U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

INTRODUCTION TO EFT (ELECTRONIC FUNDS TRANSFER) SECURITY

NCJ Number
48899
Author(s)
ANON
Date Published
1976
Length
25 pages
Annotation
SECURITY RISKS IN THE ELECTRONIC FUNDS TRANSFER (EFT) ENVIRONMENT ARE IDENTIFIED AND RATED, AND COUNTERMEASURES WHICH CAN BE IMPLEMENTED ARE DISCUSSED.
Abstract
THE SECURITY RISK IN THE EFT ENVIRONMENT IS CLASSIFIED INTO TWO PROBLEM AREAS -- IDENTIFICATION, AND PENETRATION OF THE VARIOUS SUBSYSTEMS. IN CONSIDERING THE PROBLEM AREA OF IDENTIFICATION, THERE IS A PRIMARY RESPONSIBILITY TO IDENTIFY THE USER OF THE EFT SYSTEM. THE CURRENT MECHANISM FOR IDENTIFICATION IS BASED ON A TWO-KEY ENTRY ACTIVATOR -- THE USE OF A PLASTIC CARD AND KNOWLEDGE OF A PERSONAL IDENTIFICATION NUMBER. THE SUBSYSTEMS ENDANGERED BY PENETRATION OR VIOLATION ARE: THE CARD, TERMINALS, COMMUNICATIONS LINKS, AND THE COMPUTER. IDENTIFICATION TECHNIQUES ARE DESCRIBED, AND THEIR RELATIVE COST AND RELIABILITY ARE DISCUSSED. ONE OF THE MOST POPULAR IDENTIFICATION TECHNIQUES -- USE OF A PLASTIC CARD -- IS DISCUSSED IN TERMS OF CARD SECURITY VULNERABILITY, COUNTERMEASURES, AND STANDARDS. THE VULNERABILITY OF DATA TRANSMISSION OPERATIONS IS DISCUSSED, AND COUNTERMEASURES ARE DESCRIBED. IN CONNECTION WITH DATA TRANSMISSION SECURITY, THE ENCRYPTION STANDARD OF THE NATIONAL BUREAU OF STANDARDS IS CONSIDERED. COMPUTER SECURITY IS ALSO DISCUSSED IN TERMS OF VULNERABILITY AND COUNTERMEASURES. APPENDIXES INCLUDE REFERENCES CITED AND A BIBLIOGRAPHY. (RCB)