Issue No.06 - November/December (2007 vol.5)
Vebjørn Moen , University of Bergen, Norway
Kjell J. Hole , University of Bergen, Norway
Knut M. Tande , University of Bergen, Norway
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.168
This case study focuses on real-world ATM card misuse, illustrating how too much secrecy led to a deterioration of PIN-based authentication procedures, and why a bank's refusal to share technical information is a threat to a customer during a conflict.
ATM system, DES encryption, PIN codes, security
Vebjørn Moen, Kjell J. Hole, Knut M. Tande, "Lessons from the Norwegian ATM System", IEEE Security & Privacy, vol.5, no. 6, pp. 25-31, November/December 2007, doi:10.1109/MSP.2007.168