Motivation

General Bytes developed a framework of tools that help operators to automate testing of their ATMs to ensure that operation of their ATMs is error free and stable. Although GB tests their software 24/7 for bugs and code quality it is practically impossible to test all of the possible configuration combinations that operators can set. With the hundreds of possible settings in CAS and on terminal every operator has a unique setup. How do you make sure that operator’s terminals are behaving as expected in all of those combinations that are facilitated by operators? ATTT is the answer.

Quality assurance at GB side

Every time GB adds a new feature into the product or fixes a bug the following flow is executed:

Engineer writes a new code and tests his new feature in a separate development branch.
Engineer’s code is reviewed by other engineers, corrections are made and code is added(merged) into the next new release. Security aspect of the solution is also evaluated.
Upcoming new release (RC - release candidate) is automatically tested on 1 million transactions every night ensuring the server performance and stability of basic scenarios hasn’t been affected.
Each newly added feature/bug fix in RC is again manually tested by QA engineer. QA engineer also check whether the implementation is easy to use and foolproof.
A standard test suite is executed by QA engineer including making sure that terminal is possible to connect server using VPN, perform transactions and upgrade to even newer RC.
When all features are approved by QA lead the release is signed by GB key and distribution of release to the operators can begin.
Release is no longer candidate but an official supported release and is placed at secure storage where it is downloaded by the operators.

Quality assurance at operator's side

Before performing an upgrade of the production environment the ATM operator is required to follow pre-upgrade best practices that includes testing of a new release in testing and pre-production environments.

What operators should perform include:

Testing new features on his testing/development environment making sure he understands what the features are for, how to use them and how to configure them, how they impact his operation.
Executing tests on operator’s pre-production environment. Making sure that ATMs perform transactions as expected when production system identical configuration is set. This step can take hours of human work as the operator’s QA staff needs to check every step their customer can take in ATM’s UI and needs to make sure that all steps work. ATTT is here to make this step 1000x more efficient helping operator to qualify new release in matter of hours instead of the days.

How ATTT works

Connector and server

GB has built an ATTT connector into it’s terminal software enabling terminal to transmit ATM’s screen contains to ATTT server that is centrally operated and maintained by GB. Operator(ATTT user) is then able to log in into the ATTT server via browser and not only see contains of the screen but also click with mouse at the screen causing clicks to be delivered back to the machine as if they were customer’s finger touch events. ATTT user is not only able to click at the screen but also able to insert virtual testing cash or send QR codes and keyboard events. This enables Operator’s QA engineer to perform tests from home, but there is more read bellow.

Automation

Helping operator’s QA engineer to test machine’s UI remotely is not the complete goal of ATTT. The goal is to perform these remote tests automatically. For that GB recommends using existing tool called SikuliX which enabled QA engineers to write Python scripts that look for the texts and images at the ATM’s screen and automatically clicks at them simulating the customer’s interaction. This enables operator not only simulate and test successful transactions at the ATM but also test negative scenarios like reaction of the machine on scanning an address that is banned, going over the limits and all other scenarios that QA engineer didn’t have time to test when he was doing all tests manually.

GB also delivers (to be publicly available in November 2024) his own set of the tests that operator can start to build on.

Activation

By default for security and other reasons ATTT connector is not trying to connect to ATTT server.

ATTT has to be first activated at the terminal, in CAS and at the ATTT server.

Steps that operator needs to take to get ATTT working:

Choose and dedicate one or more machines for ATTT testing. It is recommended to have at least one machine from each model. Machines and CAS need to be on version 20240901+.
Connect selected machines to CAS and collect serial numbers of the machines. It is recommended not to connect machines to production CAS for security reasons.
Identify persons in your organization that will have access to ATTT server and collect their email addresses.
Contact GB support requesting access to ATTT server for selected serial numbers and selected email addresses.
GB will send you back activation archive and sends invitation emails to your ATTT users.
Set in special configuration of each terminal that you want to get connected to ATTT server following string attt and reboot the machine.
Extract contains of activation zip archive received from GB support on flash drive. Flash drive needs to be formatted as FAT32 filesystem(not ex-FAT).
Take out the cashbox from the machine and enter advanced administration menu.
Click at UPLOAD ATTT KEYS button and insert the flash drive into the machine’s free USB slot. You may need to disconnect printer for a while if none of the USB ports are fee. This will cause machine to copy the activation keys from the flash drive to the machine’s internal storage.
You can now remove the flash drive from the USB port.
Now press in the administration button ENABLE ATTT . After pressing a button machines starts connecting to ATTT server. If you don’t see button ENABLE ATTT you probably didn’t upload valid activation keys.
Terminal is now active and connected to ATTT server. Activation is valid for one year and has to be reactivated every year with new activation files.
Login to ATTT server and click at the terminal’s serial number in the list of terminal serial numbers. You should now see what is displayed at the terminal and be able to perform clicks.
Try manually performing transaction.
Install SikuliX tool and start writing your tests.

Deactivation

ATTT connector can be deactivated in advanced terminal administration at the terminal by clicking at the button DISABLE ATTT. Rebooting terminal deactivates connection to ATTT server. You need to revisit advanced administration at the terminal and press ENABLE ATTTbutton again.

Security

Terminal is connected to GB’s ATTT server only when ATTT connector is activated at the terminal.

Activation requires:

Physical access to the terminal’s cash
Enabling setting in CAS
And activation at ATTT server performed by GB.

Terminal connects to GB’s ATTT server using HTTPs Websocket protocol using client certificates issued by GB uniquely for each terminal’s serial number. Certificates are transferred into the machine using USB drive.

Communication with ATTT server is NOT routed via built-in VPN network, but it is transmitted directly via open Internet to ATTT server listening at port 7741. Configure your network firewall settings accordingly.

ATTT functionality has been security audited by an independent security auditor company.

Accessing terminal from ATTT server

Once you received activation keys from GB and you connected your terminal to ATTT server you can login to ATTT server at https://attt.generalbytes.com