CONTINUE TO SITE »
or wait 15 seconds

Article

ATMIA: ATM security, meeting regulators

This fall's conference brings deployers and regulators together.

July 28, 2008 by Tracy Kitten — Editor, AMC

News about security breaches and the potential for breaches has plagued the banking industry for the last 24 months. Reports about database hacks, stolen PINs and subsequent, unapproved cash withdrawals from consumer banking accounts have put regulatory bodies and financial institutions on alert.

From transaction processors and EFT networks to independent sales organizations and FIs, the ATM industry is continually faced with new security threats and regulatory-compliance demands.

In response to the growing concerns, the ATM Industry Association is partnering with the Electronic Funds Transfer Association to co-host this fall's ATMIA conference, Payments Fraud in the Americas: Trends and Countermeasures.

Bob Bucceri, a consultant for Pennsylvania-based Chaddsford Planning Associates, says EFTA's legislative experience is expected to give the annual conference a more dynamic feel, as well as offer attendees and regulators a venue for discussions about security issues and compliancy requirements that directly affect those who touch or work within the ATM industry.

"ATMIA is great at putting on shows that delve into technology and applications for ATM usage," Bucceri said. "EFTA's sweet spot is the legislative aspect of electronic technology. So by bringing together speakers that are conversant in the legal aspect and the technology aspect, we can give show attendees a three dimensional version of the issues."

The No.1 goal: To provide ISOs and FIs with a better understanding of the role law enforcement expects to play in the transaction-processing realm today and into the future.

"I think attendees will walk away with a better understanding of where regulators and Congress are with some of these security issues," Bucceri said. "These conferences tend to be pretty interactive, so this show will offer a great opportunity also for the regulators to hear from the ISOs and other people in the ATM chain."

Representatives from the Department of Justice and the Department of the Treasury are expected, and security presentations from the FBI Counter Terrorist Unit, the U.S. Attorney's Office and the Royal Canadian Mounted Police are already scheduled.

Lana Harmelink, ATMIA's international director of operations, says she expects the partnership with EFTA to give the conference, formerly referred to as ATMIA West, a more well-rounded perspective.

"The EFTA is able to provide the best balance of knowledge sharing, as well as an opportunity to collaborate with government and administrative agencies that regulate and govern the electronic-payments industry," she said.

Other co-hosted ATMIA events

2006 ATMIA East, co-hosted with Discover/Pulse Discover/Pulse helped ATMIA pull in keynote speaker Mr. Frank W. Abagnale, the real-world "Catch Me if You Can" thief who is now one of the world's most respected authorities on the subjects of forgery, embezzlement and secure documents. 

2003 ATMIA West, co-hosted with Palm Desert National Bank

From an ATM-deployer perspective, that kind of knowledge-sharing will be a big plus, says Jim Hanisch, executive vice president of Co-Op Network, a credit-union-driven EFT network that operates 25,000 surcharge-free ATMs for its FI members.

"We have to start thinking about the future and how we plan to react when cardholder information is compromised," Hanisch said. "Fraudsters have become more skilled. Today you see everything from the false ATM to the false fascia on the ATM. They are targeting PIN transactions with the opportunity to get cash from ATMs. And even though there probably are not significantly more incidents than we had a few years ago, we are seeing more organized fraud incidents that involve gangs, for instance, and the cost of those incidents is getting much higher for the industry."

Working with government agencies and regulatory bodies to combat fraud is the only solution, industry experts say.

"The bottom line is that ISOs and FIs alike need to meet certain industry security standards to protect cardholders," said Rod Reef, a security expert with Citishare Corp., a subsidiary of Citigroup that focuses on ATM and POS transactions worldwide.

Hanisch and Reef, a first-timer to an ATMIA event, will be panelists during Tuesday's keynote session, Major Financial Services Fraud Threats Today: The Industry Perspective.

"The more the public hears about fraudulent situations, and the more they hear about how information can be skimmed or compromised at an ATM in the back corner of the store or at a bank, the more pressure the regulators are going to put on the industry," Reef said. "Overall, it's important for everyone to protect consumer information, but it's also important for the industry to understand what needs to be done."

From hardware protections to software- and server-monitoring tools, Hanisch and Reef say they expect the panel to cover an array of ATM and POS/debit topics that touch on related fraud concerns. Tuesday's lineup after the panel includes sessions about prepaid-card security, PCI standards, debit-card fraud, ATM skimming, and the security of RFID technology and mobile-phone transactions.

Click here to view a copy of the full agenda.

From there the conference takes a closer look at physical ATM security, with a mid-morning session on Wednesday about the growing incidence of ram raids throughout the world.

Richard Gould, the director of Australia-based Lockit Systems, is co-hosting a presentation with Lt. Todd Thomasson of the Dallas Police Department that addresses overall physical ATM security.

Gould, whose company invented ram-raid inhibitor ATM Raminator, is pushing anti-ram-raid technology throughout the world.

"Sydney (Australia) was the ram-raid capital of the world, and through good local policing, and our inventing the ATM Raminator, we were able to reduce ram raids (in Sydney) by 95 percent," Gould said. "Currently, Dallas is experiencing a rapid rise in attacks, but other places in the USA are attack free. The situation was the same here in Australia. I believe there are some key reasons behind localized ATM attacks, and I hope to air those at the Houston ATMIA conference."

Gould says he sees numerous similarities between the two markets.

"Dallas, like Sydney, has a localized news service that is quick to bring us ‘another smash-and-grab story,'" he said. "Regardless of the financial reward, the event creates an interest for copycat attacks."

Add to that the criminals' ability to communicate offline with each other about ram-raid successes, and pockets or regions for ATM attacks quickly emerge, Gould said.

"If the economy gets tighter and some people get desperate, the ATM will become attractive for attack and theft for profit," he said. "It will rank high on the USA criminals' wish list, and when they learn how to steal ATMs successfully, they will have a field day."

Included In This Story

ATM Industry Association (ATMIA)

The ATM Industry Association, founded in 1997, is a global non-profit trade association with over 10,500 members in 65 countries. The membership base covers the full range of this worldwide industry comprising over 2.2 million installed ATMs.

Request Info
Learn More

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'