In today’s high-tech society, personal security has become a real concern for consumers. The rise of identity theft and financial fraud has begun to regularly make the news – from small financial institution (FI) debit/PIN hacks to major retailer breaches such as Target and Neiman Marcus. A recent study from LexisNexis reports annual fraud reached $32 billion in 2014, a 38 percent increase from 2013.
EMV migration is believed to be contributing to increasing in fraud activity in the United States. As the majority of the world expands implementation, criminals flock to the path of least resistance – a non-EMV compliant U.S. market. Experts predict U.S. FIs and retailers will continue to see an increase in fraud until EMV compliance is met. In response, retailers and FIs are beginning to roll out EMV terminals and cards in preparation for a fast switch.
In the meantime, attacks on consumer accounts continue to loom heavy for U.S. financial institutions – combining financial losses with a loss of confidence from FI cardholders. As a remote account access location, ATMs are often considered by fraudsters to be a vulnerable target.
Fortunately, many security threats can be prevented through consumer awareness programs. It is important for FIs to communicate appropriate security measures for their account holders. This information includes regular account and PIN password reset reminders as well as advisory information regarding retailer point-of-sale fraud and other basic safety information.
ATM users should be reminded of the five foot rule – review the five foot area around you to ensure clear space – to help keep them aware of their surroundings throughout transaction activity. Covering PINs is also a best practice item for account holders. Covering the keypad with a piece of paper or hand during entry can be effective in shielding personal information from hidden cameras, shoulder surfers and remote viewing. Finally, it is helpful for account holders to be made aware of the standard configuration and look for ATMs utilized by the FI. This knowledge allows users to avoid using ATMs that do not meet the appropriate appearance specifications.
Efforts on part of the FI to ensure account holder safety are a good addition to general security measures. There are several available security items to assist in fraud prevention at the ATM.
EMV – Chip-card technology, while still in the implementation stages in the U.S., may be one of the most important innovations for FIs when it comes to fraud prevention with issued cards and ATMs.
Updated Card Scanners – ATM manufacturer Diebold has released a new card reader requiring users to insert their cards via the long horizontal rather than the short end. The design prevents criminals from using the typical skimmer overlay or replacement attachment. Jitter readers are also available – a system designed to vary the speed of the card as it enters and exits the reader, creating an inconsistent for any attached skimmer.
Foreign Object Detection – Some ATMs are equipped to recognize the attachment of foreign objects such as skimming devices and false PIN pads. In response, the machine will begin to emit a signal to disrupt the attached device.
Updated Fascia – Fraudsters often develop skimmers to fit over or replace current card reader designs. As a result, some ATM manufacturers now offer a variety of card reader designs – allowing an FI to change out their card readers.
ATM Monitoring/Lockdown – Some criminals avoid attacking the physical ATM, opting to attack the software of the machine instead. Remote diagnostics can provide insight into non-standard ATM activity. Utilizing firewalls and external source authentication can effectively lock the ATM from hackers, virus and worm attacks.
Consistent changes in technology and tactics are putting retailers and financial institutions at increasing risk for fraudulent activity. In response, it has become even more important for FIs to push a greater focus on prevention – both internally and externally with their account holders. Regular security message programs and general preventative measures can significantly increase overall safety as well as increase communication and trust with account holders.
An industry leader in the payments space, Paul Albright is Executive Vice President of Outsource ATM. Connect with Paul on LinkedIn or follow him on Twitter.
President & CEO of Outsource ATM, Troy LeBlanc has been helping financial institutions address their ATM needs for almost 20 years. Connect with Troy on LinkedIn or follow him on Twitter.