CONTINUE TO SITE »
or wait 15 seconds

News

NCR raises alarm over ATM network cable skimming

The company says it has received 'reliable reports' of attacks on ATMs using external devices plugged into the network cables, but says they're easily prevented.

February 10, 2016

In case you didn't get the memo ...

This week NCR Corp. issued a security alert citing "reliable reports of NCR and Diebold ATMs being attacked through the use of external skimming devices."

In these cases, thieves plugged skimmers into the ATM network cables in order to intercept customer card data.

Separately, the fraudsters attach a device to the ATM in order to capture PINs. A keyboard overlay was used in an attack on an NCR ATM, a concealed camera was used on a Diebold ATM.

PIN data is likely transmitted wirelessly to the skimming device, NCR said. The company did not say where the attacks occurred.

ATMs at greatest risk are those that have a network communications cable in a publicly accessible location, the NCR advisory said, but noted that "this vulnerability can easily be prevented," NCR recommended that ATM operators take several actions to avoid external skimming attacks:

  • consider all points where card data may be accessible, in addition to the traditional point of vulnerability at the card entry bezel;
  • conduct frequent visual inspections of the ATMs and external connections, and contact law enforcement immediately to report a fraudulent device; and, most effectively,
  • implement secure encrypted network communications.

The PCI Security Standards Council mandated almost exactly a year ago that payment card data transmissions must move from the unacceptably vulnerable SSL protocol to the significantly more secure TLS (version 1.1 or later) protocol.

In April, the council published TLS guidelines and set a deadline of June 1, 2016, for implementation of the new standard. However, in December, the council pushed the deadline to June 1, 2018, citing issues related to implementation in the field.

According to the advisory, NCR provides TLS protection to enable secure encrypted network communications.

Included In This Story

Diebold Nixdorf

As a global technology leader and innovative services provider, Diebold Nixdorf delivers the solutions that enable financial institutions to improve efficiencies, protect assets and better serve consumers.

Request Info
Learn More

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
Bank of Charles Town to change name to Potomac Bank
2 individuals accused of ATM robbery in San Antonio
Eurasian Bank selects Diebold Nixdorf's self-service software
Romanian man arrested for alleged cash trapping ATM scheme
Replacing the ATM: Pros and cons of new vs. remanufactured


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'