CONTINUE TO SITE »
or wait 15 seconds

News

Shared ATM access leads to more sophisticated security

In a world where ATM management has become increasingly complex, so has the technology designed to secure the vaults of the machines.

November 10, 2003

Much like the machines themselves, lock options for ATMs range from the low-priced basics to costlier models that offer more features and functionality.

Nothing much has changed at the low end, with mechanical locks that have a dial for entering combinations. However, it's a different story at the higher-end machines typically owned by financial institutions.

The popularity of non-branch ATMs, which are serviced by armored car companies and other third-party vendors, led the makers of locks to introduce software-driven electronic models with multiple, changeable combinations to allow different users to access the ATM vault.

Original shared access

The first such model was Cencon, introduced by Kaba Mas (then Mas Hamilton) in 1995. Cencon utilizes one-time combinations and electronic user keys that are created, deployed and managed from a dispatch center. A key feature of Cencon is its ability to create an audit trail; a time/date clock in users' keys tracks their activities and can be uploaded to a "smart key" to conduct investigations in case of theft.

Before this feature was introduced, losses generally were split two or three ways from whichever companies had access to combinations. Also, combinations had to be changed whenever an employee left a company.

"Many times the combination would not be changed, meaning that someone who didn't even work for you anymore still had the combination to an ATM with thousands of dollars in it," said Nathan Brown, Kaba Mas' product manager.


This story and all the great free content on ATM Marketplace is supported by:

Sargent & Greenleaf

A SERIES Locks, the intelligent solution to shared ATM access.

 


-----------------------------
Advertise on ATM Marketplace.
 Click here for details.

Audit trails from Cencon locks have been used in successful theft prosecutions, Brown said.

Brown said that Cencon offers access to three companies, all of which have their own software. First Line Maintenance or FLM mode dispatches combinations so employees of service companies can fix hardware problems at the ATM. Route mode dispatches combinations to the ATMs so employees of armored carriers can replenish cash or pick up deposits. An optional Bank mode allows users to choose individual PINs for their keys to open the locks without being dispatched.

The Cencon generates a one-time combination that is assigned to a particular user's key for the next opening of a particular lock. Time and date stamps are recorded in the lock and the key.

Both the software and the locks hold the same company-specific user information, which enables both parts to know the algorithm that generates the next combination, Brown said. The dispatcher at the software calls a lock user to give the new combination.  Upon closing the lock, the lock user calls the dispatcher back with a "close seal."

The Cencon also incorporates Kaba Mas's PowerStar technology, which eliminates the need for batteries to power locks. "This prevents users from ever worrying about changing dead batteries or other power failures," Brown said.

Cencon was so successful that other lock vendors introduced models with similar features. Both Kaba Mas and its competitors continue to refine the shared access management concept.

Tweaking the concept

LaGard, for instance, has the LG Audit, which offers shared access to a manager/dispatcher and up to eight users, said George Chenarides, a regional sales manager based in Costa Mesa, Calif.

In the first quarter of 2004, LaGard expects to introduce a product called the Navigator, which Chenarides said will be wireless and will simplify the management of multiple combinations. "It will make the process much more automated," he said.

In 2000, Sargent & Greenleaf (S&G) introduced its A Series ATM lock management system. Unlike the Cencon, the A Series generates one-time-use combinations that are time and date specific. Users request a date/time window for each operation, such as accessing the ATM, downloading an audit trail or resetting the lock. The combinations can be generated individually or in batch for routes. If a combination is not used during its specific time window, it expires and cannot be reused.

According to Tom Hartmann, vice president of S&G's Financial Division, because S&G's design does not require synchronization between the software and locks, it is not susceptible to locks becoming out of synch with the software, which can create obvious problems with audit trails. "We have introduced a more accurate and reliable audit trail, which can be critical when investigating losses," he said.

The A Series also eliminates the need for users to contact dispatch operations with a "close seal" after every call, Hartmann said.

"With close seals, the employee is supposed to call in every time and give a close seal to keep the lock and software in synch," he explained. "In the real world, they usually just scribble close seals down on a list and turn them in at the end of the day. With the A Series, what you do today has no effect on tomorrow's combination."

Hartmann said the A Series utilizes a Microsoft SQL2000 database and Triple DES encryption. "We are ready to operate in WAN and LAN network environments, with automated database archiving, back-up and recovery," he said.

The A Series does not limit the number of companies sharing access to a given ATM to two or three. "We support shared access by any number of authorized systems, leading to greater operational flexibility," Hartmann said.

A Series also eliminates the need for costly vendor meets to transfer access authority -- avoiding the rather sticky issue of competitors having to meet at an ATM. "With our system, Company A just sends an encrypted file with the ATM data to Company B that indicates the change and when it will occur," Hartmann said.

The A Series locks are powered by two nine-volt batteries, which typically last more than four years, Hartmann said. S&G is introducing a new model that will use a lithium battery, which will increase the battery life to 10 years.

Kaba Mas also continues to tweak its Cencon technology as the ATM industry evolves, Brown said. Recently, the company created a Cencon Sub-Locking System that allows customers to use multi-door ATMs, controlling access with a single one-time combination that tells the lock which compartments can be opened and providing a complete audit of each open and close. 

Kaba Mas is developing software with a feature that allows dispatching locations to transfer encrypted data electronically to initialize, audit or deactivate locks or user keys from a laptop at remote locations. "This saves the time and money spent mailing out programmed keys," Brown said.

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Featured Vendor

Simple | Secure | Service | Solutions. From ATM sales, support, and service to enterprise security solutions with Next Generation technology. ‍Think CSG First. We Make it Happen!

Learn More
Recent Posts
Fifth Third Bank to acquire Comerica in $10.9B deal
EU considers sanctioning Russian-backed stablecoin A7A5
NCR Atleos partners with Moto for Cashzone ATM access
SECU celebrates 6th annual kindness campaign
Former Comptroller of the Currency joins ModernFi board


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'