Battling ATM crime with a blunt sword
by Uwe Krause, President, ATM Security Association
What is the best way to fight the global threat of ATM crime? Nearly all players in the ATM provider chain are putting a lot of effort into answering this question. But they are working either by themselves, with others in their specific segment, or in cooperation with other single players.
While international organized crime groups are acting fast, intelligently and with the backing of huge amounts of money, industry players are fighting in single battlefields and sometimes with blunt swords. It’s time to rethink our strategy in fighting ATM crime.
Evolving ATM threats
Physical, logical and fraud attacks are an everlasting challenge for the ATM industry. Today, physical crime is a diverse threat. Criminals are broadening the range of techniques they use to steal money from ATM installations.
At the same time, organized criminal groups are expanding their activities related to ATMs. These criminal groups are adopting increasingly sophisticated cybercrime techniques to manipulate ATMs by complex logical attacks. Hackers, worms and viruses pose an ever-shifting hazardous environment.
Cross-border ATM fraud continues to cost the banking industry millions of dollars each year. The focus of international fraudsters has widened to include e-wallets and alternative payment products. User IDs as well as other information are popular targets, not just skimmed card data. The targets of these criminal bands are no longer only banks and trading companies but also consumers on a global scale.
Enhancing ATM security is a major issue for all players throughout the ATM provider chain. As global criminal groups involved in ATM attacks are highly organized, fighting against them has to be organized in a similar way.
Existing strategies of individual companies as well as existing industry-specific initiatives are not far-reaching enough to combat threats efficiently, but this is the situation we face now: For instance, ATM manufacturers are working in parallel in Brazil and Japan on country- or at least client-specific biometric solutions or vein authentication technologies to enhance the security of the selected ATM environments. A lack of cross-border coordination and cooperation leads to industry-specific and localized solutions.
This also applies to FIs: Their respective data centers are working on their own as well. For instance, they are using geo-analysis techniques to detect fraud attacks in their own network environment. But missing interfaces to other networks encourage intelligent attacks that can’t be detected easily.
Additionally, the broad variety of country-specific ATM security authorizations for techniques such as ink injection hinders the wide deployment of useful and effective measures to address global ATM threats.
It makes no sense if several players in the ATM provider chain are fighting the same type of attacks and each of these players is acting in a different way. Joining the forces of all players in the ATM provider chain is an effective answer to the increasingly threatening international situation.
If ATM manufacturers, suppliers, service providers, financial institutions, independent deployers, organizations in the card industry and other groups such as government authorities work together to create and share information and develop standards for trustworthy security practices, the overall resistance against ATM attacks can rise dramatically.
To this end, the ATM Security Association was founded in 2014. The association gives every organization affected by ATM security issues the opportunity to work toward minimizing ATM-related risks and to achieve greater effectiveness in a concerted fight against organized crime at a global level.
The cross-industry association acts independently; companies and authorities from all industries are collaborating to reach the same goals. Members are working closely to gather information and develop global industry security standards as well as industry best practices to counter ATM security threats. Members benefit from gaining early access to information about future recommendations, as well as from the chance to shape the content of specific standards.
Addressing global threats
Within the association, ATM-related organizations are working to address the main global threats to ATM security. Members have prioritized the pressing global threats in four areas: skimming and card data compromise; cassette security; software security; and encryption.
The association published its first white paper — on ATM card-compromise techniques and countermeasures — in mid-February. Its next efforts will address software security, i.e., safeguarding ATMs against software attacks such as network sniffing, and cassette security. The association is now collecting data on typical risk scenarios for different cassette types to define best practices for countering specific security risks associated with cash cassettes.
Based on these efforts, the members of the association are developing global industry security standards and best practices to help all organizations affected by ATM security issues to minimize risk and achieve greater effectiveness in the fight against ATM crime. Organizations interested in participating in this work are welcome to join the association.
Learn more about the association at www.atmsecurityassociation.com
The white paper “ATM skimming and card compromise modi-operandi and countermeasures” can be downloaded from the ASA website after registration.