CONTINUE TO SITE »
or wait 15 seconds

Article

Why criminals target ATM and debit cards: It's easy

A technologically sophisticated crime requires a sophisticated response.  

September 18, 2011

The following is an excerpt from "Anti-skimming Technology and EMV for the ATM," a guide available for free download after registration.

With increasing sophistication, criminals are able to mimic the appearance of ATM fascias, card readers and other aspects that fool all but the most observant users.

Not long ago, ATM skimmers were ugly, clunky add-ons that gave themselves away. They often didn’t fit right, and looked as if they were made in a basement workshop. But that’s not the case anymore.

“Some criminals are machining their skimmers and they are as good as the original manufacturer’s bezels,” said Steve Bruno, vice president of financial solutions development and support for Nautilus Hyosung America Inc.

Some ATMs have installed mirrors to ensure that no one shoulder surfs for the number. Most customers are well aware of that scam, and ATM etiquette has developed so that people in queue to use the machine stand far enough back to ensure privacy.

Because customer education has all but done away with shoulder surfing, thieves have adopted a more technological approach. A common way to snatch PINs is with a small camera, hidden from sight, with a view of the PIN pad.

In a skimming attack in New York, the criminals affixed a mirror to the face of the ATM, ostensibly to help guard against shoulder-surfing attacks. However, hidden in the mirror mount was a small pinhole camera aimed at the PIN pad. Customers were lulled into feeling they were safe at that ATM, thanks to the security precaution of the mirror.

Depending on the extent of the upgrades and the size of the ATM portfolio, adding anti-skimming devices can be an expensive proposition. From a systemic view, fortifying one section of the ATM network may simply shift the problem to another area.

“It’s not a cheap solution, and one of the things that scares people away is knowing that the investment in adding anti-skimming features won’t totally stop the problem,” said Nautilus Hyosung America’s Bruno.

A number of ATM manufacturers, Nautilus Hyosung and Diebold among them, have adopted the CPK + 6000 series anti-skimming product range from TMD Security as upgrades for legacy machines. The CPK — short for Card Protection Kit — incorporates a variety of technologies to make skimming difficult for criminals.

Available for motorized and non-motorized or dip card readers, the CPK uses radio frequencies to create a protection shield around the card entry slot, which disables any device placed on the card reader. That way, the ATM can remain in service, but the skimming attack is denied.

The CPK is triggered by the Surface Detection Kit, which detects any foreign device placed over the card entry slot. The SDK can detect a variety of materials, including plastic, paper, iron and wood.

Once activated, the CPK can send an alarm to an alarm panel. It also will track the number of skimming attacks at that location.

Diebold Inc.’s Opteva line includes a technology that can recognize a skimmer placed on an ATM card reader.

“It uses a proprietary algorithm along with a sensor to detect skimmers of basically any size or shape or material,” said Terrie Ipson, marketing manager for ATM security solutions for Diebold.

Once a skimmer is detected, security systems also can send an alert. Depending on the system, the alert can be sent to a monitoring center, to a branch alarm or to dispatch local law enforcement.

The Opteva, and the Personas line from NCR, also include a feature called jittering. Rather than smoothly accepting the card, the machine’s intake feature starts and stops in a rapid combination sequence, or a jitter. Any magnetic-stripe information that is copied at the card reader is useless because of the back-and-forth motion.

Jittering alone is no longer sufficient to protect the ATM. Criminals are circumventing jittering by using the DSP. Also, when a customer removes his card from a terminal, the action is typically done in a smooth motion, without jittering, enabling criminals to copy data from the mag-stripe.

Jittering also does not protect swipe-card and dip-card readers. Wincor Nixdorftakes a common approach to stopping skimming by taking the machine out of service if an attack is detected. Many of its machines have a plastic anti-skimming insert in the cardreader slot.

The insert is designed to prevent tampering but does not restrict usage by customers. If the insert is destroyed or the machine is moved by force, the machine is taken out of service immediately.

Protecting against skimming attacks has become a battle of wits with organized gangs of criminals. Unfortunately, stopping the activity in one place may simply shift criminal activity to other locations.

 

 

Included In This Story

Hyosung Americas

Hyosung Americas is a global human experience maker that bridges the physical and virtual worlds. We do this by harnessing our unique combination of a manufacturer’s soul with an innovator’s mindset to build a platform of integrated products, services, and ideas that improve life’s day-to-day interactions for everyone.

Request Info
Learn More
Diebold Nixdorf

As a global technology leader and innovative services provider, Diebold Nixdorf delivers the solutions that enable financial institutions to improve efficiencies, protect assets and better serve consumers.

Request Info
Learn More

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
Eurasian Bank selects Diebold Nixdorf's self-service software
First National Bank to open 30 branches
Romanian man arrested for alleged cash trapping ATM scheme
Replacing the ATM: Pros and cons of new vs. remanufactured
Chase partners with The Points Guy for Make-A-Wish sweepstakes


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'