Atmia today announced the publication of a new best practice manual for preventing skimming and card data compromises at ATMs in the wake of the recent FICO card alert reporting a 546% increase in ATM skimming between 2014 and 2015 in the USA.
“In the USA and elsewhere, ATMIA has observed significant advances in the technical solutions that ATM deployers can choose to deploy but we have also detected that organised crime gangs are adopting ever more sophisticated tools and techniques that can compromise card data at ATMs,” explained the author and technical editor, Douglas Russell, of DFR Risk Management Ltd. “Version 2 of the guide, published today, highlights the key emerging threats such as Eavesdropping, Network Packet Data Sniffing, Deep Insert and Throat Inlay Skimming and identifies best practices that can be applied to reduce the risk from such attacks.”
Mike Lee, CEO, of ATMIA, urged all US members in particular, to study Version 2 as soon as possible to help stop the rising tide of skimming fraud as the USA continues its long road towards EMV compliance.
“The global cost of ATM skimming is estimated to be more than $2 billion annually and skimming represents 97% of all ATM fraud losses, according to the European ATM Security Team,” commented Claire Shufflebotham, Global Security Director of TMD Security. “ATM skimming losses rose 16% in 2015 to $366 million (€318 million) and the average cost of a skimming incident rose 57% to $88,000 (€77,000).”
Shufflebotham explained the underlying problem for the industry.
“We continue to use the magnetic stripe which is easy to skim. Global EMV migration takes time and until all payment cards have an EMV chip, the magnetic stripe is likely to remain for interoperability reasons. In the meantime, fraud is a moving target. Criminals are inventive and constantly develop new, smart techniques. Faced with this growing challenge, the priority for ATM deployers is to protect their cardholders from fraud. This ATMIA best practice guide provides ATM deployers with helpful insight into fraud trends and available countermeasures to consider as part of a risk management strategy.’’
“I’d like to thank Douglas and Claire for their invaluable guidance in producing this highly topical and important ATM security work,” Lee concluded. “It’s all part of protecting our great ATM technology.”