Re: IBM ATM machines

[Anne & Lynn Wheeler]

[EMAIL PROTECTED] wrote:

That reminds me. The first ATMs in Canada I saw at my bank were made by
IBM - and they used a formed-character printer to print the information
about the transaction on card stock media.

It was apparent to me that what they were using was exactly the right
size to be a 96-column card.

ref (including past posts mentioning los gatos lab atm machine development):
http://www.garlic.com/~lynn/2006x.html#9 Plurals and language confusion

ditto the san jose ibm credit union

offices were in the basement of bldg.12 ... they had to move out when bldg.12 
under went
seismic retrofit.

and for the heck of it and more topic drift, other posts in the pin attack 
threads
http://www.garlic.com/~lynn/2006u.html#42 New attacks on the financial PIN 
processing
http://www.garlic.com/~lynn/2006u.html#43 New attacks on the financial PIN 
processing
http://www.garlic.com/~lynn/2006u.html#47 New attacks on the financial PIN 
processing
http://www.garlic.com/~lynn/2006u.html#48 New attacks on the financial PIN 
processing
http://www.garlic.com/~lynn/2006v.html#1 New attacks on the financial PIN 
processing
http://www.garlic.com/~lynn/2006v.html#2 New attacks on the financial PIN 
processing
http://www.garlic.com/~lynn/2006v.html#33 New attacks on the financial PIN 
processing
http://www.garlic.com/~lynn/2006v.html#39 On sci.crypt: New attacks on the 
financial PIN processing
http://www.garlic.com/~lynn/2006v.html#42 On sci.crypt: New attacks on the 
financial PIN processing
http://www.garlic.com/~lynn/2006v.html#46 Patent buster for a method that 
increases password security
http://www.garlic.com/~lynn/2006v.html#49 Patent buster for a method that 
increases password security

the original post in the thread
http://www.garlic.com/~lynn/2006u.html#40 New attacks on the financial PIN 
processing

was oriented towards insiders being able to take advantage of their position to 
compromise
PIN processing.

this is different than the skimming/harvesting attacks
http://www.garlic.com/~lynn/subintegrity.html#harvest

that can be done with compromised terminals (which may involve insiders or 
outsiders) ... i.e. capture of static authentication data for replay attacks. 
traditionally this has involved magstripe cards (with or w/o PINs) ... but has 
also been used against chipcards that rely on static authentication data
http://www.garlic.com/~lynn/2006v.html#45 On sci.crypt: New attacks on the 
financial PIN processing

in some cases ... some of the chipcard implementations using static 
authentication data has made it even more attractive for the attacker doing 
skimming exploits.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html