CONTINUE TO SITE »
or wait 15 seconds

News

Fighting Fraud

Advances in technology have provided crimefighters with a wide range of tools to combat ATM fraud, but keeping up with the bad guys is an ongoing challenge.

January 8, 2002

The ATM industry long ago accepted a basic fact of human nature. Put a pile of crisp cash inside a machine, and the criminal element will try to figure out a way to get it.

The methods used by fraudsters and criminals have evolved from simple holdups of individuals to more sophisticated methods such as skimming, transaction reversal and something known to law enforcement types as the "Lebanese Loop." With the flourishing of ATM placements in off-premise and often-deserted locations, the practice of "ram raids" or "crash and grabs" has proliferated.

As these techniques have emerged, so have the ways law enforcement groups work together to slow them down. From sophisticated software to simple consumer education, manufacturers and banks have joined with local law enforcement, the FBI and the U.S. Secret Service to slow the spread of ATM crime and fraud.

"It's a two man race, and we need to remain a close second," said Brian Metler, director of Electronic Business Risk Management for Canada's largest bank, CIBC.

Two kinds of loss

Metler and others involved on the law enforcement side of the equation are hesitant to say how much cash is lost to ATM fraud. Some experts say the problem with ATMs is not as severe as it is with other electronic banking fraud. The cash lost may not be the biggest issue for banks concerned about the reputation of the ATM as a safe way to conduct banking business.

"The security of the customer is the most important consideration," Metler said.

Rob Evans, director financial industry marketing for NCR Corp., agreed that the key issue is maintaining consumer confidence in the ATM.

"It's a significant dollar amount, but a fraction of what a bank loses to credit fraud," Evans said of ATM-related fraud. "ATM is a cash control problem. With credit, you have planned losses that are acceptable in the eyes of stockholders. Nobody plans to lose their cash on hand. With more ATMs and more creative criminals who figure the penalties aren't as significant as other crimes, it's become a bigger issue."

Still, Evans said ATM fraud is often overlooked. "It's probably in the millions, but spread out so that no one individual feels a lot of pain."

Evans said NCR's role is important because as a manufacturer it sees every type of ATM fraud across a large number of banks.

"We see everything and act as a clearinghouse for information," he said.

Unconventional techniques

As such, Evans has plenty of strange stories in his arsenal, such as the time a group dropped through the ceiling of a bank to get to an ATM, only to be held up because bank executives had placed all the chairs in the room where the ATM was located, slowing the perpetrators down just enough for police to arrive.

Another gang's M.O. was to break into rooms with access to ATMs and use a power tool to break into the ATM. Authorities set up an alarm that was tripped when the flow of power through a particular outlet surged, enabling police to arrive before the burglars were finished.

Efforts to identify and catch the criminals have been most effective, Evans said, when several law enforcement agencies, along with banks, retailers and manufacturers, work together and share information and trends.

A collaborative effort

Jim Gaughran spent 22 years with the U.S. Secret Service in the financial crimes division before retiring six years ago. He now works in the U.S. Department of Veterans Affairs in Washington and is president of the International Association of Financial Crimes Investigators. The IAFCIhas 36 chapters, and members share information on an Intranet Web site and hold seminars designed to educate law enforcement agencies.

He said the ATM industry has done a good job in building public trust, but that it faces new obstacles.

"Anyone knows you only see a teller five percent of the time you used to. Crime is changing, and we must address the current criminal," Gaughran said. "Skimming is an industry-wide problem."

Those who follow ATM fraud agree that the number one problem for law enforcement is skimming, a high-tech method of capturing card data and PINs in order to make withdrawals from a machine. Typically, skimming occurs when a device is attached to an ATM which captures a customer's card information, while either a camera records the customer entering a PIN or an accomplice obtains the PIN by "shoulder surfing," or watching the customer from behind.

Scam artists are able to manufacture duplicate cards with the same card number, expiration date and PIN number, and then use those cards to withdraw cash from machines. Often false deposits made with the card accompany these acts, in which empty envelopes are inserted in the machine as hefty deposits to build up the balance, which is then depleted using the card for withdrawals.

Gaughran said the scope of every new scam makes communication among law enforcement agencies essential. Technology solutions only go so far.

"Money is spent on development (of preventive systems) and rolled out, but they don't realize there is a whole group of people trying to break new systems," he said. "And everything is global now. If it's happening in L.A., it's probably happening in New York at the same time."

Gaughran said the FBI and the Secret Service helped create regional task forces in 1990 to combat financial crimes, and these forces work with local police, banks, the Internal Revenue Service and even the U.S. Postal Service to communicate information about criminal activity.

Policing in Real Time

One of the most effective means of slowing crimes based on skimming is the use of sophisticated software designed to catch fraud while it is taking place, and at least stop criminals from using the same card for repeated transactions.

Metler said that CIBC had instituted a program designed by ACI Worldwidecalled PRM (Proactive Risk Manager) earlier this year. Effective for limiting skimming, the software recognizes unusual activity on an account and alerts the bank's fraud department. Once that is accomplished, the bank can put the card on "warm" status, meaning it can't be used, until it contacts the customer to determine if the transactions are legitimate.

Metler said CIBC is the first Canadian bank to install such a system, and is elated with the results.

"It has exceeded our best-case business scenario," he said, adding that the system, installed during the spring and summer for CIBC's network of 4,200 ATMs, had helped reduce losses.

He said that the system establishes a threshold for unusual activity on a particular card, such as odd deposits followed by a balance check and then a large cash withdrawal. In these cases, it could be a false deposit from what he calls a "fraudster."

Metler said that the customer is contacted within hours to determine whether or not the activity is legitimate. When customers have been contacted, even for false alarms, they've been generally supportive of the bank's efforts.

"People think we're giving them the best level of assurance against fraud. I haven't had a single negative response," he said.

Metler calls the system a move to a "real-time" risk management framework, a step beyond the old system whereby the cardholder might not be aware that a card had been compromised until after a long weekend. That's the time many groups of fraud perpetrators choose to commit skimming crimes, because they can often use the card during that period before it's reported stolen or lost.

Brian Fisher, product manager for the PRM product at ACI Worldwide, said the system is in place at 25 banks, retailers and processors around the world, including Bank of America in the U.S. He said it uses neural network technology to detect unusual activity.

"It understands what fraud looks like and asks 'Does this look like you,' " said Fisher, who claimed the system has resulted in a 30-40 percent reduction in ATM losses in most installations.

"The technology is extremely effective because criminals can never know how you use the card and they can't copy your behavior," Fisher said.

ACI Worldwide, of course, isn't the only company to have released fraud detection software. In October, the American Banking Association endorsed a product made by Carreker Corp. called FraudLink-PC, targeting community banks. It hopes to fight a rising trend in check fraud involving deposits, which increased from 49 percent to 67 percent from 1997 to 1999, according to an ABA survey. The Carreker software compares account activity with account history to detect suspicious activity.

Keeping up

Of course, criminals use technology to their advantage as well, and some work in organized groups to compromise ATMs. These gangs are organized, fast and efficient.

NCR's Evans said a typical ATM attack is accomplished with four to eight individuals using heavy duty tools to open the ATM and take cash. The attack may last no longer than five minutes, and gang members known as YACS (Yugoslavs, Albanian, Croatian and Serbian nationals) are notorious for their ability to compromise ATMs. Evans said groups of Venezuelan nationals and Russians have also been identified as gang members who use a number of relatively sophisticated safecracking techniques to defraud ATMs.

Another criminal development that has reached worldwide scope is transaction reversal. The criminal obtains a card by opening an account with false identification or by having a card sent by a bank through the mail. Tools are used to trick the ATM into error conditions, which alert the ATM to continue dispensing cash without removing money from the account.

Evans said this works especially well in locations with little activity, where a criminal can sometimes spend hours alone with the ATM withdrawing cash.

With the "Lebanese Loop" scam, a device is attached to the ATM which actually captures the card, leaving the customer to walk away assuming a technical error has occurred. The bad guys then are able to extract the cards and use them. Evans said it's an especially troubling technique because it uses actual cards and PINs and has been seen worldwide.

Evans, who is responsible for monitoring activity throughout North and South America, said the same scams seem to appear everywhere, though some are more popular in certain regions. For example, he said the U.S., with its proliferation of off-premise ATMs, has seen an increase in "ram raids." Canadian authorities face lots of skimming activity, while in Brazil the bigger problem is whole card theft.

Evans added that the most effective way to stop many forms of fraud is simple customer education. In fact, he said advertising programs by Latin American banks have been effective in making customers aware of techniques used by scam artists.

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
AML Software sues Athena Bitcoin, adding to existing legal woes
European banks embrace stablecoins
Dutch resident arrested in Thailand for alleged ATM theft
Rat breaks into Indian ATM, consumes cash
Citizens to provide $20M for workforce development


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'