Page 736 - Emerging Trends and Innovations in Web-Based Applications and Technologies

P. 736

International Journal of Trend in Scientific Research and Development (IJTSRD)
Special Issue on Emerging Trends and Innovations in Web-Based Applications and Technologies
Available Online: www.ijtsrd.com e-ISSN: 2456 – 6470

OTP Authentication in Reducing ATM Fraud:
A Case Study Approach

1
2
Rajshekhar Gopal Lendguri , Kartik Tirupati Durgam ,
4
3
Prof. Poonam Kale , Prof. Anupam Chaube
1,2,3,4 Department of Science and Technology,
1,2,3,4 G H Raisoni College of Engineering and Management, Nagpur, Maharashtra, India

ABSTRACT 2.2. Limitations of Traditional ATM Authentication
ATM fraud has become a significant concern for financial Traditional ATM security relies on two factors: the physical
institutions worldwide, with various methods such as card card (which contains magnetic stripe or chip data) and the
skimming, PIN theft, and unauthorized access leading to PIN. While these methods were initially considered secure,
millions in losses each year. This paper examines the role of they are now increasingly vulnerable.
One-Time Password (OTP) authentication in mitigating
Card Skimming: Despite improvements in chip technology,
ATM fraud. By reviewing two case studies of banks that
skimming devices can still capture data from magnetic stripe
adopted OTP systems in their ATM networks, this research
cards.
evaluates the effectiveness of OTP in reducing fraudulent
activities. The paper also explores the advantages and PIN Compromise: PINs are static, which means they can be
challenges associated with OTP implementation in the stolen or guessed over time. A stolen PIN combined with a
context of ATM transactions. cloned card can allow attackers to withdraw money from

ATMs without triggering any immediate red flags.
1. INTRODUCTION
Given these vulnerabilities, there is a clear need for a more
Automated Teller Machines (ATMs) are integral to modern secure and dynamic solution that goes beyond static PINs
banking, providing convenient access to financial services.
and physical cards.
However, as the use of ATMs has expanded, so have the
opportunities for fraudulent activities. Traditional ATM 3. OTP Authentication: An Overview
authentication, based on the use of a magnetic stripe card OTP authentication provides an additional layer of security
and a Personal Identification Number (PIN), has been by requiring users to enter a unique, time-sensitive
increasingly vulnerable to various types of attacks, such as password generated for each transaction. Unlike traditional
card skimming, PIN theft, and unauthorized withdrawals. PINs, OTPs are valid only for a limited period and can only be
used once, making them highly resistant to fraud.
To address these vulnerabilities, OTP (One-Time Password)
authentication has emerged as an effective solution. OTPs There are several methods for delivering OTPs:
are temporary, single-use passwords that are generated for SMS-based OTP: The OTP is sent to the user's registered
each transaction, offering enhanced security. This paper mobile number via SMS. This method is the most common,
investigates how OTP authentication systems have been though it is vulnerable to SIM-swapping and network
implemented in ATM networks and evaluates their attacks.
effectiveness in reducing fraud, using case studies from two
App-based OTP: Apps like Google Authenticator or dedicated
banks that have adopted this technology.
banking apps generate OTPs. These are more secure than
2. ATM Fraud and Traditional Authentication Methods SMS-based OTPs because they do not rely on network
2.1. ATM Fraud and Its Impact connectivity.
ATM fraud continues to be a significant issue for financial Email-based OTP: In some cases, OTPs are sent to the user’s
institutions. According to reports, the global losses due to email address, though this is less common for ATM
ATM fraud amount to billions of dollars each year. The most transactions due to potential delays.
common methods of fraud include:
Voice-based OTP: For users who may not have access to
Card Skimming: Fraudsters attach devices to ATMs that smartphones, voice calls with OTPs can be an alternative.
capture the magnetic stripe data of cards. This data is then
used to clone cards and access user accounts. The key advantage of OTP is that it provides dynamic,
transaction-specific verification that is much harder to
PIN Theft: Techniques such as shoulder surfing, hidden
exploit compared to static PINs.
cameras, or physical tampering are used to steal the PINs of
users, which, when combined with a stolen card, enable 4. Case Study 1: OTP Implementation in a Major Bank’s
fraudulent withdrawals. ATM Network
4.1. Background of the Bank
Account Takeover: This occurs when fraudsters gain access A leading global bank with an extensive ATM network faced
to a customer’s account through a variety of means, such as increasing fraud incidents, including card skimming and
phishing or social engineering, allowing them to perform unauthorized withdrawals. In response, the bank decided to
unauthorized transactions.
implement OTP authentication across its ATM system to
enhance security and reduce fraud.

IJTSRD | Special Issue on Emerging Trends and Innovations in Web-Based Applications and Technologies Page 726

731 732 733 734 735 736 737 738 739 740 741