As most US residents are aware, the Citibank ATM/Automatic
Teller Machine network failed last night. Citibank is
still having problems today.
From Reuters:
"The Citibank ATM network and other systems experienced a
temporary outage last evening." "While our systems were
restored by early Wednesday morning, we have continued to
experience difficulties this morning. We're working hard
to resolve the issues as quickly as possible."
Since there is very little "unique" network equipment in
the world now, just about everyone buys equipment from the
same vendors. So the question is, Can we learn anything from
Citibank's experience. Is there anything about their continuing
problems which may be used to improve general network reliability?
I tried to find out some information from Citibank's web site
about the issue, but I didn't see anything.
Since there is very little "unique" network equipment in
>the world now, just about everyone buys equipment from the
>same vendors. So the question is, Can we learn anything from
>Citibank's experience. Is there anything about their continuing
>problems which may be used to improve general network reliability?
I've set up a few ATMs. I have used DSLw+ & STUN on 25xx ciscos and FRADs. I have also seen modems used. The machines themselves all ran OS2, but some banks were talking about moving to NT (this was before Win2K).
When they used IP, they did use cisco, but they did not all use IP. That said, I did most of this many years ago (remember - ianai :), and the "newer" stuff was almost all IP. It would not surprise me if the majority of contemporary ATMs use IP.
It would also not surprise me if Citibank has a lot of old ATMs that use 4.8Kbps modems.
>I tried to find out some information from Citibank's web site
>about the issue, but I didn't see anything.
Somehow I think they would be extremely reluctant to tell anyone what they use inside their ATMs....
we did a small bank project at a place i worked a couple of years ago.
the ATMs (mostly NCR, one Diebold) were all Bisync, but were converted
to SNA in the course of the project. all but one (the Diebold) ran
at 9600 baud; the Diebold just would not work until we slowed it down
to 4800 baud.
the technology involved was really pretty icky. i don't ever want to go
near a small bank network again.
As a small clarification, when you say IP, do you mean over the public
internet, or on a private IP network? I'm going to guess the latter, but
thought I'd ask...
Ahhhhhhhhhhh, important distinction. Sorry it was not clear. These were all over private lines, modems or private FR. When I said "IP", I meant they just used IP as a transport protocol. (As opposed to raw SNA or something.)
I have never set up an ATM that used the Internet.
Somehow I think they would be extremely reluctant to tell anyone what they
use inside their ATMs....
Security through obscurity... most of them are not even encrypted
and if they use dial-up lines (instead of dedicated lines)
it's often just like the point of sale stuff.. 1200/2400 baud dial-on
demand, it takes a few seconds to sync, send a short text string, get a
reply auth.
On the other side.. I just inherited some hardware encrypted triple-des
modems and serial interface cards, as well as a Cylink V.35 hardware
encryption 'shim' with valid keys for a large banks wire transfer
department... I guess I should ship it to them. From Argentina?
(Just kidding, I like being an American Citizen)
As a part of other work we do here, we deal with ACH money transfers.
The backup method of connection to one institution that we help a customer
move millions per day through is a plain text e-mail to an AOL address.
We've tried to explain, even refused to send the files, but no clue is in
sight. They don't even want them zipped. Secure e-commerce is a
farce, even at the corporate giant level. --Mike--
I've done work for a certain bank in Minnesota that actually had business customers
email their ACH deposit files (plain text) to a Hotmail.com address, where they downloaded
it from, and processed it without question (uh, hello?). At one point a company I worked
for was actually using them for ACH deposits, and were told that we would have to bring
the ACH file on a floppy disk because hotmail claimed that the email had a virus attached.
oh yeah, every computer in the building had a modem, connected to a POTS line, waiting to be
dialed into.