The Hack: Globally, the financial loss as a result of ATM fraud runs into millions of US dollars. Introduction of EMV cards has certainly not plugged the losses as these cards have been hacked by criminals. Though there are many types of ATM frauds, Card skimming is the top most. This fraud involves installing a card reader over the ATM card slot and then copying the details from the magnetic card to memory.

Criminals  then use the stolen details to create duplicate ATM cards and use strategically placed cameras to read the Pin numbers entered by the user to hack their accounts. This type of hack generates the maximum income for the criminals.  Meanwhile, there are thousands of small scale card printers as well as those who know how to clip in microprocessors on stolen EMV cards to create fake payment cards that are now used in advanced countries.

When fingerprints can be stolen and biometric identities hacked, what is the the big deal about smart cards. This is the reason why people keep getting swiped by ATM Hackers!

The Whack: There is a very simple non expensive solution to this seemingly never ending problem. And that is using out of band authentication. If banks deploy out of band authentication coupled with Two Factor or Three Factor authentication such as the one developed by SecureMyPass, Card skimming becomes history.

atm1As can be seen in the image on the left, without speaking out the voice password or entering a T-Pin on a registered handset, a person cannot withdraw cash from the ATM.

This means there is no need to replace magnetic strip cards with smart cards or purchase additional machinery. A simple Java App installed on the ATMs can ensure the out of band authentication is activated. There have been concerns that voice authentication is not fail safe and recorded voices can be used.

Even SIM cards can be duplicated. Certainly there can never be a 100% secure solution. However, the out of band authentication can certain reduce the losses suffered by banks and their customers to a large extent as the barriers to circumvent the means to withdraw cash from ATM is increased.

Source: Google Image Search

About The Author

"Founded in July, 2016, WhackHack.com is a cyber security blog that covers important security issues affecting common users, industry and governments. It aims to create awareness among its readers about malware, hacking, encryption, identity theft, privacy, etc and also offer solutions to protect themselves from such attacks"

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

eighteen − two =

Close