Diebold has been demonstrating its vision for the future of hole-in-the-wall cash machines, and it's one which replaces the plastic card with a cloudy alternative. Diebold claims to have "re-imagined the automated teller machine experience for the millennial generation", but between the buzzwords are a couple of interesting …
Gone are physical buttons, replaced by one of those touch screens which are so popular with the kids these days
How novel. I must have imagined using a touch screen ATM yesterday.
Indeed. Not to mention "interface clearly inspired by the iPhone and its ilk" - my 2005 feature phone had coloured icons. As did the 1985 Amiga and Windows 3.1.
(And whilst most ATMs seem to opt for text buttons, icons on touch-screen kiosk type things, like ticket machines, has been done for years.)
I don't see how that's more convenient than the current ATM...
- What if you forgot to plug your phone last light?
- What if you don't have a smartphone?
- What if you donwloaded an app that upload your actions to a remote server?
- What if some crooks intercept the data tranfert between phone and ATM? A device of this type could be a few meters away from the machine and very hard to detect.
Couldn't we have instead a 2 factors authentication, so even if your card is stolen and the password somehow known, they would also need your phone? And every phone, smart or not, can receive SMS.... (agreed you still need a phone... and battery...)
The problem with the banking industry today is that it (the retail side at least, the investment side brings a whole other set of problems) seems more interested in introducing interesting new ways for customers to get money, and less interested in securing that money.
Think NFC bank cards.. I can think of a number of ways a person could lose money with that..
Also, I am not entirely convinced that the system NatWest uses to give you money if you lose your card is secure (although in fairness, I have not looked in to this so could very well be wrong).
TBH, I fail to see any advantage of this new idea for the customer. I can see the advantage for the banks, in that they don't have to issue cards, which while it may be a tiny cost, is still a cost they can cut, but I feel the potential security problems outweigh the cost savings..
What if it's made by Diebold, who also makes electronic voting machines which aren't trusted?
There trusted all right
That's the problem. . .
Re: One more
I was thinking exactly that: the voting machines that posted all their data back to an Access database, so perfectly secure that any noddy techie could change the results.. and no audit to check against.
One hopes that the banks who consider using this technology will do more rigorous testing than the Ohio (& other) electoral boards managed
"NFC bank cards.. I can think of a number of ways a person could lose money with that.."
Pray tell, what are these methods that you can think of?
If I can't explain in one sentence why each of them is a fallacy based on uninformed FUD then I will give you £20 (the maximum value of a contactless transaction) personally.
Now people of the older generation can take even longer to fail to get their cash out.
And don't these marketing people know the difference between 'internet' and 'cloud'? Scanning a QR code to download an app is not cloudy. And how long will it be before those QR codes get stickers over them with a link to a malicious app instead?
Great... so the muggers can see you have cash and an expensive smart phone on you... result!
Are these PRISM activated Atms ?
I presume that to get some cash we will soon have to make a formal request to the NSA / CIA / FBI etc..... by using our telphones we are doing that anyway......
Work all day in office. Go to pub. Need cash. Battery flat. Go home.
Re: Battery Life
Possible use case for the iPhone charger that downloads malicious software to your phone? Plug it into the wall beside the machine with a little official looking sign that says it's there as a convenience for ATM users with dead phones, and voila!
Charger ... malware?
Only by a seriously retarded design would one need to worry about the possibility of code execution when plugging in a power source.
Today is not April 1st
Fake QR code? Not needed. Simply replace the QR code with the valid QR code of "another" ATM.
Now all a crook has to do is to wait at the other machine and wait for money to be released. Magic!
Depending on how NFC is implemented this might work even better with NFC.
Who thought that giving up the principle: something you have, something you know was a good idea?
The same guys that sold us electronic voting machines ...
I'm sure I'm not the only one who thinks that if we no longer make things people want and that the solution is probably not to just find ways to charge more for the same function.
This is not a solution, its an economy about to implode further.
So, it has a touch screen.
1) What happens if it gets wet - unless these are for inside only or we going back to those slide covers.
2) What happens if I've got gloves on
3) What happens if I have reduced vision or am blind - there is no tactile feedback for where the buttons are
I'm all for touchscreens, where appropriate, but buttons work for a reason.
Re: Touchscreen mania
Touchscreen mania indeed.
Cars are another area of inappropriate use of a touchscreens.
Re: Touchscreen mania
Another issue with touch screens is leaving a more visible indication of where you've been "tapping" the on-screen buttons.
If I've just entered my PIN using the touch screen I'm going to leave four greasy fingerprints on the screen. I think this came up as an issue with unlock codes/gestures for unlocking smartphones, but I can't find the story.
If you have no repeated digits in your PIN, a mugger that knows those four digits shortens the odds on nailing your PIN from about 1 in 10000 to about 1 in 24*. That improves the success rate for someone shoulder surfing who is confident of the order but may not see every number.
One solution would be numbers that appear on the screen in different configurations each time, but that brings a whole usability firestorm with it as people are used to a keypad in the same arrangement every time (normal busy/not paying attention people, not just the visually impaired etc). Thus card swallowings on a massive scale!
* Note to Maths pedants - figures may vary - they're BoE Monday Morning maths reliable only :)
Re: Touchscreen mania
My Lexus has a nice touch screen interface. But it also has some sensible buttons down each side of the screen. Might sound silly but it's the major reason why I'm not changing it for the new one they keep trying to get me on to. On the current generation, the nice touch screen has been replaced by a nasty joystick sort of mess you have to waggle about....
Re: Touchscreen mania
Although I agree with you in principle that interfaces should be appropriate for their intended application and user demographic, your comment demonstrates that you need to engage brain.
The "issues" you bring up are very easy to solve and already have been. I'm not even going to bother explaining.
Also, questions are punctuated with question marks. See?
Diebold, now there's a name you can trust ?
For my bit of London at least this is a non starter. Using the cashpoint here is a dubious enough proposition without wafting your iThingy about as an advertisement to the enthusiastic population of local muggers that you have something worth nicking beyond the cash you've just withdrawn.
And the point is?
You use your phone instead of your card. How is this different to sellotaping a contactless smart card to the back of your phone, apart from all the new imaginitive security flaws the "imagineers" have failed to imagine?
What is it with the QR code crap anyway, why not just interrogate the phone for its SIM and IMEI. Actually why not just give people a little card they shove into the machine. They can keep it with their money. Or they can sellotape it to the back of their phone if it is contactless.
I don't think so.
Even if theft was my only concern, no way. Just too many bad guys and Fed agencies messing around for my taste.
That's without discussing the merits of Diebold, which does not bear discussing.
All these "innovations" seem like solutions for non-existent problems.
When was the last time you were at an ATM thinking, "Boy it's difficult to access my money...." ?
So in the many, many places that O2 and Vodafone signal is not good enough to use data (I cannot comment on other networks) you will be unable to get your own money.
Re: brain issues
Nowhere has it been stated that these machines are unable to operate using the usual format.
A wonderful idea
Now the NSA will know whenever I draw money from my bank.
Re: A wonderful idea
You think they don't already?
I wish the banks would stop buying all this crap and just give us a decent banking service - like the good old days where we used to get "interest" on savings. Remember that Mr Banker???
Mr Banker reply :
we remember these days of course... But since then the sloppy economy made us realize that our Customers would save money whatever the incentive is. I take this opportunity to send you our price increases for the coming year.
a six-digit code which can be entered in any compliant cashpoint
Sounds like a new lottery game. Just pick 6 numbers, type them into a cash machine near you, and you might be the lucky winner! You don't even need to buy a ticket.
Re: a six-digit code which can be entered in any compliant cashpoint
The odds are actually better than for the lottery.
Not using my phone as an electronic wallet
As others have stated, it's bad enough that muggers are stealing iPhones for their fashion accessory value. NFC makes them far more attractive to steal as electronic wallets. Unless this becomes law and cards and cash are completely done away with, I won't be using my phone to pay for anything anywhere, at any time.
i just wish ATM software writers would add just ONE extra function to their system to check the type of notes in the machine BEFORE displaying the options.
Most of the time I get the option of 10, 20 , 40, 60, 90, 120.
Pick 90, then it waits 10 seconds before telling me it can only dispense in 50 units, so type in what you want.
How hard is it to check that BEFORE requesting the input and only displaying the options the machine can dispense?
Re: my wish
Any why do they put £50/50€ notes in those machines anyway? I want cash to pay for small things, like a coffee or a paper, and shops hate being given a big note for that. If I'm paying £50+ for something I'll use a card.
Re: my wish
Every ATM I've used in the last few years does this - only shows the options that it can dispense, and usually tells you if say only £20 notes are available before you even put the card in.
Is this designed to make cash so difficult to get hold of everyone will finally be persuaded to use contactless payments instead?
So to get cash I have to
- unlock my phone using my pin/code
- launch the diebold/my banking app. maybe enter a pin for this app too?
- scan the qr code (how well does this work with bright sunshine/rain on the atm?)
- enter the 6 digit pin on the terminal (*)
- scroll the amount to select the required amount (as opposed to just pressing a single button for the amount)
- get cash
As opposed to insert card, enter 4 digit pin, press amount button, get cash.
(*) from the vid it implies that you enter this pin to prove that you are in front of the machine (e.g. you haven't scanned the machines qr code from somewhere else?). But surely the qr code displayed on the atm just needs to be unique for each transaction which proves you have scanned the code at the atm and would eliminate this. I can't see how entering this pin provides any additional security.
So currently if my card is lost or stolen I can ring my bank which gives me a one off code to enter into a cash machine and let me withdraw some money (after they verify who I am of course).
So what happens if my phone is lost or stolen? Will I be able to, I don’t know, have a bit of paper, or even plastic (as it would last longer) that this machine could scan in some way, and I could enter a code to make sure I can get money out?
Not that it matters, because as pointed out this kind of thing appeals to the type of people who want to use their phone to pay for everything, so why would they use their phone to withdraw money they won’t use?
On a side note I was in a petrol station last week, and there was quite a queue for one of the tills, and not the other, even though both had someone behind. Turns out they were having ‘connectivity issues’, one of the card readers was not working and the other was extremely slow and the 10 or so people waiting to pay by card or swipe their phone were taking an age to do it.
On the other hand I was able to walk up to the other till, past the queue, the girl behind it said “Sorry, the card machine is not working” I proceeded to produce a number of bank notes from my wallet to pay, to the amazement and shock of those around me, that I would be so silly to carry around cash to pay for things.
Just to rub it in I went back in a few seconds later and bought a bottle of water with the change, as someone tried for the 3rd time to enter their pin and have the guy stand on a stool and get signal.
A smartcard is a fairly secure device. It's simple enough to be understood from a security perspective and it only talks to the ATM and only when you want it to talk to it.
Now a smart phone is a device which has absolutely no security. (except when it's about the business model of the manufacturer/mobile operator) With NFC it can talk to just about anybody getting close enough to it, with GSM, Blutooth and WLAN even with other people. It's just a nightmare to get that secure.
"re-imagined the automated teller machine experience for the millennial generation"
Are these kids old enough to have bank cards yet? By my counting (and I only got a B in A level maths) the "millennial generation" are all still under 14 years old.
Re: Age related?
The term "millennial generation" (or "Generation Y") is used to describe people who came of age around 2000, hence born in the early 80's. It's the follow-on from the sequence of "Baby Boomer" and "Generation X".
Touch screen failure
I recently took my elderly mother-in-law to the cashpoint, to discover that they had installed a fancy new touch device. Unfortunately, it seemed to be quite unable to register her fingers - even when we found where the actual touch point was (not always easy).
She will not be using that machine again.
Apart from the fact that it is next to the chippy, and rapidly developing a good layer of grease.
Not wrong El Reg!
That video has got to be the fastest round of Bullshit Bingo I've ever played, and I've seen some doozies at various meetings and presentations.
Now I can get my cash without touching the cash m/c - I mean it might have germs or (worse) be running windows. The only problem is I might mess my pants with the excitement of using my lovely lovely apple device to do something I could have done twice as easily without it but in a way that might have made me look like a pleb.
I'm so glad the banks spend their (my? your?) money on this kind of stuff rather than on paying interest on deposits or returning defrauded money to idiots they miss-sold to or (God forbid) paying staff who do real work.
Give that CIO a huge bonus - and the CEO too, this is the kind of forward "thinking" we like!
Whoops, I may have set off the sarcasm overload alarm.
It could be worse
The thing could run on Windows 8.
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Game Theory Half a BILLION in the making: Bungie's Destiny reviewed
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland
- Every billionaire needs a PANZER TANK, right? STOP THERE, Paul Allen