SMART ATM PIN RECOVERY BASED ON FINGERPRINT IDENTIFICATION

I) TEJAS KESARWANI(19SCSE1010509)
II) PULENDRA KUMAR YADAV(19SCSE1010413)
III) SHIVAM SINGH(19SCSE1010270)

---------------------------------------------------------------------***----------------------------------------------------------------------
Abstract - Cryptography and Biometrics are two efficient Securely stores multiple pins and passwords and also the
and powerful technologies to appreciate high proven user could easily retrieve it whenever needed, within
information security. Biometric authentication verifies a seconds. This research work aims to change the system to
user's identity using biometric traits. However, a biometric secure ATM pins and passwords with user’s fingerprint
authentication fails to shield the user’s biometric template data such that only the real user can access the pins and
stored during a database, because it is at risk of various passwords by providing the valid fingerprint which is
attacks. This system is sort of a bio-cryptosystem that mixes stored within the database. Experiments were conducted
cryptography and biometrics together to beat the difficulties on fingerprint databases to check the performance of the
of those technologies. This project work aims at exploring proposed system.
the system to secure ATM pins and passwords with the
fingerprint data specified only the legitimate user can access 2. OVERVIEW
the pins and passwords by providing the valid fingerprint.
Cryptography is a technique to exchange messages
In ATM machines the user is identified by inserting an ATM between one user with another user or to secure
card and authentication is provided by the customer communication between them, by encrypting the message
entering a PIN. The PIN provided by the customer is to be safe from a third party because issued with a key that
compared with the recorded reference PIN within the bank is not owned by the third party. Encryption is a process of
Server .If the customer forgets the PIN after 3 trials ATM converting plain text into cipher text. Decryption is a
cards are blocked, to reactivate he needs to attend the bank process of converting the encrypted data into its original
and do the formalities which could be a time consuming job. form. It is generally a reverse process of encryption.
So fingerprint biometric is introduced to cut back this sort of
error. A cryptographic attack is a method for overcoming the
protection of a cryptographic system by finding a
Key Words: Fingerprint, ATM, PIN, Biometrics. weakness in a code, cipher, cryptographic protocol or key
management scheme. This process is additionally called
1. INTRODUCTION “Cryptanalysis”. The attacks like if another person takes
cash from the cardholder's account, then it violates the
Reliable information protection and identity management authentication that the protection must run to the
mechanisms are required within today's era of cyber- customer’s account. Here in this system authentication is
crime. Cryptography is the technique of securing completed by fingerprint identification.
information and communications through use of codes.
PIN based verification generally done in machine ADO.NET is used to speak between software applications
transactions. Enhancing this security, user authentication and databases. It is a platform which is employed for
process is a vital activity. The foremost important developing software applications like browser based,
problems include shoulder-surfing attacks, replay attacks, desktop applications, mobile applications.
card cloning, and PIN sharing. .NET framework consists of various APIs, languages and
libraries which helps to form various software
In today’s digital era, a personal has multiple ATM pins applications.
and passwords for his or her multiple accounts. A common
person tends to write down or store it in his phone’s Visual Studio is an Integrated Development
notepad or in a smartcard because it is difficult to Environment(IDE) developed by Microsoft to develop
memorize multiple pins and passwords. This could be GUI(Graphical User Interface), Web applications, web
easily compromised. With the recent advances in apps, mobile apps, cloud, and web services, etc. It provides
technology there is a requirement to create a system that support for 36 different programming languages. It is
available for Windows in addition to macOS.
MySqlServer is an open source database. It comprises The overall flowchart of the proposed system,
many classes. MySQL is written in C and C++. Its SQL
parser is written in yacc, but it uses a home-brewed lexical
analyzer. MySQL works on many system platforms. The
MySQL server software itself and also the client libraries
use dual licensing distribution. They are offered under GPL
version 2, or a proprietary license.

3. PROPOSED SYSTEM

The objective of proposing this technique is to avoid time

consumption. Usually the user inserts an ATM card and
enters the identification number for transactions. If a user
enters the inaccurate PIN then the user will be given two
more attempts to enter the correct one. If the user fails to
enter a legitimate PIN after three attempts, the card will
block and thus the user must visit the bank to reactivate
the ATM card which is time consuming. So the subsequent
are the objectives of this proposed system,

● To avoid the user to go to the bank and do the Fig - 2: Flowchart of the Proposed System
formalities to reactivate his/her ATM card.
● To activate the ATM card of the user at the ATM
When the user swipes the smart card , in case
centre itself with the help of finger print of the
invalid attempts, then by verifying fingerprints the PIN is
user.
shared. The fingerprint reference given during
transactions is verified with fingerprint reference given
3.1 Activity Diagram
during enrollment.

4. IMPLEMENTATION

This proposed system is used to make easier bank

transactions. Here the ATM machine is installed and can
perform all bank related transactions so that no need to
visit the bank.

Fig -3: Description of the System

Fig -1: Activity Diagram of the Proposed System
The following are the actors considered in this 2. ATM Registration Staff
implementation:
The security of ATM transactions relies mostly on the
1. Admin
integrity of the secure cryptoprocessor: the ATM often
uses general commodity components that sometimes are
2. ATM Registration Staff
not considered to be "trusted systems". So sensitive data
must be prevented from fraud. To prevent encryption is
3. Account Holder/User
done which is a cryptographic method.
To install an ATM machine, firstly the bank basic
1. Admin details should be given with ID. Then the registration
process is sent to the admin. Once the admin approves
In this module, the works done are initially login ATM setup/Machine registration then the customer can
through ID/password. Then banks are added and can view use the ATM machine.
those. Adding customer details to bank accounts and if
there are multiple accounts it maps customer's details. 3. Account Holder/User
Admin can deposit an amount to a particular customer
account. Admin sends identification number to the When the customer swipe card and enters the PIN
customer through Email ID using SMTP concept. Also number, the system verifies PIN with card number
Admin approves to ATM Machine Registration. Then loads registered, if valid then the customer home navigates to a
cash to the ATM machine, views the service request from different page where it displays multiple accounts bank
the customer. names, there customer should choose required bank.
There the user can check balance, withdraw, view
withdraw amount, view deposit, transfer amount, view
amount transfer details.

If the registered number and entered PIN are invalid,

the machine gives three attempts to enter valid PIN. After
three invalid attempts the card will be blocked. Then the
user is asked to swipe through the fingerprint scanner, if it
is the correct one then the PIN number is shared through
registered Email where he can login and enter the right
PIN. Also he can change PIN number in the ATM machine.

5. CONCLUSION

ATM authentication using PIN entry during

transactions results in cryptographic attacks. In this
system we proposed the Secured PIN based authentication
using fingerprint and OTP based authentication service to
beat the attacks. From the experiments carried out in this
system can be used in a real time environment and also it
provides the power to vary the PIN in the ATM machine
itself. This technique will be future enhanced to multiple
bank accounts by mapping to their accounts.

Fig - 4: Admin Panel

REFERENCES

[1] Fingershield ATM – ATM Security System using

Fingerprint Authentication, Christiawan; Bayu Aji
Sahar; Azel Fayyad Rahardian; Elvayandri Muchtar
2018 International Symposium on Electronics and
Smart Devices (ISESD)
[2] Securing ATM pins and passwords using Fingerprint
based Fuzzy Vault System, Sweedle Machado; Prajyoti
D’silva; Snehal D’mello; Supriya Solaskar; Priya
Chaudhari 2018 Fourth International Conference on
Computing Communication Control and Automation
(ICCUBEA)
[3] www.seminarsonly.com
[4] www.geeksforgeeks.org
[5] wikipedia.org
[6] itstillworks.com