WO2014203178A1 - Procédé et système de contrôle d'accès - Google Patents

Procédé et système de contrôle d'accès Download PDF

Info

Publication number
WO2014203178A1
WO2014203178A1 PCT/IB2014/062362 IB2014062362W WO2014203178A1 WO 2014203178 A1 WO2014203178 A1 WO 2014203178A1 IB 2014062362 W IB2014062362 W IB 2014062362W WO 2014203178 A1 WO2014203178 A1 WO 2014203178A1
Authority
WO
WIPO (PCT)
Prior art keywords
atm
safe
vault
information
access
Prior art date
Application number
PCT/IB2014/062362
Other languages
English (en)
Inventor
Malcolm William Thomas
Original Assignee
Transaction Control Technologies (Sa) (Pty) Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Transaction Control Technologies (Sa) (Pty) Limited filed Critical Transaction Control Technologies (Sa) (Pty) Limited
Publication of WO2014203178A1 publication Critical patent/WO2014203178A1/fr

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00896Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses
    • G07C9/00912Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys specially adapted for particular uses for safes, strong-rooms, vaults or the like
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/207Surveillance aspects at ATMs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes

Definitions

  • This invention relates to a method and system for access control. More specifically, but not exclusively, the invention relates to a method and system for access control to a vault such as an automatic teller machine (ATM) by determining an instantaneous risk profile in relation to the ATM in order to control access to said ATM in a replenishment and cash handling environment.
  • ATM automatic teller machine
  • An ATM is a computerised telecommunications device that enables the clients of a financial institution to perform financial transactions without the need for a cashier, human clerk or bank teller.
  • ATMs are known by various other names including ATM machine, automated banking machine, cash machine and various regional variants derived from trademarks on ATM systems held by particular banks.
  • the customer is identified by inserting a plastic ATM card with a magnetic stripe or a plastic smart card with a chip that contains a unique card number and some security information such as an expiration date or card verification value - CVVC (CVV).
  • CVV card verification value
  • Authentication is provided by the customer entering a personal identification number (PIN).
  • gas explosion prevention devices also known as gas suppression system.
  • gas suppression system uses explosive gas detection sensors to detect explosive gas and to neutralise it by releasing a special explosion suppression chemical which changes the composition of the explosive gas and renders it ineffective.
  • Modern ATM physical security per other modern money-handling security, concentrates on denying the use of the money inside the machine to a thief, by using different types of Intelligent Banknote Neutralisation Systems.
  • a common method is to simply rob the staff filling the machine with money. To avoid this, the schedule for filling them is kept secret, varying and random. The money is often kept in cassettes, which will dye the money if incorrectly opened.
  • a further unique challenge of securing ATM cash vaults characteristically requires shared access among several companies. This typically consists of those responsible for the delivery of cash and pulling deposits, as well as those providing 1 st or 2 nd line maintenance. Additionally, for ATMs located at the bank as opposed to off-premises, branch employees may also require entry to the vault during certain hours. Often times, a dual access system is used. Such a system will only grant access to an ATM if two mechanical keys are simultaneously used to unlock the ATM, or one mechanical key and one combination (electronic) key is simultaneously used. Some companies still have their service personnel access the ATM vault by sharing the same lock combination.
  • These personnel may include bank employees, cash replenishers, technical service reps and repair personnel - who all know the one combination that opens an ATM safe (typically holding tens of thousands of dollars in cash). This type of archaic locking method with no accountability or access control equals serious temptation even for the most honest of employees.
  • a system for vault access control including a plurality of information gathering modules for gathering information from external sources in order to determine a risk profile of the vault and to control access to the vault in response to the determined risk profile.
  • the vault may be an automatic teller machine (ATM), to which this specification will refer hereinafter.
  • ATM automatic teller machine
  • the system may also be used in controlling access to safes and vaults in the cash handling environment of banks and retail stores in general.
  • the information gathered by the information gathering modules may relate to personal details of a keyholder, who may be a person wanting to gain access to the ATM or safe, for maintenance, cash replenishment, investigations and the like, and information relating to various external and internal conditions surrounding the ATM or safe.
  • a first information gathering module may be an ATM or safehardware status monitoring system.
  • the hardware status monitoring of the ATM or safe may include status relating to paper in the machine, printer ink, hardware/software faults, paper jams, and the like.
  • a second information gathering module may relate to the cash replenishment load schedule.
  • the cash replenishment load schedule may be a schedule according to which the ATM or safe is normally replenished of cash, which is provided to the keyholder to follow.
  • a third information gathering module may be a human resources (HR) module, relating to the employment status of the keyholder wanting to gain access to the ATM or safe.
  • HR human resources
  • the status of employment may include details such as if the keyholder is still employed, suspended, criminal history or charges against the keyholder and the like.
  • a fourth information gathering module may gather information relating to business in the area in which the ATM or safe is located.
  • Information relating to business in the area in which the ATM or safe is located may include specific information such as whether exhibitions, shows, or any other event is being held in the area, which will affect the normal schedule of cash withdrawals, such as extended hours for operation.
  • a fifth information gathering module may gather information relating to crime levels in the area in which the ATM or safe is located.
  • Information relating to crime levels in the area in which the ATM or safe is located may include information such as the normal level of crime in the area and the existence of incidents such as strikes or uprisings leading to higher than normal crime levels in that area and the like.
  • the system may include time delay means, by means of which, in determined situations, a time delay is activated so that a set amount of time has to pass before the ATM or safe may be accessed, or by means of which the ATM or safe may only be accessed between certain hours of the day.
  • the set amount of time that needs to pass may be selected from various time intervals, depending on, for example, the crime level in the area, and the exact set amount of time, as selected from the time interval may be a random amount of time, not known to the keyholder wanting to gain access to the ATM or safe.
  • the system may include communication means for communicating with a controller.
  • the system may further include communication means for communicating with security systems of the ATM or safe itself, such as locking means of an access door to the ATM or safe, the ATM vault or safe door, and the like.
  • the system may include processing means for processing all the gathered information in order to determine an instantaneous risk profile in relation to the ATM or safe and based on the risk profile to control access to said ATM or safe in a replenishment and cash handling environment.
  • the system further includes communication means for communicating to the keyholder and to grant or deny access to the ATM or safe based on the determined risk profile.
  • a method of controlling access to a vault such as an automatic teller machine (ATM) or safe including the steps of gathering information relating to the ATM or safe from external sources; determining an instantaneous risk profile of the ATM or safe; and to controlling access to the ATM or safe in response to the determined risk profile.
  • ATM automatic teller machine
  • the information gathered may relate to ATM or safe hardware status, cash replenishment load schedule, HR status relating to the employment status of a keyholder wanting to gain access to the ATM or safe, information relating to business in the area in which the ATM or safe is located, and information relating to crime levels in the area in which the ATM or safe is located.
  • the method may include the step of processing all the gathered information in order to determine the instantaneous risk profile in relation to the ATM or safe in order to control access to said ATM or safe in a replenishment and cash handling environment.
  • the keyholder may then be granted access, denied access, or granted access with a time delay to the ATM or safe based on the determined risk profile.
  • ATM automatic teller machine
  • a system for access control to a vault is generally designated by reference numeral 10.
  • the vault is an automatic teller machine (ATM).
  • ATM automatic teller machine
  • the system could also be used in controlling access to safes and vaults in the cash handling environment of banks and retail in general.
  • the system 10 for automatic teller machine (ATM) 12 access control includes a plurality of information gathering modules (collectively referred to as 14) for gathering information from external sources in order to determine a risk profile of the ATM 12 and to control access to the ATM 12 in response to the determined risk profile.
  • ATM automatic teller machine
  • the information gathered by the information gathering modules 14 relates to personal details of a keyholder 16, which is any person wanting to gain access to the ATM, for maintenance, cash replenishment, investigations and the like, and information relating to various external and internal circumstances surrounding the ATM 12.
  • a keyholder will request access to a specific ATM in order to do maintenance thereon or to replenish it.
  • This request for access is sent to the system and in addition to known methods of granting or denying access to the ATM, the present system 10 also bases the decision to grant or deny access on certain external/environmental factors.
  • Any relevant information could be gathered by the information gathering modules 14, but for illustrative purposes only a few are mentioned. This is not an exhaustive list, however, and it is foreseen that other information could also be relevant in determining the risk profile of the ATM 12.
  • a first information gathering module 14.1 is an ATM hardware status monitoring system.
  • the hardware status monitoring of the ATM include status relating to paper in the machine, printer ink, hardware/software faults, paper jams, and the like. This information is generally required in order to confirm that maintenance on the machine itself is required. Should this be the case the keyholder would generally not require access to the vault door and thus to the money stored within the ATM.
  • a second information gathering module 14.2 relates to the cash replenishment load schedule.
  • the cash replenishment load schedule is a schedule issued by the ATM management centre setting out a schedule according to which the ATM is normally replenished of cash, which is provided to the keyholder to follow. Should an ATM suddenly require cash to be replenished more often, the system, by comparing the request to replenish to the schedule, will pick it up.
  • a third information gathering module 14.3 is an HR module, relating to the employment status of the keyholder wanting to gain access to the ATM.
  • the status of employment includes details such as if the keyholder is still employed, suspended, criminal history or charges and the like. It is important for the system to check employment of the keyholder before allowing access to the ATM to the keyholder, as he may have been suspended earlier that same day and could now want to gain unauthorised access to the ATM.
  • a fourth information gathering module 14.4 gathers information relating to business in the area in which the ATM is located. Information relating to business in the area in which the ATM is located include specific information such as whether exhibitions, shows, or any other events are being held in the area, which will affect the normal schedule of cash withdrawals. Although an ATM has a normal replenishment schedule, obviously as the demand for cash increases, by there being an exhibition or the like in the area, the ATM would need to be replenished more often.
  • a fifth information gathering module 14.5 gathers information relating to crime levels in the area in which the ATM is located.
  • Information relating to crime levels in the area in which the ATM is located includes information such as the normal level of crime in the area, strikes or uprisings leading to higher than normal crime levels in that area and the like.
  • the system 10 includes time delay means 18, so that, in determined situations, a time delay is activated so that a set amount of time has to pass before the ATM may be accessed.
  • the set amount of time that needs to pass may be selected from various time intervals for example, a first interval could be 0-3 min, a second time interval could be 4-9 min and a third time interval could be 10-15 min.
  • the time interval selected would depend on the crime level in the area and exact amount of time, as selected from the time interval may be a random amount not known to the keyholder 16 wanting to gain access to the ATM 12.
  • the system further includes communication means for communicating with a controller 20.
  • a controller 20 This would generally only be used afterhours, as the ATM 12 would normally not need to be accessed afterhours.
  • the controller 20 could thus take all the information gathered (and any other relevant factors) into account in deciding whether the keyholder 16 needs to be granted access.
  • the controller would also need to be alerted when an incident occurred at the ATM, for example an ATM bombing. In these circumstances, investigations would need to be conducted and people other than the normal keyholders 16 would need to gain access to the ATM.
  • the system also includes communication means for communicating with existing security systems of the ATM 12 itself, such as locking means of an access door to the ATM, the ATM vault door, and the like (not shown).
  • the system further includes processing means (not shown) for processing all the gathered information in order to determine an instantaneous risk profile in relation to the ATM 12 in order to control access to said ATM 12 in a replenishment and cash handling environment.
  • processing means for processing all the gathered information in order to determine an instantaneous risk profile in relation to the ATM 12 in order to control access to said ATM 12 in a replenishment and cash handling environment.
  • the system further includes communication means for communicating to the keyholder 16 and to grant or deny access to the ATM 12 based on the determined risk profile.
  • a keyholder In use, a keyholder will request a key (an electronic key) to access an ATM, for whatever reason. The reason could be a legitimate reason, such as for replenishing the machine with cash in accordance with his schedule. However, a keyholder could fabricate a reason for gaining access to the ATM in order to steal the cash therein. Therefore, once a request is received by the system, all the relevant information (such as the crime statistics in the area and the credentials of the keyholder, for example) will be taken into consideration before an access key is issued to the keyholder.
  • This request for access is sent to the system 10 and in addition to known methods of granting or denying access to the ATM (encryptions codes, for example), the present system 10 also bases the decision to grant or deny access on certain external/environmental factors and information (as set out above). By taking all this information into account, a risk profile for the specific ATM could be drawn up and based on this, access to the ATM will be granted, denied, granted with a time delay or granted between certain times only.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Lock And Its Accessories (AREA)

Abstract

L'invention concerne un système 10 de contrôle d'accès à la chambre forte comprenant une pluralité de modules de collecte d'informations (collectivement appelées 14) permettant de collecter des informations de sources externes en vue de déterminer un profil de risque de la chambre forte et de contrôler l'accès à la chambre forte en réponse au profil de risque déterminé. La chambre forte est un guichet automatique (ATM), ou un coffre-fort ou une chambre forte dans un environnement de manipulation d'espèces, tel que des banques et des magasins de détail. Les informations collectées se rapportent à l'état matériel d'un ATM ou d'un coffre-fort, au plan de charge d'approvisionnement en espèces, à l'état des ressources humaines (HR) tel que la situation d'emploi d'un détenteur de clés souhaitant accéder à l'ATM ou au coffre-fort, aux informations concernant les affaires dans la zone où se situe l'ATM ou le coffre-fort, et aux informations concernant les taux de criminalité dans la zone où se situe l'ATM ou le coffre-fort.
PCT/IB2014/062362 2013-06-18 2014-06-18 Procédé et système de contrôle d'accès WO2014203178A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ZA201304466 2013-06-18
ZA2013/04466 2013-06-18

Publications (1)

Publication Number Publication Date
WO2014203178A1 true WO2014203178A1 (fr) 2014-12-24

Family

ID=51453777

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2014/062362 WO2014203178A1 (fr) 2013-06-18 2014-06-18 Procédé et système de contrôle d'accès

Country Status (1)

Country Link
WO (1) WO2014203178A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040079683A1 (en) * 2002-10-18 2004-04-29 Diebold Self-Service Systems Division Of Diebold, Incorporated Automated banking machine which dispenses, receives and stores notes and other financial instrument sheets
US20050264409A1 (en) * 2001-03-20 2005-12-01 Jean-Luc Monnier Device for limiting access to a confined space
US20060102717A1 (en) * 2003-04-08 2006-05-18 Wood Richard G Enhancing security for facilities and authorizing providers
US20110016041A1 (en) * 2009-07-14 2011-01-20 Scragg Ernest M Triggering Fraud Rules for Financial Transactions

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050264409A1 (en) * 2001-03-20 2005-12-01 Jean-Luc Monnier Device for limiting access to a confined space
US20040079683A1 (en) * 2002-10-18 2004-04-29 Diebold Self-Service Systems Division Of Diebold, Incorporated Automated banking machine which dispenses, receives and stores notes and other financial instrument sheets
US20060102717A1 (en) * 2003-04-08 2006-05-18 Wood Richard G Enhancing security for facilities and authorizing providers
US20110016041A1 (en) * 2009-07-14 2011-01-20 Scragg Ernest M Triggering Fraud Rules for Financial Transactions

Similar Documents

Publication Publication Date Title
US20240202732A1 (en) Fraud Detection in Self-Service Terminal
US20040158523A1 (en) Method providing contingency access to valuable accounts or information
RU2637746C2 (ru) Способ и система для уменьшения риска грабежа/кражи банкнот
US20080251578A1 (en) Atm security system and method of use
US20040158526A1 (en) Contingency network access for accounts or information
BR112020023048A2 (pt) Método realizado por uma máquina de transação automatizada
JP2017021693A (ja) 自動取引装置
Kasanda et al. ATM Security: A case study of Emerging Threats
US20210004927A1 (en) Systems and methods for security alerts
JP2001043429A (ja) 自動取引装置監視システム及び監視方法
WO2014203178A1 (fr) Procédé et système de contrôle d'accès
US20040158525A1 (en) System and method providing contingency biometric security activation
JP2005150925A (ja) セキュリティシステム
US8746552B1 (en) Card reader activity systems and methods
Bradbury A hole in the security wall: ATM hacking
CN101751727B (zh) 用于监测安装盗卡装置的方法、设备和自助终端
US20200402338A1 (en) Edge computing-based theft mitigation system
Saket et al. ATM reliability and risk assessment issues based on fraud, security and safety
KR20010028146A (ko) 카드 부정이용 방지 시스템
Jain ATM Frauds–Detection & Prevention
Embarak A two-steps prevention model of ATM frauds communications
McIntosh Biometrics–a fad or the future?
KR20240049716A (ko) 전자식의 무인 물품 보관 시스템
JP4319869B2 (ja) 金融営業店における貨幣取引処理装置
Srinivasan et al. Safeguarding of ATM

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14758167

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14758167

Country of ref document: EP

Kind code of ref document: A1