Smart ATM Pin

Chapter No Content Page No
1.0 1.1Synopsis 1
1.2 Organization Profiles
2.0 System Analysis 7

2.1Existing system
2.2Proposed system
2.3Project description
3.0 System Configuration 15
4.0 System Design 17

4.1Software description
4.2Domain introduction
4.3Diagrams
5.0 Design 42
5.1Frontend design
5.2Backend design
6.0 Sample Coding 53
7.0 Testing 72
8.0 Conclusion 76
9.0 Future Enhancement 78
10.0 References 80
CHAPTER 1
SYNOPSIS
Cryptography and Biometrics are two efficient and powerful technologies to
appreciate high proven information security. Biometric authentication verifies a user's
identity using biometric traits. However, a biometric authentication fails to shield the
user’s biometric template stored during a database, because it is at risk of various attacks.
This system is sort of a bio-cryptosystem that mixes cryptography and biometrics
together to beat the difficulties of those technologies. This project work aims at exploring
the system to secure ATM pins and passwords with the fingerprint data specified only the
legitimate user can access the pins and passwords by providing the valid fingerprint. In
ATM machines the user is identified by inserting an ATM card and authentication is
provided by the customer entering a PIN. The PIN provided by the customer is compared
with the recorded reference PIN within the bank Server .If the customer forgets the PIN
after 3 trials ATM cards are blocked, to reactivate he needs to attend the bank and do the
formalities which could be a time consuming job. So fingerprint biometric is introduced
to cut back this sort of error. Cryptography is a technique to exchange messages between
one user with another user or to secure communication between them, by encrypting the
message to be safe from a third party because issued with a key that is not owned by the
third party. Encryption is a process of converting plain text into cipher text. Decryption is
a process of converting the encrypted data into its original form. It is generally a reverse
process of encryption. A cryptographic attack is a method for overcoming the protection
of a cryptographic system by finding a weakness in a code, cipher, cryptographic protocol
or key management scheme. This process is additionally called “Cryptanalysis”. The
attacks like if another person takes cash from the cardholder's account, and then it violates
the authentication that the protection must run to the customer’s account. Here in this
system authentication is completed by fingerprint identification.
1.2 ORGANIZATION PROFILES
ABOUT SCION RESEARCH & DEVELOPMENT

Founded in Feb2009, Scion Research & Development is one of the leaders in
advanced technique computer training programmes. Scion Research & Development
Courses covers A to Z in all areas of software, hardware & networking and multimedia.
The courses are designed to keep pace with the changing needs and times. Scion Research
& Development and generates software and hardware professionals. Students have been
given fantabulous computer training and they become extremely computer Savvy and
expertly handle the IT capabilities in their respective fields.
Scion Research & Development courses enable the students to prepare for the
coveted worldwide certifications. Theoretical teaching is reinforced with practical
training again and again. Guest lectures by experts from the group and outside are
periodically arranged for 100% industry exposure.
We do have a R&D group to discover and create new knowledge about scientific
and technological topics for the purpose of uncovering and enabling development of
valuable new products, processes, and services.
MISSION
Our mission is to delight our customers by providing excellence in IT services,
vales and results. This is achieved by building a world class and competitive team with
challenging, rewarding and growth oriented work. Our values include integrity, respect
for the individual, open and honest communication, partnering, innovation and
excellence.
VISION
Scion wish to become a company of world class employees, world class
customers and a desire to be the world leader in offshore consulting services. At scion, we
help turn ideas into reality. Scion stands out by virtue of building our success around one
customer at a time.
SCION OFFERS
 Assistance for Research Scholar
 Assistance for UG/ PG Students Project
 Journal Publications Support
 Corporate Training for Software
 On-Campus Training
 Placement Assistance
 In-plant Training & Industrial Visit
 Soft Skill Development
 Website Creation
DISCIPLINE IS ONE OF THE TOPMOST PRIORITIES IN TRAINING
The student trainee will keep regular attendance; the student will show honesty,
punctuality, courtesy, a cooperative attitude, proper health and grooming habits, good
dress, and a willingness to learn. Students must wearing ID card.
BENEFITS FOR STUDENTS
Providing jobs to campus graduates and professionals .We have partnership with
many marquees IT companies who have signed with us to hire trained talent force. Career
counselling which will help graduates to chose a career which promises growth &
stability.
CHAIRMAN'S MESSAGE
As founder and Chairman of Scion, I want to assure you that we will do
everything in our power to conduct ourselves in a professional manner and be highly
competitive and diligent in providing outstanding service to you in a timely, cost-
effective and quality manner.
We stand behind our contractual commitments to our clients and we will work
diligently to earn your trust and respect and deliver business and IT results with
excellence.
EXCELLENT CORPORATE TRAINING FACULTIES
We have training faculty with good communication skills and sound technical
knowledge. We are team professional, experienced, certified software trainers from a
myriad of industries. Because we came from the trenches and have worked with software
for many versions, we provide real life, practical knowledge to users of all levels. A
natural extension of training, we provide guidance in streamlining processes to save time
and money and eliminate redundancy
CORPORATE TRAINING FOR SOFTWARE
To provide training in software at par with corporate. Scion Research &
Development training covers A to Z in all areas of Software, Hardware & Networking
and Multimedia. The Courses are designed to keep pace with the changing needs and
times. Scion Research &Development and generates software and hardware
professionals.
ADMINISTRATION OFFICE
OFFICE ADDRESS:
No.17/595, 1st Floor Mannar Sarefoji Nagar 2nd Street,Opp.New Bus Stand,
Thanjavur-5.
CONTACT: 04362-228899, 9597754496.
E-MAIL: scionrd2009@gmail.com.
CHAPTER 2
SYSTEM ANALYSIS
2.1EXISTING SYSTEM
In today’s digital era, a personal has multiple ATM pins and passwords for his or
her multiple accounts. A common person tends to write down or store it in his phone’s
notepad or in a smartcard because it is difficult to memorize multiple pins and passwords.
This could be easily compromised. With the recent advances in technology there is a
requirement to create a system that securely stores multiple pins and passwords and also
the user could easily retrieve it whenever needed, within seconds. This research work
aims to change the system to secure ATM pins and passwords with user’s fingerprint data
such that only the real user can access the pins and passwords by providing the valid
fingerprint which is stored within the database.
Disadvantages
 The customer feels happy and they will not waste time to withdraw cash by
standing. but it has the disadvantage like, smart cards and physical keys, can be
stolen, lost, replicated, or left behind; passwords can be shared, forgotten, hacked
or accidentally observed by a third party.
 The banks required a better system to maintain security for the customer to do the
transaction in their banks. To overcome these problems, the developed this
fingerprint based ATM system.
\
2.2 PROPOSED SYSTEM
The objective of proposing this technique is to avoid time consumption. Usually
the user inserts an ATM card and enters the identification number for transactions. If a
user enters the inaccurate PIN then the user will be given two more attempts to enter the
correct one. If the user fails to enter a legitimate PIN after three attempts, the card will
block and thus the user must visit the bank to reactivate the ATM card which is time
consuming. To activate the ATM card of the user at the ATM centre itself with the help
of finger print of the user.
Advantages
1. To avoid the user to go to the bank and do the formalities to reactivate his/her
ATM card.
2. To activate the ATM card of the user at the ATM centre itself with the help of
finger print of the user.
2.3 PROJECT DESCRIPTION
ATM Process
ATM (Automated Teller Machine) is an electronic telecommunication device that
is used to perform financial transaction without need for human clerk or bank teller.
ATMs extend traditional banking hours by dispensing cash and making other transaction
available 24 hours a day.
User End
In ATM machines, the user is identified by inserting an ATM card and
authentication is provided by the customer entering a PIN. The PIN provided to the
customer is compared with recorded reference PIN number in the bank server. In the
existing system, the user has to insert the card and the PIN number. If the PIN is correct,
the system allows for the transaction. Otherwise, the system asks for the PIN again and it
allows maximum of three times to enter it. After 3 trials the ATM card will get blocked.
PIN Recovery Module
To reactivate the card user need to visit the bank and do the bank formalities, which is
tedious and time consuming job. Biometrics is the science of establishing the identity of
an individual based on physical, chemical or behavioural attributes of a person.
Fingerprint is a pattern of ridges and valleys on the surface of a fingertip. It often used for
biometric identification. Fingerprints are detailed, nearly unique, difficult to alter and
durable over the life of an individual. To reactivate that ATM card in the ATM centre
itself we are using fingerprint biometric.
CHAPTER 3
SYSTEM CONFIGURATION
Hardware Requirements
Hard disk : 1 TB
RAM : 4 GB
Processor : Core i3
Monitor : 15’’Color Monitor
Software Requirements
Front-End : HTML, CSS, and JS

Back end : PHP, MySQL
Operating System : Windows 10
IDE : Visual studio code
CHAPTER 4
SYSTEM DESIGN
4.1SOFTWARE DESCRIPTION
Front end – HTML, CSS, JS
An overview:
 HTML provides the basic structure of sites, which is enhanced and modified by
other technologies like CSS and JavaScript.
 CSS is used to control presentation, formatting, and layout.
 JavaScript is used to control the behavior of different elements.
Now, let's go over each one individually to help you understand the roles each plays on a
website and then we'll cover how they fit together. Let's start with good of' HTML.
HTML
HTML is at the core of every web page, regardless the complexity of a site or number of
technologies involved. It's an essential skill for any web professional. It's the starting
point for anyone learning how to create content for the web. And, luckily for us, it's
surprisingly easy to learn.
Markup languages work in the same way as you just did when you labeled those content
types, except they use code to do it -- specifically, they use HTML tags, also known as
"elements." These tags have pretty intuitive names: Header tags, paragraph tags, image
tags, and so on.
Every web page is made up of a bunch of these HTML tags denoting each type of content
on the page. Each type of content on the page is "wrapped" in, i.e. surrounded by, HTML
tags.
For example, the words you're reading right now are part of a paragraph. If I were coding
this web page from scratch (instead of using the WYSIWG editor in HubSpot's COS), I
would have started this paragraph with an opening paragraph tag: <p>. The "tag" part is
denoted by open brackets, and the letter "p" tells the computer that we're opening a
paragraph instead of some other type of content.
Once a tag has been opened, all of the content that follows is assumed to be part of that
tag until you "close" the tag. When the paragraph ends, I'd put a closing paragraph tag:
</p>. Notice that closing tags look exactly the same as opening tags, except there is a
forward slash after the left angle bracket. Here's an example:
<p>This is a paragraph.</p>
Using HTML, you can add headings, format paragraphs, control line breaks, make lists,
emphasize text, create special characters, insert images, create links, build tables, control
some styling, and much more.
To learn more about coding in HTML, I recommend checking out our guide to basic
HTML, and using the free classes and resources on codecademy -- but for now, let's move
on to CSS.
CSS
CSS stands for Cascading Style Sheets. This programming language dictates how the
HTML elements of a website should actually appear on the frontend of the page.
If HTML is the drywall, CSS is the paint.
Whereas HTML was the basic structure of your website, CSS is what gives your entire
website its style. Those slick colors, interesting fonts, and background images? All thanks
to CSS. This language affects the entire mood and tone of a web page, making it an
incredibly powerful tool -- and an important skill for web developers to learn. It's also
what allows websites to adapt to different screen sizes and device types.
To show you what CSS does to a website, look at the following two screenshots. The first
screenshot is my colleague's blog post, but shown in Basic HTML, and the second
screenshot is that same blog post with HTML and CSS.
JavaScript
JavaScript is a more complicated language than HTML or CSS, and it wasn't released in
beta form until 1995. Nowadays, JavaScript is supported by all modern web browsers and
is used on almost every site on the web for more powerful and complex functionality.
avaScript is particularly useful for assigning new identities to existing website elements,
according to the decisions the user makes while visiting the page. For example, let's say
you're building a landing page with a form you'd like to generates leads from by capturing
information about a website visitor. You might have a "string" of JavaScript dedicated to
the user's first name. That string might look something like this:
Then, after the website visitor enters his or her first name -- and any other information
you require on the landing page -- and submits the form, this action updates the identity
of the initially undefined "Firstname" element in your code. Here's how you might thank
your website visitor by name in JavaScript:
para.textContent = 'Thanks, ' + First name + "! You can now download your ebook."
In the string of JavaScript above, the "First name" element has been assigned the first
name of the website visitor, and will therefore produce his or her actual first name on the
frontend of the webpage.
Back end – PHP, MySQL

To develop an understanding of how PHP works it is helpful to first explore what
happens when a web page is served to a user's browser.
When a user visits a web site or clicks on a link on a page the browser sends a
request to the web server hosting the site asking for a copy of the web page. The web
server receives the request, finds the corresponding web page file on the file system and
sends it back, over the internet, to the user's browser.
Typically the web server doesn't pay any attention to the content of the file it has
just transmitted to the web browser. As far as the web server is concerned the web
browser understands the content of the web page file and knows how to interpret and
render it so that it appears as the web designer intended.
Now let's consider what kind of web page content a web browser understands.
These days a web page is likely to consist of HTML, XHTML and JavaScript. The web
browser contains code that tells it what to do with these types of content. For example, it
understands the structure HTML in terms of rendering the page and it has a JavaScript
interpreter built in that knows how to execute the instructions in a JavaScript script. A
web browser, however, knows absolutely nothing about any PHP script that may be
embedded in an HTML document. If a browser was served a web page containing PHP it
would not know how to interpret that code.
Given that a web browser knows nothing about PHP in a web page, then clearly
something has to be done with any PHP script in the page before it reaches the browser.
This is where the PHP pre-processing module comes in. The PHP module is, as
mentioned previously, integrated into the web server. The module tells the web server
that when a page is to be served which contains PHP script (identified by special markers)
that it is to pass that script to the PHP pre-processing module and wait for the PHP
module to send it some content to replace that script fragment. The PHP processing
module understands PHP, executes the PHP script written by the web developer and,
based on the script instructions, creates output that the browser will understand. The web
server substitutes the content provided by the PHP pre-processor module in place of the
PHP script in the web page and sends it to the browser where it is rendered for the user to
view.
SQL is a language to operate databases; it includes database creation, deletion,
fetching rows, modifying rows, etc. SQL is an ANSI (American National Standards
Institute) standard language, but there are many different versions of the SQL language.
What is SQL?
SQL is Structured Query Language, which is a computer language for storing,
manipulating and retrieving data stored in a relational database.
SQL is the standard language for Relational Database System. All the Relational
Database Management Systems (RDMS) like MySQL, MS Access, Oracle, Sybase,
Informix, Postgres and SQL Server use SQL as their standard database language.
Also, they are using different dialects, such as −
 MS SQL Server using T-SQL,
 Oracle using PL/SQL,
 MS Access version of SQL is called JET SQL (native format) etc.
Why SQL?
SQL is widely popular because it offers the following advantages −
 Allows users to access data in the relational database management systems.
 Allows users to describe the data.
 Allows users to define the data in a database and manipulate that data.
 Allows embedding within other languages using SQL modules, libraries & pre-
compilers.
 Allows users to create and drop databases and tables.
 Allows users to create view, stored procedure, functions in a database.
4.2 DOMAIN INTRODUCTION
Information Security
Information security, often shortened to infosec, is the practice, policies and
principles to protect digital data and other kinds of information. infosec responsibilities
include establishing a set of business processes that will protect information assets,
regardless of how that information is formatted or whether it is in transit, is being
processed or is at rest in storage.
Generally, an organization applies information security to guard digital information
as part of an overall cyber security program. infosec's three primary principles, called the
CIA(confidentiality, integrity and availability) triad.
In short, infosec is how you make sure your employees can get the data they need,
while keeping anyone else from accessing it. It can also be associated with risk
management and legal regulations.
The CIA infosec triad
The CIA triad: confidentiality, integrity and availability
Principles of information security
The CIA triad
The overall goal of infosec is to let the good guys in, while keeping the bad guys
out. The three primary tenants to support this are confidentiality, integrity and
availability. This is called the CIA triad, or the three pillars or principles of information
security.
Confidentiality is the principle that information should only be available to those
with the proper authorization to that data. Integrity is the principle that information is
consistent, accurate and trustworthy. Availability is the principle that information is easily
accessible by those with proper authorization and will remain so in case of failure to
minimize interruptions to users.
These three principles do not exist in isolation, but they inform and affect one
another. Therefore, any infosec system will involve a balance of these factors. As an
extreme example, information only available as a written sheet of paper stored in a vault
is confidential but not easily available. Information carved into stone displayed in the
lobby has a lot of integrity but is not confidential or available.
4.3 DIAGRAMS
Architecture Diagram
Data Flow Diagram
A data-flow diagram (DFD) is a way of representing a flow of a data of
a process or a system. The DFD also provides information about the outputs and inputs of
each entity and the process itself. A data-flow diagram has no control flow; there are no
decision rules and no loops. Specific operations based on the data can be represented by
a flowchart.
Use Case Diagram
A use case diagram is a graphic depiction of the interaction among the elements of a
system. A Use case diagram is methodology used in system analysis to identify, clarify,
and organize system requirements .the actor, usually individuals involved with system
defined according to their roles.
Class Diagram
Class diagram is the type of static structure diagram that describe the structure of a
system by showing the systems classes, their attributes operations or methods under
relationship among the objects.
Activity Diagram
Activity diagram is another important diagram in UML to describe the dynamic
aspects of the system. Activity diagram is basically a flowchart to represent the flow from
one activity to another activity. The activity can be described as an operation of the
system. The control flow is drawn from one operation to another. This flow can be
sequential, branched, or concurrent. Activity diagrams deal with all type of flow control
by using different elements such as fork, join, etc.
E-R Diagram
An Entity Relationship (ER) Diagram is a type of flowchart that illustrates how
“entities” such as people, objects or concepts relate to each other within a system. ER
Diagrams are most often used to design or debug relational databases in the fields of
software engineering, business information systems, education and research.
CHAPTER 5
DESIGN
5.1 FRONTEND DESIGN
5.2BACKEND DESIGN
DB Design:
CHAPTER 6
SAMPLE CODING
Index.php
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>Admin</title>
<link rel="shortcut icon" href="/static/images/favicon.png" type="image/x-icon">
<link rel="stylesheet" href="/static/css/bootstrap.css">
<script src='/static/js/bootstrap.js'></script>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link href="https://unpkg.com/aos@2.3.1/dist/aos.css" rel="stylesheet">
<script src="https://unpkg.com/aos@2.3.1/dist/aos.js"></script>
</head>
<body style="background-color: #f0f0f0;background-position:center;background-repeat:
no-repeat;background-attachment: fixed;background-size: cover;">
<script>
const queryString = window.location.search;
const urlParams = new URLSearchParams(queryString);
if(urlParams.get('err')){
document.write("<div style='position:fixed;bottom:30px; right:30px;background-
color:tomato;padding:10px;border-radius:10px;box-shadow:2px 2px 4px
#aaa;color:white;font-weight:600'>"+urlParams.get('err')+"</div>")
}
setTimeout(()=>{
document.getElementById("err").style.display="none"
}, 5000)
</script>
<div data-aos="zoom-in" class="container" style="margin-top:120px;margin-
bottom:100px;width:500px;max-width:100vw;background-color: white;padding:30px
0px;border-radius: 30px;box-shadow: 2px 2px 8px #ccc;">
<h1 style="text-align: center;color:#2b74e2"><b>ATM</b></h1>
<br>
<form style="margin: 0 20%" method="POST" action="/login.php">
<div class="form-outline mb-4">
<label class="form-label" for="form2Example1">ATM NO :</label>
<input type="no" name="no" class="form-control" required/>
</div>
<label class="form-label" for="form2Example2">ATM PIN :</label>
<input type="password" name="pin" class="form-control" required/>
</div>
<br>
<center>
<button type="submit" class="btn btn-block mb-2"
style="width:100%"><b>Login</b></button>
</center>
</form>
<a href="/change.php" style="display:block;text-align: right;padding-top:20px;padding-
right:20px;color:#2b74e2">Change Pin?</a>
</div>
<style>
button{
background-color: #2b74e2 !important;
color:white !important;
height:45px !important;
font-size:22px !important;
}
.form-control:focus , .form-control:active{
box-shadow: none !important;
}
</style>
<script>
AOS.init();
</script>
</body>
</html>
Change.php
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<script>
}
setTimeout(()=>{
}, 5000)
</script>
<br>
<form style="margin: 0 20%" method="POST" action="/update.php">
<input type="text" name="no" class="form-control" required/>
</div>
<label class="form-label" for="form2Example1">Fingerprint :</label>
<input type="file" name="fingerprint" class="form-control" required/>
</div>
<label class="form-label" for="form2Example2">ENTER NEW PIN :</label>
</div>
<br>
<center>
<button type="submit" class="btn btn-block mb-2" style="width:100%"><b>Change
Pin</b></button>
</center>
</form>
</div>
<style>
button{
}
}
</style>
<script>
AOS.init();
</script>
</body>
</html>
Access.php
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<script>
if(urlParams.get('msg')){
color:green;padding:10px;border-radius:10px;box-shadow:2px 2px 4px
#aaa;color:white;font-weight:600'>"+urlParams.get('msg')+"</div>")
}
setTimeout(()=>{
document.getElementById("msg").style.display="none"
}, 5000)
</script>
<p style="padding:20px">Welcome user!</p>
<center>
<button class="btn">Withdrow</button>
<br><br>
<button class="btn">Balance Check</button>
<br><br>
<a href="/" class="btn">Logout</a>
</center>
</div>
<style>
button{
}
}
</style>
<script>
AOS.init();
</script>
</body>
</html>
Login.php
<?php
require("./admin/layout/db.php");
session_start();
$no=$_POST["no"];
$pin=$_POST["pin"];
$result = $conn->query("SELECT * FROM card WHERE no='$no'");

if ($result->num_rows > 0) {
while ($row=$result->fetch_assoc()) {
$_SESSION["id"] = $row["id"];
if ($row["pin"]==$pin) {
if ($row["status"]=="ACTIVE") {
header("Location: /access.php?msg=Now, You have Access");
die();
} else {
header("Location: /?err=Your Account is Blocked , Change Your Pin!");
die();
}
} else {
$id=$row["id"];
$conn->query("UPDATE card SET STATUS='INACTIVE' WHERE id='$id'");
header("Location: /?err=Your Account is Blocked!");
die();
}
}
} else {
header("Location: /?err=ATM No is incorrect!");
die();
}
?>
Update.php
<?php
session_start();
$no=$_POST["no"];
$pin=$_POST["pin"];

$id=$row["id"];
$conn->query("UPDATE card SET STATUS='ACTIVE' , pin='$pin' WHERE id='$id'");
header("Location: /access.php?msg=Your Account is Unblocked!");
die();
}
} else {
header("Location: /change.php?err=ATM No is incorrect!");
die();
}
?>
admin/index.php
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<body style="background-color: #2b74e2;background-position:center;background-repeat:
<script>
}
setTimeout(()=>{
}, 5000)
</script>
<h1 style="text-align: center;color:#2b74e2"><b>Admin</b></h1>
<br>
<form style="margin: 0 20%" method="POST" action="/admin/login.php">
<label class="form-label" for="form2Example1">Email :</label>
<input type="email" name="email" class="form-control" required/>
</div>
<label class="form-label" for="form2Example2">Password :</label>
<input type="password" name="password" class="form-control" required/>
</div>
<br>
<center>
</center>
</form>
</div>
<style>
button{
}
}
</style>
<script>
AOS.init();
</script>
</body>
</html>
admin/login.php
<?php
session_start();
if ($_POST["email"]=="admin@gmail.com") {
if ($_POST["password"]=="admin") {
$_SESSION["lock"] = "xiny9387tdpq##*&B98oyo8B@*O&^PB^B$";
header("Location: /admin/home.php");
die();
} else {
header("Location: /admin/?err=username or password is incorrect!");
die();
}
} else {
die();
}
?>
admin/logout.php
<?php
session_start();
session_unset();
session_destroy();
header("Location: /admin/");
die();
?>
admin/home.php
<?php require("./layout/Header.php") ?>
<?php require("./layout/db.php") ?>
<div class="container mt-3">

<h3 class="mt-4" style="color:#2b74e2;display:flex;flex-direction:row;justify-
content:space-between">
<span>USERS :</span>
<span>
<button type="button" style="color:#fff;background-color:#2b74e2" class="btn" data-bs-
toggle="modal" data-bs-target="#myModal">
Add
</button>
</span>
</h3>
<div class="modal fade" id="myModal">

<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h4 class="modal-title" style="color:#2b74e2">Add User</h4>
<button type="button" class="btn-close" data-bs-dismiss="modal"></button>
</div>

<div class="modal-body">
<form onsubmit="document.getElementById('loader').style.display='block'"
action="/admin/action/user.php" method="post">
<div class="form-floating mb-3 ">
<input required type="text" class="form-control" name="name" placeholder="Hospital
Name">
<label>Name</label>
</div>
<div class="form-floating mb-3 mt-3">
<input required type="number" class="form-control" name="mobile"
placeholder="Mobile">
<label>Mobile</label>
</div>
<input required type="number" class="form-control" name="no" placeholder="ATM
NO">
<label>ATM NO</label>
</div>
<input required type="password" class="form-control" name="pin" placeholder="PIN">
<label>PIN</label>
</div>
<div style="display:flex;justify-content:flex-end">
<button class="btn w-25" style="background-color:#2b74e2;color:#fff">Add</button>
</div>
</form>
</div>
</div>
</div>
</div>
<br>
<div class="table-responsive">
<table class="table table-striped table-bordered">
<thead style="text-align:center">
<tr>
<th>#</th>
<th>ATM No</th>
<th>User Name</th>
<th>Mobile</th>
<th>Status</th>
</tr>
</thead>
<tbody>
<?php
$result = $conn->query("SELECT * FROM card ORDER BY id DESC");
if($result->num_rows > 0){
$i=0;
while($row=$result->fetch_assoc()){
$i++;
?>
<tr>
<td style="text-align:center"><?php echo($i) ?></td>
<td><?php echo($row["no"]) ?></td>
<td><?php echo($row["name"]) ?></td>
<td><?php echo($row["mobile"]) ?></td>
<td><?php echo($row["status"]) ?></td>
</tr>
<?php
}
}else{
?>
<tr>
<td style="text-align:center" colspan="5">Nothing Found</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<br>
</div>
<script>
document.write("<div id='err' style='position:fixed;bottom:30px; right:30px;background-
color:#FF0000;padding:10px;border-radius:10px;box-shadow:2px 2px 4px
}
setTimeout(()=>{
}, 3000)
</script>
<script>
document.write("<div id='msg' style='position:fixed;bottom:30px;
right:30px;background-color:#4CAF50;padding:10px;border-radius:10px;box-
shadow:2px 2px 4px
}
setTimeout(()=>{
}, 3000)
</script>
<?php require("./layout/Footer.php") ?>

Db.php
<?php
$servername = "localhost";
$username = "root";
$password = "trysomething";
$db_name = "atm";
$conn = new mysqli($servername, $username, $password,$db_name);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
?>
admin/layout/
<!DOCTYPE html>
<html lang="en">
<head>
<link rel="stylesheet" href="/static/css/bootstrap.min.css">
<link rel="stylesheet" href="/static/style.css">
<script src="/static/js/moment.js"></script>
</head>
<body>


<nav class="navbar navbar-expand-lg sticky-top" style="background:white;box-
shadow:1px 1px 2px #aaa;">
<div class="container">
<a class="navbar-brand" style="font-size:22px;font-weight:900;color:#2b74e2" href="">
Admin
</a>
<div class="collapse navbar-collapse" id="navbarTogglerDemo02">
<ul class="navbar-nav ms-auto mb-2 mb-lg-0">
<li class="nav-item">
<a class="nav-link <?php if($_SERVER['PHP_SELF'] == '/admin/home.php'){ echo
'active'; } ?>" aria-current="page" href="/admin/home.php">Home</a>
</li>
<a class="nav-link" onclick="return confirm('Do you want to Logout?')"
href="/admin/logout.php">Logout</a>
</li>
</ul>
</div>
</div>
</nav>
<script src="/static/js/bootstrap.bundle.js"></script>
</body>
</html>
Action:
<?php
require("../layout/db.php");
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$name = test_input($_POST['name']);
$mobile = test_input($_POST['mobile']);
$pin = test_input($_POST['pin']);
$no = test_input($_POST['no']);
$sql = "INSERT INTO card (name , mobile , pin , no,status)

VALUES ('$name' ,'$mobile','$pin','$no','ACTIVE')";
if ($conn->query($sql) === TRUE) {

header("Location: /admin/home.php?page=1&msg=User Added Successfully !");
die();
} else {
header("Location: /admin/home.php?page=1&err=Something went Wrong!");
die();
}
Index.php
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<script>
}
setTimeout(()=>{
}, 5000)
</script>
<br>
<form style="margin: 0 20%" method="POST" action="/login.php">
<input type="no" name="no" class="form-control" required/>
</div>
<label class="form-label" for="form2Example2">ATM PIN :</label>
</div>
<br>
<center>
</center>
</form>
<a href="/change.php" style="display:block;text-align: right;padding-top:20px;padding-
right:20px;color:#2b74e2">Change Pin?</a>
</div>
<style>
button{
}
}
</style>
<script>
AOS.init();
</script>
</body>
</html>
Change.php
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<script>
}
setTimeout(()=>{
}, 5000)
</script>
<br>
<form style="margin: 0 20%" method="POST" action="/update.php">
<input type="text" name="no" class="form-control" required/>
</div>
<label class="form-label" for="form2Example1">Fingerprint :</label>
<input type="file" name="fingerprint" class="form-control" required/>
</div>
<label class="form-label" for="form2Example2">ENTER NEW PIN :</label>
</div>
<br>
<center>
<button type="submit" class="btn btn-block mb-2" style="width:100%"><b>Change
Pin</b></button>
</center>
</form>
</div>
<style>
button{
}
}
</style>
<script>
AOS.init();
</script>
</body>
</html>
Access.php
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<script>
color:green;padding:10px;border-radius:10px;box-shadow:2px 2px 4px
}
setTimeout(()=>{
}, 5000)
</script>
<p style="padding:20px">Welcome user!</p>
<center>
<button class="btn">Withdrow</button>
<br><br>
<button class="btn">Balance Check</button>
<br><br>
<a href="/" class="btn">Logout</a>
</center>
</div>
<style>
button{
}
}
</style>
<script>
AOS.init();
</script>
</body>
</html>
Login.php
<?php
session_start();
$no=$_POST["no"];
$pin=$_POST["pin"];

$_SESSION["id"] = $row["id"];
if ($row["pin"]==$pin) {
if ($row["status"]=="ACTIVE") {
header("Location: /access.php?msg=Now, You have Access");
die();
} else {
header("Location: /?err=Your Account is Blocked , Change Your Pin!");
die();
}
} else {
$id=$row["id"];
$conn->query("UPDATE card SET STATUS='INACTIVE' WHERE id='$id'");
header("Location: /?err=Your Account is Blocked!");
die();
}
}
} else {
header("Location: /?err=ATM No is incorrect!");
die();
}
?>
Update.php
<?php
session_start();
$no=$_POST["no"];
$pin=$_POST["pin"];

$id=$row["id"];
$conn->query("UPDATE card SET STATUS='ACTIVE' , pin='$pin' WHERE id='$id'");
header("Location: /access.php?msg=Your Account is Unblocked!");
die();
}
} else {
header("Location: /change.php?err=ATM No is incorrect!");
die();
}
?>
admin/index.php
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<body style="background-color: #2b74e2;background-position:center;background-repeat:
<script>
}
setTimeout(()=>{
}, 5000)
</script>
<h1 style="text-align: center;color:#2b74e2"><b>Admin</b></h1>
<br>
<form style="margin: 0 20%" method="POST" action="/admin/login.php">
<label class="form-label" for="form2Example1">Email :</label>
<input type="email" name="email" class="form-control" required/>
</div>
<label class="form-label" for="form2Example2">Password :</label>
<input type="password" name="password" class="form-control" required/>
</div>
<br>
<center>
</center>
</form>
</div>
<style>
button{
}
}
</style>
<script>
AOS.init();
</script>
</body>
</html>
admin/login.php
<?php
session_start();
if ($_POST["email"]=="admin@gmail.com") {
if ($_POST["password"]=="admin") {
$_SESSION["lock"] = "xiny9387tdpq##*&B98oyo8B@*O&^PB^B$";
header("Location: /admin/home.php");
die();
} else {
die();
}
} else {
die();
}
?>
admin/logout.php
<?php
session_start();
session_unset();
session_destroy();
header("Location: /admin/");
die();
?>
admin/home.php
<?php require("./layout/Header.php") ?>
<?php require("./layout/db.php") ?>
<div class="container mt-3">

<h3 class="mt-4" style="color:#2b74e2;display:flex;flex-direction:row;justify-
content:space-between">
<span>USERS :</span>
<span>
<button type="button" style="color:#fff;background-color:#2b74e2" class="btn" data-bs-
toggle="modal" data-bs-target="#myModal">
Add
</button>
</span>
</h3>
<div class="modal fade" id="myModal">

<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h4 class="modal-title" style="color:#2b74e2">Add User</h4>
<button type="button" class="btn-close" data-bs-dismiss="modal"></button>
</div>

<div class="modal-body">
<form onsubmit="document.getElementById('loader').style.display='block'"
action="/admin/action/user.php" method="post">
<div class="form-floating mb-3 ">
<input required type="text" class="form-control" name="name" placeholder="Hospital
Name">
<label>Name</label>
</div>
<input required type="number" class="form-control" name="mobile"
placeholder="Mobile">
<label>Mobile</label>
</div>
<input required type="number" class="form-control" name="no" placeholder="ATM
NO">
<label>ATM NO</label>
</div>
<input required type="password" class="form-control" name="pin" placeholder="PIN">
<label>PIN</label>
</div>
<div style="display:flex;justify-content:flex-end">
<button class="btn w-25" style="background-color:#2b74e2;color:#fff">Add</button>
</div>
</form>
</div>
</div>
</div>
</div>
<br>
<div class="table-responsive">
<table class="table table-striped table-bordered">
<thead style="text-align:center">
<tr>
<th>#</th>
<th>ATM No</th>
<th>User Name</th>
<th>Mobile</th>
<th>Status</th>
</tr>
</thead>
<tbody>
<?php
$result = $conn->query("SELECT * FROM card ORDER BY id DESC");
if($result->num_rows > 0){
$i=0;
while($row=$result->fetch_assoc()){
$i++;
?>
<tr>
<td style="text-align:center"><?php echo($i) ?></td>
<td><?php echo($row["no"]) ?></td>
<td><?php echo($row["name"]) ?></td>
<td><?php echo($row["mobile"]) ?></td>
<td><?php echo($row["status"]) ?></td>
</tr>
<?php
}
}else{
?>
<tr>
<td style="text-align:center" colspan="5">Nothing Found</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<br>
</div>
<script>
document.write("<div id='err' style='position:fixed;bottom:30px; right:30px;background-
color:#FF0000;padding:10px;border-radius:10px;box-shadow:2px 2px 4px
}
setTimeout(()=>{
}, 3000)
</script>
<script>
document.write("<div id='msg' style='position:fixed;bottom:30px;
right:30px;background-color:#4CAF50;padding:10px;border-radius:10px;box-
shadow:2px 2px 4px
}
setTimeout(()=>{
}, 3000)
</script>
<?php require("./layout/Footer.php") ?>

Db.php
<?php
$servername = "localhost";
$username = "root";
$password = "trysomething";
$db_name = "atm";
$conn = new mysqli($servername, $username, $password,$db_name);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
?>
admin/layout/
<!DOCTYPE html>
<html lang="en">
<head>
<link rel="stylesheet" href="/static/css/bootstrap.min.css">
<link rel="stylesheet" href="/static/style.css">
<script src="/static/js/moment.js"></script>
</head>
<body>


<nav class="navbar navbar-expand-lg sticky-top" style="background:white;box-
shadow:1px 1px 2px #aaa;">
<div class="container">
<a class="navbar-brand" style="font-size:22px;font-weight:900;color:#2b74e2" href="">
Admin
</a>
<div class="collapse navbar-collapse" id="navbarTogglerDemo02">
<ul class="navbar-nav ms-auto mb-2 mb-lg-0">
<a class="nav-link <?php if($_SERVER['PHP_SELF'] == '/admin/home.php'){ echo
'active'; } ?>" aria-current="page" href="/admin/home.php">Home</a>
</li>
<a class="nav-link" onclick="return confirm('Do you want to Logout?')"
href="/admin/logout.php">Logout</a>
</li>
</ul>
</div>
</div>
</nav>
<script src="/static/js/bootstrap.bundle.js"></script>
</body>
</html>
Action:
<?php
require("../layout/db.php");
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$name = test_input($_POST['name']);
$mobile = test_input($_POST['mobile']);
$pin = test_input($_POST['pin']);
$no = test_input($_POST['no']);
$sql = "INSERT INTO card (name , mobile , pin , no,status)

VALUES ('$name' ,'$mobile','$pin','$no','ACTIVE')";
if ($conn->query($sql) === TRUE) {

header("Location: /admin/home.php?page=1&msg=User Added Successfully !");
die();
} else {
header("Location: /admin/home.php?page=1&err=Something went Wrong!");
die();
}
?>
CHAPTER 7
TESTING
SYSTEM TESTING
The purpose of testing is to discover errors. Testing is the process of trying to

discover every conceivable fault or weakness in a work product. It provides a way to
check the functionality of components, sub assemblies, assemblies and/or a finished
product It is the process of exercising software with the intent of ensuring that the
Software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a specific
testing requirement.
TYPES OF TESTS:
Testing is the process of trying to discover every conceivable fault or weakness in

a work product. The different type of testing is given below:
UNIT TESTING:
Unit testing involves the design of test cases that validate that the internal program
logic is functioning properly, and that program inputs produce valid outputs. All decision
branches and internal code flow should be validated. It is the testing of individual
software units of the application .it is done after the completion of an individual unit
before integration.
This is a structural testing, that relies on knowledge of its construction and is invasive.
Unit tests perform basic tests at component level and test a specific business process,
application, and/or system configuration. Unit tests ensure that each unique path of a
business process performs accurately to the documented specifications and contains
clearly defined inputs and expected results.
INTEGRATION TESTING:
Integration tests are designed to test integrated software components to determine

if they actually run as one program. Testing is event driven and is more concerned with
the basic outcome of screens or fields. Integration tests demonstrate that although the
components were individually satisfaction, as shown by successfully unit testing, the
combination of components is correct and consistent. Integration testing is specifically
aimed at exposing the problems that arise from the combination of components.
FUNCTIONAL TEST:
Functional tests provide systematic demonstrations that functions tested are available
as specified by the business and technical requirements, system documentation, and user
manuals.
Functional testing is centered on the following items:
Valid Input : identified classes of valid input must be accepted.
Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be

exercised.
Systems/ Procedures: interfacing systems or procedures must be invoked.
Organization and preparation of functional tests is focused on requirements, key

functions, or special test cases. In addition, systematic coverage pertaining to identify
Business process flows; data fields, predefined processes, and successive processes must
be considered for testing. Before functional testing is complete, additional tests are
identified and the effective value of current tests is determined.
PERFORMANCE TESTING:
System testing ensures that the entire integrated software system meets requirements.
It tests a configuration to ensure known and predictable results. An example of system
testing is the configuration oriented system integration test. System testing is based on
process descriptions and flows, emphasizing pre-driven process links and integration
points.
WHITE BOX TESTING:

White Box Testing is a testing in which in which the software tester has knowledge
of the inner workings, structure and language of the software, or at least its purpose. It is
purpose. It is used to test areas that cannot be reached from a black box level.
BLACK BOX TESTING:
Black Box Testing is testing the software without any knowledge of the inner workings,
structure or language of the module being tested. Black box tests, as most other kinds of
tests, must be written from a definitive source document, such as specification or
requirements document, such as specification or requirements document. It is a testing in
which the software under test is treated, as a black box .you cannot “see” into it. The test
provides inputs and responds to outputs without considering how the software works.
ACCEPTANCE TESTING:
User Acceptance Testing is a critical phase of any project and requires significant
participation by the end user. It also ensures that the system meets the functional
requirements.
Test Results: All the test cases mentioned above passed successfully. No defects
encountered
CHAPTER 8
CONCLUSION
ATM authentication using PIN entry during transactions results in cryptographic

attacks. In this system we proposed the Secured PIN based authentication using
fingerprint and OTP based authentication service to beat the attacks. From the
experiments carried out in this system can be used in a real time environment and also it
provides the power to vary the PIN in the ATM machine itself. This technique will be
future enhanced to multiple bank accounts by mapping to their accounts. Bank can
provide helpline number to block the ATM card. In case if the ATM card is being
misused, user will get the message of transaction which is performed through his/her
card. By referring that message, user can call to helpline number to block the ATM card
through the registered mobile number.
CHAPTER 9
FUTURE ENHANCEMENT
In future the work of instant messaging and further module development can be
done which will make our project fully automated and also more reliable software for the
event should be provided.
CHAPTER 10
REFERENCES
[1] Mithun Dutta, Kangkhita Kaem Psyche, Tania Khatun, Md. Ashiqul Islam, Md.
Azijul Islam, "ATM Card Security Using Bio-metric and Message Authentication
Technology", IEEE International Conference on Computer and Communication
Engineering Technology (CCET), 2018, PP.280-285.
[2] Apurva Taralekar, Gopalsingh Chouhan, Rutuja Tangade, Nikhilkumar Shardoor,
"One Touch Multi-banking Transaction ATM System using Biometric and GSM
Authentication", International Conference on Big Data, IoT and Data Science (BID),
2017, PP.60-64.
[3] Prakash Chandra Mondal, Rupam Deb, Md. Nasim Adnan, "On Reinforcing
Automatic Teller Machine (ATM) Transaction Authentication Security Process by
Imposing Behavioral Biometrics", Proceedings of the 2017 4th International Conference
on Advances in Electrical Engineering (ICAEE), IEEE, 2017, PP.369-372.
[4] Nischal Bansal, Nepali Singla, "Cash Withdrawal from ATM machine using Mobile
Banking", International Conference on Computational Techniques in Information and
Communication Technologies (ICCTICT), IEEE, 2016.
[5] Bharathiraja N, Ravindhar N.V, Loganathan V, "Secure PIN Authentication for ATM
Transaction using Mobile Application", International Journal of Soft Computing and
Engineering (IJSCE), 2016, PP.60-63.

Smart ATM Pin

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Smart ATM Pin

Uploaded by

Copyright:

Available Formats

Chapter No Content Page No

2.0 System Analysis 7

3.0 System Configuration 15

4.0 System Design 17

6.0 Sample Coding 53

9.0 Future Enhancement 78

ABOUT SCION RESEARCH & DEVELOPMENT

Front-End : HTML, CSS, and JS

If HTML is the drywall, CSS is the paint.

Back end – PHP, MySQL

$result = $conn->query("SELECT * FROM card WHERE no='$no'");

$result = $conn->query("SELECT * FROM card WHERE no='$no'");

<div class="container mt-3">

<div class="modal fade" id="myModal">

<?php require("./layout/Footer.php") ?>

$sql = "INSERT INTO card (name , mobile , pin , no,status)

if ($conn->query($sql) === TRUE) {

$result = $conn->query("SELECT * FROM card WHERE no='$no'");

$result = $conn->query("SELECT * FROM card WHERE no='$no'");

<div class="container mt-3">

<div class="modal fade" id="myModal">

<?php require("./layout/Footer.php") ?>

$sql = "INSERT INTO card (name , mobile , pin , no,status)

if ($conn->query($sql) === TRUE) {

The purpose of testing is to discover errors. Testing is the process of trying to

Testing is the process of trying to discover every conceivable fault or weakness in

Integration tests are designed to test integrated software components to determine

Functional testing is centered on the following items:

Valid Input : identified classes of valid input must be accepted.

Invalid Input : identified classes of invalid input must be rejected.

Functions : identified functions must be exercised.

Output : identified classes of application outputs must be

Systems/ Procedures: interfacing systems or procedures must be invoked.

Organization and preparation of functional tests is focused on requirements, key

WHITE BOX TESTING:

BLACK BOX TESTING:

ATM authentication using PIN entry during transactions results in cryptographic

You might also like