Can we build an unhackable ATM?

Every year, customers lose money to hackers who find a way to steal their identity at ATMs. Can we stop this? Researchers based in Canada and Switzerland believe they may have found the answer in zero-knowledge proof cryptology.

In a study, the researchers from the University of Geneva and McGill University in Montreal, Quebec argue they have uncovered a three-colorability method that can replace the PIN-system, according to a report by CNET.

With this method, the first party proves to the second party it knows something, while the first party can't reveal the information it knows to the second party. For example, if a colorblind individual wanted to prove that someone else could see color, they would need to ask them a variety of questions, such as asking them to tell them the colors on a particular set of cards. But the colorblind person would need to change the order they show the other person the cards so they can prove the person can actually see color and isn't just memorizing a pattern.

For ATMs specifically, this would involve users having a device with a color map on it. The ATM would then ask the device hundreds of thousands of questions about the sections of the map colors. The ATM would never receive enough information to know the entire map, but would deliver the cash because of the device's correct answers that proves it can see all the colors.

At the same time, the researchers aren't totally convinced that this solution is fool proof, but with more work, it could prevent a lot of fraud and other security issues.

To learn more about how this protocol in a practical sense, ATM Marketplace spoke with Sébastien Designolle, a physicist at the University of Geneva and co-author of the study.

Q. How did you begin to study this issue with ATM security?

A. By chance. The collaboration between McGill and Geneva started a few years ago on a different but related problem: relativistic bit commitment. The Canadian theoreticians recently came up with an interesting zero-knowledge protocol that we implemented in Geneva since the technology required is similar to the one used in the past.

Q. What is the primary security issue with current ATM PIN standards?

A. Giving away your PIN can turn very risky when the ATM is not trustworthy. A striking example is the one of fake cash machines installed on top of real ones, a technique that has already been successfully used by fraudsters.

Q. How would this work on a practical level? Would users need a special device?

A. Typically banks (or maybe smartphone companies) would deliver special chips (required for the very short response time needed) on which users could load their private key (the three-coloring) as well as the shared randomness needed to run the protocol. Biometry may also be involved to remain secure in case of theft.

Q. In the study, you mentioned that someone could potentially break this proof. How would that happen and how can it be prevented?

A. The protocol has not been proven yet to be secure against quantum provers, that is, adversaries having entangled resources at their disposal. The solutions proposed in our study are still out of practical reach but I believe that more theoretical work may prove that our protocol is actually secure, even in this case.

Q.Where can interested parties access this study?

A.The original paper can be found here. I also strongly recommend the more accessible perspective written by Gilles Brassard in the same issue of Nature.