After publishing some complex java codes, I thought to put a bit general post this time. It’s about how a normal Automated Teller Machine (ATM) works. Actually this is the place where all the data encryption and decryption processes are used .We all use ATMs regularly, without having any idea about how it works. I think this post will give you a very little idea about how it works.
As you can see, an ATM can be placed anywhere (Inside or outside the bank) but the ATM controlling system (Host system) should be inside a bank. HSM (Hardware Security Module) is the tool which is used to fulfill all the encryption and decryption needs of the ATM system.
When an ATM user goes to an ATM machine and insert his card with the correct PIN, It will trigger a separate set of actions in the host system. Then host system asks for the support of HSM to verify the PIN. The PAN (Personal Account Number) and security data related to the particular ATM card will be sending to HSM encrypted under an unique key called as LMK. After that HSM generates a new PIN based on the received information. Meanwhile the actual PIN is directly sent to the HSM by ATM. So finally, by comparing the actual PIN with newly generated PIN, the verification decision will be taken and send it to Host System by HSM.