RuchitJagodara
commented
14 hours ago By default, if the card file name is not provided, it is assumed to be the account name as specified in the documentation.
Open Chhavigoyal02 opened 2 days ago
RuchitJagodara
commented
14 hours ago By default, if the card file name is not provided, it is assumed to be the account name as specified in the documentation.
Chhavigoyal02
commented
13 hours ago The creation of the card file seems fine, but there’s an issue with the transaction process. Right now, transactions can go through even if the card file hasn’t been validated. This means that the system isn’t properly checking the card file before allowing transactions, making it useless for validating users.
Ideally, the card file should be used to verify the user before any transaction happens. But since the transaction can proceed without it, the card file doesn’t seem to be serving its intended purpose. This could lead to security or validation problems.
RuchitJagodara
commented
12 hours ago Actually we are checking it on server (bank) side, we have renamed it as password in our code.
Chhavigoyal02
commented
12 hours ago First, I don't see the ATM asking for the password. Second, what's the purpose of the card file in your code?
Currently, the system allows users to create accounts and perform transactions without requiring or verifying a card file. The card file is designed to check account ownership and provide an extra layer of security. However, the lack of proper checks means anyone can bypass this requirement which leads to unauthorized access and misuse of accounts. This issue impacts the system’s overall reliability and leaves it vulnerable to security risks.