Cash in Hand
Three ways to protect off-premises ATMs
- By Daniel Caggiula
- Sep 01, 2017
If your bank, credit union or non-bank
organization operates ATMs in remote
locations, such as convenience stores
or shopping malls, a bank heist that
occurred in Japan last year probably
caught your attention.
According to news reports, fraudsters
used 1,600 fake cards to withdraw money
from multiple ATMs belonging to the same
South African bank. In just a few hours,
the coordinated attack—focused on ATMs
in convenience stores—drained the bank of
more than $13 million.
While the magnitude of this fraud is rare,
it should give ATM operators pause to consider
the level of security they have in place
around their off-premises ATMs.
Off-premises ATMs can be easy targets for
thieves because they often don’t have the same
level of security or surveillance that financial
institutions have in their own branches.
Also, as ATM operators continue the
transition to EMV or “chip” technology
for bank cards, experts warn that self-serve
ATMs and gas pumps are becoming more of
a target for thieves. That’s because criminals
are rushing to make a buck while magnetic
strip cards, seen as less secure, are still being
accepted by these channels.
According to credit scoring agency
FICO, from 2015 to 2016, the number of
payment cards compromised at U.S. ATMs
or point-of-sale systems rose by 70 percent.
Further, a full 60 percent of those compromises
occurred at non-bank ATMs, following
a similar pattern noted the previous year.
In a recent report about ATM skimming,
the agency said criminal activity was highest
in places like convenience stores.
So what can banks, credit unions and
non-bank operators do to better protect
their ATMs and their customers? Taking a
multi-layered approach to security is best.
Regularly Inspect
Your ATMs
Operators should regularly inspect all of
their off-premises ATMs. Are they functioning
properly? Do they appear to have been
tampered with? Are they located in well lit,
high traffic areas?
It sounds simple, but taking the time to
ensure that all of your remote ATMs are inspected
in person can help prevent issues and
detect suspicious activity sooner.
Deploy High-Quality
Video Surveillance
Ensure you have adequate video surveillance
in place. This means surveillance cameras capturing
the ATM machine and its surroundings,
but also ATM cameras inside the machines
that capture clear views of patrons’ faces.
One recommendation is to use an ATM
camera with High Dynamic Range (HDR), a
feature that merges multiple exposures into
one image with the best balance of lighting
possible. This capability can be invaluable in
ATM settings where patrons’ faces are often
backlit with bright sunlight.
Proper video surveillance not only helps
address crimes like skimming and card trapping,
but it can also help deter other types of
fraud, such as the depositing of empty envelopes
or counterfeit checks.
Use Integrated Video,
Transaction Data and
Analytics
Regularly monitoring transaction data for
suspicious activity is essential to thwarting
ATM fraud like skimming or “cashouts,”
where thieves drain the ATM of large
amounts of cash through nefarious means.
By deploying a video surveillance solution
that’s integrated with ATM transaction
data and intelligent analytics, you can very
quickly detect potentially fraudulent transactions,
or even just suspicious activity, like
loitering around machines.
Integrated video solutions allow you to
very rapidly sort through all of your transactions
and find irregular activity, such as the
same person making multiple transactions
with different cards or someone standing in
front of an ATM for a period of time without
making a transaction (a possible sign of
someone installing a skimming device).
By configuring alerts, the system can automatically
notify you
when it detects this type
of activity.
This article originally appeared in the September 2017 issue of Security Today.
About the Author
Daniel Caggiula is the banking solutions manager at March Networks.