Addis Ababa University

College of Natural and Computational Science

Department of Computer Science

Master’s Program

Topic: Biometric Authentication of an Automated Teller Machine

Using Finger Print and Password (for confirmation)
(Research Methods)

Prepared by:
Name: Sewbewsew Yimer
ID: GSR/2610/16

Submitted to Dr. Mesfin Kifle

Date: November 13, 2023 G.C.
 1. INTRODUCTION
1.1 Background to the Study
In the past, financial institutions in Ethiopia used to conduct their transactions manually,
requiring customers to physically visit the bank and wait in long queues. This process was time-
consuming and often inefficient. However, with the rapid advancement of information technology in
Ethiopia, banks have adopted the use of an electronic device called the Automatic Teller Machine (ATM)
to enable customers to perform their financial transactions without the need for a bank representative. The
ATM is a mechanical device that is integrated into the banking system, allowing customers to carry out
various banking activities such as deposits, transfers, balance inquiries, mini statements, withdrawals, and
fast cash services. The popularity of ATMs has grown significantly due to their availability 24 hours a
day, providing customers with convenient and accessible banking services.
Ever since its introduction in Ethiopia, the ATM has gained popularity as the preferred method of
conducting financial transactions among the majority of Ethiopians. However, the widespread adoption of
ATMs by the general public has necessitated the need to further strengthen and enhance the security and
integrity of the system. The utilization of ATMs, also known as Automatic Teller Machines, has proven
to be beneficial for monetary transactions. The process involves inserting the ATM card and entering the
Personal Identification Number (PIN) associated with that specific card. Despite the bank allowing
customers to choose their own PIN, this system is not entirely secure as anyone with the card and PIN
number can gain access to the system. The system verifies the entered code against a stored list of
authorized passwords and users. The PIN typically consists of a four-digit combination of numbers that is
inputted through the ATM panel. If the code matches, the system grants access at the approved security
level for the account owner. However, the strength of the PIN as a security measure is compromised,
increasing the risk of the code being leaked to unauthorized individuals. In recent times, due to
advancements in fraudulent techniques and technological improvements, fraudsters have been able to
install ATM card scanners in ATM machines to obtain encoded information from ATM cards. This
information is then used to create counterfeit cards and carry out fraudulent transactions. This poses a
significant challenge to the current system and highlights the need for enhanced security measures.

The traditional authentication method used in ATM systems has certain drawbacks.
1. The use of ATM cards and passwords fails to provide accurate verification of the client's identity.
2. It does not offer adequate protection to the card user against theft.
3. Fraudsters can easily obtain the PIN and carry out fraudulent transactions.
 4. It can’t protect customers from Vulnerabilities and the increasing wave of criminal activities
occurring at Automated Teller Machines (ATMs.)

The need for enhanced security measures at ATM terminals has led to the exploration of more secure
methods of authentication. One potential technique that has gained attention is biometrics-based
authentication. Among the various biometric methods available, fingerprint-based identification stands
out as a mature and well-established approach. The term "biometric" originates from Greek, where "bio"
refers to life and "metric" means to measuring objects that possess life. Biometric technology
encompasses the measurement of both physiological and behavioral characteristics. These characteristics
include fingerprints, voice patterns, hand measurements, irises, and others. By utilizing these unique
traits, biometrics enables the identification of individuals in a manner that is inherently connected to them
and cannot be easily forgotten, stolen, shared, or hacked like traditional passwords.
Finger Print technology serves as the foundational science of biometrics, utilizing the distinct features
of an individual's fingerprint to authenticate and verify their identity. It is the most widely employed
biometric technology, finding applications in both physical and logical access control. Each person
possesses unique characteristics and patterns within their fingerprints. These patterns consist of ridges,
which are the lines, and valleys, which are the spaces between the ridges. During the verification and
authorization process, these ridges and valleys are compared for matching. The specific traits within a
fingerprint, known as "minutiae," are used for these comparisons. In recent years, there has been a
notable increase in the adoption of biometric-based user authentication systems due to the numerous
advantages they offer over other authentication methods. Biometrics offers several advantages, including
1. The uniqueness of information for each individual and its ability to identify individuals despite
variations over time.
2. It provides strong authentication and can be easily implemented on existing systems.
3. The chances of two people having the same fingerprint are very low.
Fingerprint technology is currently utilized in various security applications such as voting, bank
account operations, and access control to highly secure areas like offices and equipment rooms. The
proposed system aims to be self-manipulative, simple, fast, and significantly more secure. It will enhance
security measures for online transactions, protecting users against ATM card fraud.
 1.2 Statement of the Problem
The current system is confronted with several issues. Firstly, conventional authentication systems lack the
ability to differentiate between an imposter who deceitfully acquires access privileges and the genuine
owner. This poses a significant security risk as unauthorized individuals can gain unauthorized access
without being detected.

Secondly, passwords and PINs can be obtained through illicit means such as direct covert observation.
This method allows malicious individuals to acquire sensitive information without the knowledge or
consent of the rightful owner, further compromising the security of the system.

Moreover, easily guessable PINs and passwords, such as those based on personal information like
birthdays or simple numerical sequences like "1234," contribute to the vulnerability of the system. These
weak authentication credentials make it easier for unauthorized individuals to gain access to protected
resources.

Lastly, fraudsters can exploit the system by placing malware at the ATM terminal. This malicious
software is designed to capture magnetic stripe data and PIN codes from the private memory space of the
transaction processing application installed on the ATM. This unauthorized access to sensitive
information can lead to financial loss and compromise the integrity of the system.

Addressing these problems is crucial to enhance the security and reliability of the existing system.

Reference

1. Duvey A.A..ARM7 Based Smart ATM Access & Security System Using Fingerprint Recognition &
GSM Technology: Pravara Rural engineering college, loni, Maharashtra, India. Accessed from
http://www.ijetae.com/files/Volume4Issue2/IJETAE_0214_147.pdf
2. K.Senthil Kumar and Dr.S.Vijayaragavan. New Secured Architecture for Authenticationin
Banking Application: Paavai Engineering College, Nammakal, India. Retrieved from
http://www.ijirset.com/upload/2014/february/23_New.pdf