CONTINUE TO SITE »
or wait 15 seconds

Article

Quite the tale: Tying up loose ends

It came as a surprise to discover that a free-standing white-label ATM I was about to use had something strange going on — a highly conspicuous communications 'tail' running who knows where.

August 20, 2014 by Richard Buckle — Founder and CEO, Pyalla Technologies, LLC

by Richard Buckle
Founder and CEO, Pyalla Technologies LLC

There are occasions when even I have to shop — the family gives me little choice other than to tag along. There’s plenty of plastic being flashed around and increasingly, it’s the debit card that’s become plastic of choice — we have set up separate accounts tied to these debit cards with just enough money to meet our daily needs.

In effect, we are managing our own risk. In a country where chip and pin are still a long way off and where criminal penetration of retailers' customer databases is almost a weekly occurrence, anecdotal tales suggest that many other consumers are following the same trend.

There are downsides, though, when it comes to old-fashioned credit cards — a colleague living in Australia described how difficult it was to obtain a credit card from one of the big four national banks with a spending limit of just $1,000, which he intended to use only when traveling overseas.

And so, as I manage my own risk and set limits as to how much exposure I can bear, it came as quite a surprise to discover that a free-standing white-label ATM I was about to use in my hometown of Boulder, Colorado, had something strange going on — a highly conspicuous communications “tail” running who knows where.

Was the ATM even real? Was it connected to an honorable network? What self-respecting techie would not allow this exposure to detract from the joyous consumer experience of getting cash from a box by the wall?

No, I walked. It’s probably a perfectly legitimate setup and I was probably over-reacting. Perhaps the owner had to connect to the network but the building owner wouldn’t let him tear up the sidewalk or drill through the brickwork. All the same, this was a “loose end” I wasn’t going to mess with.

I'm uncertain about the regulations here but I have to believe it’s all wrong to have your wires on show; if I were to pull back the ATM would I see the wire entering a junction box with a relay? A transmitter? A cheap flash traffic-capture device? It makes the hairs on the back of my neck stand up!

There is the question of what someone intent on mischief could actually see in an encrypted message going across the wire. But with a white-label ATM, how can one be sure?

Encryption capability might be an extra cost that the owner of just a few hundred ATMs is not willing meet. I know of many data centers where critical consoles run without encryption — who gets into the data center these days? Well ... how about your friendly HVAC folks for instance or the third-party fire suppression folks? The motor-generator maintenance team from the local garage? Or the second cousin who has never seen a data center and would so like to walk among the boxes.

No, there’s not a line anywhere in the world that should be transmitting data in the clear, no matter where it’s located.

ATMs carry cash and we all need cash sometimes. Cash is what keeps our economic infrastructure lubricated — whether it’s cash for tips, for a newspaper and a quick espresso on the pier, or to help us pass through lines more quickly at airports and train stations.

None of us really plans to get to our transportation hub a good fifteen minutes early so that we can leisurely buy our cup of Joe on plastic (though Starbucks does its very best to persuade us to do exactly that), tip, payment and all. Try buying a beer and dog at the ballpark and then passing your one and only family credit card across a dozen pairs of hands!

We need our ATMs, and we need them to be worry-free.

In an age when we have become highly security conscious, it takes very little to be spooked. We anxiously sign up for transaction alerts, even as we depend on FIs' fraud detection systems to call us about any unusual activity. "Of course, I deposited a penny every evening this week!"

I am working with clients involved in all aspects of payments processing and they tell me of the horrendous software hoops they are jumping through these days to ensure security — one vendor going so far as to remove any Windows servers from any connection, no matter how remote, that is part of the transaction path. Seriously? Yes, we are at war when it comes to protecting the money we have and we cannot leave any loose ends around for criminals. 

I have one other issue too with the ATM I saw and pictured above. Just check out the enclosure — so 20th century! Wires or not, why crash a store window or door when there’s an ATM all ready for the taking?

After all (and I mean no disrespect here), Boulder is a huge college town where adult beverages are pretty liberally served, and of course, pot is legal too.

Adding two and two together, I have to wonder how long it will be before this ATM disappears. Something I am almost sure I will read about in the local paper sometime soon!

photo courtesy google media

About Richard Buckle

Richard Buckle is the founder and CEO of Pyalla Technologies, LLC. He has enjoyed a long association with the Information Technology (IT) industry as a user, vendor, and more recently, as an industry commentator, thought leader, columnist and blogger. Richard participates in the HPE VIP Community where he is part of their influencer team.

Connect with Richard:

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'