Atm BVN Integration Thesis Paper
Atm BVN Integration Thesis Paper
Atm BVN Integration Thesis Paper
ISSN 2229-5518
1
Abstract— Automatic Teller Machine (ATM) fraud is a global threat and has been on increase in Nigeria. Conventional security system to
protect customer’s accounts on ATM has been debased. This paper aims at presenting an empirical model of securing Nigerian ATMs using
Bank Verification Number (BVN) indicating technical ATM integration. Two integration models namely BIO and BIO-PIN models were
examined with ATM state flows. The models were integrated with biometric application and connected to a BVN emulator. Each model requires
a biometric state and was integrated into the ATM state flow. The biometric state was used as an exit state to the biometric application which
is exclusively different from ATM application. The whole unit was linked through a web service to a BVN emulator for verification process;
customer primary account number (PAN) was used as a query parameter to retrieve fingerprint image from BVN proxy server which was
connected to the main server.
Index Terms— Automatic Teller Machine (ATM), Bank Verification Number (BVN), BIO and BIO-PIN models, Biometric, BVN emulator,
NCR ATM, fingerprint image.
—————————— ◆ ——————————
rather than identification (one-many) which requires a form of • ATM integrating module
unique identifier to verify user is the better option to adopt on • BVN server integrating module
ATM.
2.1 CAPTURING MODULE
The client application captures fingerprint image from bio-
scanner (Dermalog device); and verifies against existing BVN
repository through an exposed web service. The web service
interacts directly with bio-database. The validation is a one to
one process; this means that the captured image is verified
against an existing customer bio-data. The use of ATM card is
still required. A preliminary search is performed on the bio-
database using customer’s account which is linked with the
card number, and primary account number (PAN), which is
indirectly linked to BVN. This will narrow the verification
process down to 1:1 and speed up the matching process.
2 SYSTEM DESIGN
This paper presents two models that were simulated in the
ATM laboratory to implement fingerprint biometric on NCR
ATMs. The research work is dependent on BVN project as the
central biometric database. Identifier as the application was
called is an ATM Biometric client that was developed and
deployed on ATM together with an authorized bio scanner
device from Dermalog. The client-server application involves Fig. 2: An overview of the Application design
four stages these are:
• Capturing module NCR direct connect (NDC) application software. Both PIN and
• Validation module Next states are part of NDC platform. An actuating switch is
INTERNATIONAL JOURNAL OF SCIENTIFIC & ENGINEERING RESEARCH, VOLUME 7, ISSUE 8, AUGUST-2016
ISSN 2229-5518
3
two populations, the scores have normal distributions, (µ, 𝜎), Calculating specificity and sensitivity;
and the same standard deviation, SD or σ, where in A, the
mean is μA and in U is μU. The standard deviation, σ, is given
mathematically as shown in (1) TP 95
Sensitivity = = = 0.863 = 86.3%
(TP + FN) 95 + 15
𝜎 = √1/𝑁(∑𝑁 2
𝑖=1(𝑥𝑖 − µ) ) (1)
TN 485
Specificity = = = 0.989 = 98.9%
where 𝑁 = number of individuals, (TN + FP) 485 + 5
𝑥 = individual score,
µ = mean score
An individual that has its score greater than threshold 𝑡 will be 4 CONCLUSION
accepted. However, if the score from unacceptable individuals This paper has demonstrated a practical method of integrating
is greater than 𝑡, it is false acceptance or if the score from the a biometric system on ATM with existing BVN biometric
acceptable individuals is below 𝑡, it is false rejection. The database, and performance was evaluated mathematically.
probabilities of the two scenarios are shown mathematically; Biometric is a very secure system which has been extended to
ATM environment. A better performance can be achieved if
𝐸𝑟𝑟𝑓𝑎𝑙𝑠𝑒𝐴𝑐𝑐 = 𝑃(𝑁(µ𝑈 , 𝜎) > 𝑡) (2) the threshold is considerably adjusted to increase sensitivity or
to reduce FRR. Nonetheless, the performance will definitely be
𝐸𝑟𝑟𝑓𝑎𝑙𝑠𝑒𝑅𝑒𝑗 = 𝑃(𝑁(µ𝐴 , 𝜎) < 𝑡) (3) different when deployed in a live environment where there are
heterogeneous set of users of large number compared to what
was tested in the laboratory with homogenous set of users of
If the classification threshold selected is too high some client small number. The user experience on every new technology
patterns will be falsely rejected and if it is too low some is a contributing factor that will affect the performance of the
impostors will be accepted. The threshold, t, was chosen system, and thus will increase the failure rate. However, it
moderately around 50. The error rates calculation is as shown predisposes a risk of customers being kidnaped in order to get
in (2) and (3) respectively. FAR and FRR were determined to fingerprint access to customer accounts on ATM. In addition
plot ROC curve. Choosing a threshold of 50%, 15 impostor to this, customers will not be able to give their ATM cards to
scores exceeded the threshold and 5 genuine scores fell below either friends or family anymore. Despite the shortcomings, it
the threshold. Calculating FAR and FRR: is expected that ATM biometric system will reduce ATM
frauds to a great extent in Nigeria when fully implemented in
live environment.
impostor scores exceeding threshold 15
FAR = = = 3%
all impostor scores 500