Sept. 27, 2012
The ATM Industry Association has announced the publication of a new end-to-end encryption best practices guide for all ATMs. The manual shows step-by-step how to encrypt communications between an ATM and its host.
"In an era of EMV migration, it is important to realize that EMV does not guarantee the privacy of ATM transactions," ATMIA CEO, Mike Lee, said in the announcement. "This manual addresses that gap and I urge all who believe that the best approach to ATM security is to reinforce its whole lifecycle, in order to keep the crooks out of our systems, to study these expertly written best practices."
The new manual, entitled simply End-to-End Encryption for ATMs, is free to ATMIA members. It defines E2EE as the application of cryptography to keep data private as it is being communicated between an ATM and a host.
"As ATM traffic increasingly shifts from closed networks to the Internet, and with cyber criminals targeting cardholder data, and individuals battling to keep their personal information private in an era of surveillance, the importance of encrypting ATM communications simply cannot be overstated," said the white paper's technical editor, Henry Schwarz.
The white paper is free to ATMIA members and is available for download at the ATMIA website.
For more on this topic, visit the security research center.