s name, the transaction counter on the chip, the presence of restrictions on the card, the cryptogram generated by the card chip and much more. If everything is in order, the center gives the go-ahead for the operation. After its completion, you will receive a push notification or SMS about the successful replenishment of the card.
[IMG alt="NCR ATM Receipt Printer
"]https://habrastorage.org/r/w780/get...33/6facf453378d345c4b23ed2f8201189e.jpg[/IMG]
NCR ATM Receipt Printer
Let's say you top up your card with a zero balance and immediately make a purchase for the same amount. Whose money did you pay with? If the ATM and the card belong to the same bank, then rest assured: it is your money that is on your card, only in digitized form. And within a second after the notification, you spend your money in the store, not the bank’s money. Of course, there are subtleties here that depend on the infrastructure of a particular bank, but there is little point in going into them now.
But if the ATM belongs to another bank, then the picture is fundamentally different. In this case, the acquiring bank (owner of the ATM) transmits information about the transfer to the issuing bank (your bank) through the payment system. You will see a notification about replenishing your balance immediately after the transaction is approved, as if you were topping up your card at your bank’s ATM. But in fact, your money will reach the bank within three banking days.
It turns out that immediately after depositing cash on the card, you will pay not with your own money, but with the money of your bank. The bank itself calmly agrees to this, because the payment system guarantees that it will ultimately receive your money from the acquiring bank.
There are two main ways to dispense banknotes at ATMs:
There is a third option at Gazprombank ATMs:
This is what the output cassette looks like
The condition of the cassettes is monitored in real time by counters, the indicators of which can be seen online. Data from the meters is loaded into a system that predicts the emptying of cassettes and recommends optimal collection dates.
If the cash in the ATM runs out suddenly, an unscheduled collection will be carried out. But this rarely happens; most often, collection is carried out in advance.
Interwall ATM dispenser
When the whole pack is filled in the presenter, the curtain opens and you can take out the cash.
If you take cash out of the same compartment where you put it, then you have a recycling ATM. In it, the receiving and issuing modules are combined in one device, respectively, the presenter and the receiver are one device.
Other ATMs have separate receiving and dispensing modules: you put cash in a separate receiver and take it out from a separate presenter.
The full transaction log is stored on the bank's internal secure server. The magazine remembers everything:
Any operation from the log can be correlated in time with the video recording. All ATMs are equipped with cameras that record all calls and mark the main stages of the operation on video. The camera resolution depends on the ATM model, but the video quality is sufficient in any case to identify an attacker. An archive of video recordings is stored on the bank’s internal secure server and is available upon request.
NCR 6632 ATM: card reader and receipt printer
Naturally, ATMs provide protection against fraudsters. For example, any card with a chip has unique data - a cryptogram. When an ATM contacts the center to conduct a transaction, each such call must contain a cryptogram.
You can transfer it only by attaching the card to the reader. Therefore, during contactless servicing, the ATM requires you to touch your card or phone at each stage. When the card is inserted into the slot, the cryptogram is also constantly read, it just happens unnoticed by the client.
Let's say you're unlucky: the ATM ate the money and turned off, or the money left the card, but the ATM did not dispense it. In this case, it is better to file a claim immediately. But such failures occur extremely rarely - too many stars must converge. As a rule, a power outage does not cause any problems for the client.
Another unlikely surprise: the Internet was cut off while the ATM was sending data to the processing center. Unlikely, because the software regularly checks the connection to the server and if it fails, the ATM exits maintenance mode.
If such a situation occurs, just in case, check your banking application - maybe the transaction was completed after all. If there is no push notification or SMS, stay put. The ATM will send the problematic transaction until the end, but if the connection with the center is not restored, the ATM will return the card and funds to you. It will be a shame if at this moment you are no longer near the ATM.
In some cases, if communication with the server is lost, the ATM seizes the card and cash and keeps them for safekeeping in a separate cassette. You can return them by reporting the problem to the bank.
Manufacturers take into account the needs of banks and customers, use new technologies - as a result, ATMs have become contactless, fast, convenient and safe. Let's see what they will be like in another ten years.
Thank you for your attention!
To make it easier for you to navigate, here is a post about the rich inner world of an ATM. We talk about the mechanical part and a little about the connection with the banking information circuit. We invite all curious people to cat.
From wallet to ATM
ATM models from different manufacturers may differ in detail, but conceptually they all consist of the same key components. The first thing you see with money is the receiver - the same compartment for bills with a protective shutter curtain.Oldfags probably remember ATMs that accept money one bill at a time. Now this is a rarity - there is not one like it in Gazprombank.
From the deposit compartment, cash enters the transport mechanism of the receiver. The specific implementation of transport depends on the manufacturer. As a rule, this is a system of moving belts, feed and guide shafts.
One banknote at a time enters the validator . Its task is to check the denomination, currency and authenticity . To do this, the validator has a two-sided scanner, a set of sensors and electronic templates of all banknotes in circulation.
How the validation process works:
- First, the validator determines the dimensions of the banknote and scans it in different spectra: visible, magnetic, IR, UV. All this is to check the characteristic signs of authenticity. Modern banknotes have a lot of them: watermarks, hidden inscriptions, moire stripes, special color-changing paint, micro-perforation, relief.
- Using magnetic sensors, the validator checks the presence and correct location of tags. For example, some elements of banknotes are painted with paints containing ferromagnetic additives. Security threads can also have magnetic properties.
- The resulting “portrait” of the bill is compared with an electronic template of the same currency and denomination: by size, brightness, contrast, image histogram, as well as by all the characteristics listed above. The exact contents of the template and comparison methodology are different for each ATM manufacturer and are kept secret.
Quite an old ATM NCR 6676: system unit at the top, engineering control panel underneath, card reader with green backlight on the right
Together, the receiver, transport and validator resemble a bank counting machine with the function of nominal counting and checking banknotes. It is a complex device with many sensors and moving parts. It is not surprising that foreign objects entering the receiver are fatal to the ATM.
You will be lucky if the conditional paper clip is not firmly attached to the money. Then, under the influence of gravity, it will fall into the compartment for foreign objects, which is located directly under the receiver. But in most cases, a foreign object will either cause a malfunction or disable the ATM. So always check to see if there is a paperclip or coin stuck between the bills.
The bills pass through the validator, and then there are two options: the ATM accepts them for further circulation or rejects them.
The validator easily filters out counterfeit money by identifying a discrepancy with at least one of the features of a genuine banknote. Crumpled and torn banknotes will also not pass inspection: folds and tears make it difficult to evaluate all the signs. Finally, the validator will also return the tattered cash - it will be given away by the thickness of the paper and, again, poor readability of the signs.
The ATM distinguishes between counterfeit and damaged money, but treats them in the same way - returns them to the user. There is no special cassette for counterfeiting in our ATMs.
By the way, time for thinking is limited in all ATMs, this is a requirement of international payment systems. The timeout for each interaction is set when setting up the ATM software. Pressing a button or screen resets the counter.
If the validator rejected some of the bills and you did not have time to pick them up, then after the timeout expires, the ATM takes the money back and places it in a separate cassette.
If all the features match the electronic template, then the banknote is genuine. In this case, the validator passes it on to the next node - escrow. This is a module for temporary storage of cash; money is held in it while you stand at the ATM and check the amount of deposited funds on the screen. Until this moment inclusive, the banknotes still belong to you.
Once you confirm the funds have been credited to your account, your money will turn into data within the banking circuit. The banknotes inside the machine no longer belong to you - they begin to live their own lives. Then they have two options: collection and recycling.
From escrow, money is transferred by default to a deposit cassette - it stores all the bills that the validator has recognized as suitable for return to circulation. There is no sorting here: in what order the banknotes arrived, that is how they are placed in the cassette. An ATM may have one or more deposit cassettes.
Money remains in deposit cassettes until the next collection. After it, specialists in the bank cash department count the cash and compare this data with the list of transactions performed. Empty deposit cassettes are waiting for the next collection so that they can be returned to the ATM again.
Some ATMs have a recycling function - issuing banknotes deposited by clients to other clients. The main criterion for recycling: the condition of the banknotes must be suitable for return to circulation.
In such devices, money from escrow is sent not to a deposit cassette, but to cash recycling cassettes - one recycling cassette for each denomination. The ATM initially knows the denominations of all recycling cassettes, therefore, after validation, it sends each bill to the appropriate cassette.
Recycling ATMs have a limited number of recycling cassettes, only for the most popular denominations. If the bill does not match the face value of any recycling cassette, it is sent to the deposit cassette.
The benefits of recirculating ATMs are obvious: they need to be collected less frequently, and this function is partially undertaken by customers.
Let's leave paper bills at this. Your money has turned into transaction data, let's talk more about this data.
From ATM to banking circuit
If we discard all the peripherals that interact with money, cards and the user, what remains of an ATM is an ordinary computer. More or less modern models have on board 4 GB of RAM and a dual- or quad-core x86 or x86-64 processor.When you have confirmed the crediting of funds to your account, the ATM sends a request to the bank’s processing center: “Credit the amount XXX to the card with the number NNNN NNNN NNNN NNNN.”
The protocol by which the ATM communicates with the processing center depends on the software the device runs on. Most often, the role of the application level protocol is played by highly specialized control protocols with the function of transferring financial messages (NDC or DDC). More well-known protocols can also be used - for example, HTTPS.
In any case, the ATM builds a secure connection with the center. At Gazprombank we use an IPSec-VPN tunnel, which tunnels and encrypts traffic using the GOST algorithm. Inside the tunnel, data is also encrypted using TLS and 3DES.
The PC checks the PIN code, the card number and expiration date, the owner’s name, the transaction counter on the chip, the presence of restrictions on the card, the cryptogram generated by the card chip and much more. If everything is in order, the center gives the go-ahead for the operation. After its completion, you will receive a push notification or SMS about the successful replenishment of the card.
[IMG alt="NCR ATM Receipt Printer
"]https://habrastorage.org/r/w780/get...33/6facf453378d345c4b23ed2f8201189e.jpg[/IMG]
NCR ATM Receipt Printer
Let's say you top up your card with a zero balance and immediately make a purchase for the same amount. Whose money did you pay with? If the ATM and the card belong to the same bank, then rest assured: it is your money that is on your card, only in digitized form. And within a second after the notification, you spend your money in the store, not the bank’s money. Of course, there are subtleties here that depend on the infrastructure of a particular bank, but there is little point in going into them now.
But if the ATM belongs to another bank, then the picture is fundamentally different. In this case, the acquiring bank (owner of the ATM) transmits information about the transfer to the issuing bank (your bank) through the payment system. You will see a notification about replenishing your balance immediately after the transaction is approved, as if you were topping up your card at your bank’s ATM. But in fact, your money will reach the bank within three banking days.
It turns out that immediately after depositing cash on the card, you will pay not with your own money, but with the money of your bank. The bank itself calmly agrees to this, because the payment system guarantees that it will ultimately receive your money from the acquiring bank.
From a banking circuit to an ATM
The conversion of digital money into cash follows the same pattern, only in the opposite direction.There are two main ways to dispense banknotes at ATMs:
- “Uniform dispensing” - the amount is dispensed so that the number of bills in cassettes of different denominations decreases evenly;
- “Thin pack” - the amount is issued in a minimum number of bills.
There is a third option at Gazprombank ATMs:
- “Bank by banknote issue” - when the client can choose which banknotes he wants to receive the amount in.
This is what the output cassette looks like
The condition of the cassettes is monitored in real time by counters, the indicators of which can be seen online. Data from the meters is loaded into a system that predicts the emptying of cassettes and recommends optimal collection dates.
If the cash in the ATM runs out suddenly, an unscheduled collection will be carried out. But this rarely happens; most often, collection is carried out in advance.
From ATM to wallet
It’s quite simple: upon command from the server, the dispenser is turned on. This module collects the required number of banknotes from the cassettes one by one and then, using transport, sends them one after another to the presenter .
Interwall ATM dispenser
When the whole pack is filled in the presenter, the curtain opens and you can take out the cash.
If you take cash out of the same compartment where you put it, then you have a recycling ATM. In it, the receiving and issuing modules are combined in one device, respectively, the presenter and the receiver are one device.
Other ATMs have separate receiving and dispensing modules: you put cash in a separate receiver and take it out from a separate presenter.
Safety
In accordance with PCI DSS security standards, only information about the fact of the transaction is stored on the ATM drive. To prevent the drive from becoming full, the ATM archives and deletes old logs once a day.The full transaction log is stored on the bank's internal secure server. The magazine remembers everything:
- the denomination and currency of each bill in the bundle, and sometimes also the serial number of the banknote, if the ATM model can recognize and register serial numbers;
- the number of the ATM cassette to which the transaction is associated;
- and, of course, the card number on which funds were deposited or withdrawn.
Any operation from the log can be correlated in time with the video recording. All ATMs are equipped with cameras that record all calls and mark the main stages of the operation on video. The camera resolution depends on the ATM model, but the video quality is sufficient in any case to identify an attacker. An archive of video recordings is stored on the bank’s internal secure server and is available upon request.
NCR 6632 ATM: card reader and receipt printer
Naturally, ATMs provide protection against fraudsters. For example, any card with a chip has unique data - a cryptogram. When an ATM contacts the center to conduct a transaction, each such call must contain a cryptogram.
You can transfer it only by attaching the card to the reader. Therefore, during contactless servicing, the ATM requires you to touch your card or phone at each stage. When the card is inserted into the slot, the cryptogram is also constantly read, it just happens unnoticed by the client.
Force majeure
In case of a power outage, most ATMs are equipped with a UPS. If the lights are turned off, and you did not have time to confirm the crediting/withdrawal of money to your account, the device will almost certainly complete the operation normally or return the money to your wallet or account. The ATM will then stop serving customers and wait until main power is available.Let's say you're unlucky: the ATM ate the money and turned off, or the money left the card, but the ATM did not dispense it. In this case, it is better to file a claim immediately. But such failures occur extremely rarely - too many stars must converge. As a rule, a power outage does not cause any problems for the client.
Another unlikely surprise: the Internet was cut off while the ATM was sending data to the processing center. Unlikely, because the software regularly checks the connection to the server and if it fails, the ATM exits maintenance mode.
If such a situation occurs, just in case, check your banking application - maybe the transaction was completed after all. If there is no push notification or SMS, stay put. The ATM will send the problematic transaction until the end, but if the connection with the center is not restored, the ATM will return the card and funds to you. It will be a shame if at this moment you are no longer near the ATM.
In some cases, if communication with the server is lost, the ATM seizes the card and cash and keeps them for safekeeping in a separate cassette. You can return them by reporting the problem to the bank.
Manufacturers take into account the needs of banks and customers, use new technologies - as a result, ATMs have become contactless, fast, convenient and safe. Let's see what they will be like in another ten years.
Thank you for your attention!
