with a reasonable
frequency.
All these areas should be audited in both the system specification and
implementation to make sure they are not being abridged in the name of
expediency.
6. Summary
In this view of a single institution, a number of failures in the
security system were shown. There was shown a definite failure to
appreciate what was required in the way of security for PINs and keys
used to derive PIN information. An avoidance of up front costs for
security lead to potentially higher cost in the future. The key area
was the lack of audits of the EFT system by both the institution and the
network, causing potential loss to all institutions on the network.
Downloaded From P-80 Systems 304-744-2253 - Since 1980