1. Summary and Requirement
           As competition in Chinese financial field heats up, major banks have started to center on their service, providing value-added services and convenient means to satisfy customer requirements, of which the financial self-service has become one of the most important channels of bank services. Today major banks have enlarged the implementation of convenient ATM. In this case, banks and ATM operators have to face such communication problems: How to realize the ATM network conveniently and promptly? How to reduce the communication cost? How to ensure the communication security?
          Recently wireless communication has been employed in many fields as a convenient and high efficient communication method. InRouter wireless routers of Inhand, with the safe and stable performance, have provided solutions of ATM wireless network for many banks.
 
   2. System Solution
 
      2.1. Solution 1: Communication Solution based on CDMA VPDN of China Unicom
        2.1.1 Network Architecture Diagram
 
 
        2.1.2 Explanation of Network Architecture
       Center Network Architecture
             As above figure, the data center is connected the computer room of China Unicom in VPN mode through the VPN firewall or router located far from the center. An AAA server is installed to be responsible for terminal device information certification and IP address distribution.
       Client Network Architecture
            When the dial-up connection between client wireless CDMA routers and China Unicom network succeeds, AAA of China Unicom judges which bank the customer belongs to and sends the client information directly to the bank. Then the bank AAA server judges whether the customer information is legal  and distributes IP address for legal customers. Data beyond CDMA routers is transmitted in VPDN to the bank center, ensuring its security and reliability.
      2.1.3   Application Mode and Advantages
        This Application Mode: VPDN construction by China Unicom, center VPN routers or firewalls are required; the AAA server is to be configured, helping  the data center realize automatic data gathering and monitoring of remote sites.
     Advantages:
            The utilization of VPDN tunnel communication offers the data security and reliability guarantee. Meanwhile, CDMA 1X network ensures the data transmission rate and capacity. Wireless communication application has reduced network instruction cost and brought more benefits for customers.
             VPDN has been widely used in requirements for private network. Thanks to its private wireless network and low cost, VPDN will become a substitution solution for traditional wire private network. It recently has applied in banks, lottery and finance fields.
Successful Cases: Beijing Bank of Communications, Xian Bank of Communications…
   2.2. Solution 2: Data Encryption Solution inside VPDN of China Unicom
       2.2.1 VPDN+IPSec Network Architecture
      
 
 
 2.2.2 Explanation of Network Architecture
    Center Network Architecture
           The data center is connected in VPDN mode to the computer room of China Unicom through the VPN firewall or router located far from the center. An AAA server is installed to sure When the dial-up connection between client wireless CDMA routers and China Unicom network succeeds, AAA of China Unicom judges which bank the customer belongs to and sends the client information directly to the bank. The bank AAA server judges whether the customer information is legal and distributes IP address for legal customers. Meanwhile IPSec VPN connection is established between InRouter wireless routers and firewalls located in the bank center, providing the second strobe of data security protection for banks. After being encrypted by encryption algorithm, customer transaction data is transmitted through two-layer VPN tunnels’ protection, which maximally ensures the data security.
 2.2.3 Application Scope and Cases
      Application Scope: High security required fields, such as banks and financial   enterprises.
     Special Cases: Shanghai Industrial Bank…
     Applicable products: 319C，320C series(CA sub-system required)
 
 3. Comparison between CDMA Access Solution and Traditional Access Method
 
       3.1.1.    Wire Access Method
   Recently wire access has been the most widely used ATM access method. Its advantages and disadvantages are as below:
       1. Conventional Link connection methods: Methods such as PSTN, ISDN and ADSL,
        have disadvantages in long implementation and application periods, poor reusability and real-time performance, high monthly rental and usage cost.
       2. DDN method: This method realizes data gathering and reliable control function with high initial installation and rent charge. Because ATM         communication has a small amount of data, it is unnecessary to employ a DDN private network, which will cause bandwidth waste, long cable-laying  period and high cost.
   
 3.1.2.    CDMA Access Method
    CDMA wireless data transmission is especially appropriate for ATM application for its advantages such as low device cost, safe and reliable data transmission, flexible utilization, etc.
    1. The Construction of a real-time transaction system requires a wide coverage of data communication, unlimited expansion and access points, which help to meet region and cross-region access. Due to the big quantity and city-wide distribution of ATMs, it is not advisable for customers to adopt the wire network method. Furthermore, good extensibility must be taken in to account for the possibility of later extension. At present CDMA network has covered most regions, qualified to satisfy the coverage requirement of a real-time transaction system.
   2. High data transmission rate. The data transmission amount of one swipe with a card ranges from several Kbps to 10kbps, while the actual transmission rate range is from 80Kbps to 153Kbps, which completely satisfies the requirement of this system (≥ 10Kbps).
   3. Low communication cost. If customers build up real-time transaction system by traditional wire means, they need to rent the private network to construct connection. Because service points have to be always connected with the center and the data amount of one swipe with a card is small (several K to 10K), this method will cause the low utilization efficiency of line resource and high cost. While CDMA connection method can promote the utilization efficiency of resource and reduce communication cost for it charges according to the flow .Banks or ATM distributors also can discuss with wireless operators to pay monthly to reduce the charge.
   4. Perfect real-time response and processing capacity. Due to the “always-on -line”feature of CDMA routers, customers can receive simple and quick services without dialing.
   5. Safe and private application network. Advanced network encryption method is used in every sector of the data transmission.
   6. Convenient ATMs arrangement. Thanks to the wireless solution, customers can arrange and remove ATMs freely as customer flow varies.
 
4. InRouter319C wireless routers Product Features
     
     Ø Mobile network access technology: This technology provides access to 2.5G mobile communication network (CDMA), internet access, and the access bandwidth according with that of the bearing network, to support a new network and realize high-speed mobile access.
    Ø VPN: VPN technology, basing on IPSec standard, is employed to realize the safe interconnection of dispersed networks and the construction of seamless industrial virtual private network.
    Ø Connection management technology: This technology utilizes the manageable connection to help connect or disconnect at either network ends and realize on-demand connection, automatic disconnection, and manual activation.
    Ø Disconnection detection, automatic recovery: This technology can improve the reliability of mobile data communication and solve the drop-line problem to provide a reliable communication link for the upper level application.
    Ø Flow management technology: Aiming at the small bandwidth of mobile data communication, flow management method ensures the bandwidth requirement of key applications and high utilization efficiency of limited bandwidth by differentiating the priorities of services to adjust the data flow dynamically.
    Ø Embedded technology: With 32-bit embedded CPU; the system hardware platform provides powerful process function. The system software platform uses mbedded OS to realize safe, mature, steady and reliable service.
    Ø Modularization implementation Technology: With modularization and standardization technologies, the system hardware and software platforms can upgrade and support new technology applications easily.
 InRouter319C Product Functions
  
 
Basic Functions Network Functions VPN Functions Advanced Functions
9－26V Broad Voltage Supply PPP Protocol PPTP Server Time zone function
Support CDMA CHAP Authentication PPTP Client Serial data terminal（DTU）
External EMI protection PAP Authentication MPPE Support Short-message alarm
Log MS-CHAP Authentication IPSec Sever Local and remote upgrade
Status Display Network link detection IPSec Client Network management
Configuration Disconnection detection IKE Network status monitoring
Configuration: Serial Port, Telnet、Web Disconnection detection, automatic recovery Verification Protocol Activation by short-message
Router Dynamic domain binding IPSec Protocol Activation by calling
Guide installation Router management facility PFS Dialing on demand
Reset NAT NATT MAC address binding
10/100M Ethernet Interface Dial on-demand DPD DHCP
Support VPDN Flow management Data encryption algorithm Support static router
Hardware Watchdog Virtual server Data integrity protection  
Network Clock IP mapping Virtual IP mapping  
 
 
Able connection to other VPN devices ,such as VPN routers of Cisco, Netscreen, Beyonder, Huatang Network, linksys、NESCO etc.