HOW TO COMBAT ATM CRIME

ATMs, the origin

Round the clock access to our money from any part of the world is a convenience we enjoy today thanks to the development of Automated Teller Machines (ATMs). Little more than four decades ago, however, this possibility did not exist and people were able to withdraw money from banks only during their opening hours. In 1967 it fell to Enfield in North London to inaugurate the first automated teller machine in a branch of Barclays Bank. At first bank managers feared that these automatic terminals would worsen client relations but they soon cottoned on to the advantages of automation.

ATM, the problems

ATMs have spread like wildfire since the pioneer one in Enfield, now adding up to over 2 million around the world, offering huge advantages to both bank and customer. Right from the start, however, their security posed a tricky problem.

The valuable information contained in these devices and the fact that real cash is on hand are obviously tremendous lures for criminals. ATM hacking is now on the rise with some organized and highly sophisticated attacks. This has now become a real headache because both banks and customers are prone to heavy losses. According to figures of EAST (European ATM Security Team), the banks of 22 European countries lost between them 485 million euros in 2008 due to ATM crime.

ATM attacks can be broken down into three types: theft of customer's bank card information or card skimming (magnetic stripe details and PIN), attacks on the ATM's IT infrastructure (and on the networks used to process transactions) and physical attacks at ATMs.

ATM, new threats

One of the main aims of ATM crime today is the theft of the credit card customer information. Until recently these credit cards consisted of a magnetic stripe storing the client identification information, allowing users to authenticate their identity and carry out their transactions safely. The magnetic stripe is easy to copy and falsify, encouraging thieves to perfect malicious techniques to steal this crucial information.

The commonest crime is called "card skimming"; this happens when the card's magnetic stripe details are captured at the ATM by a modified card reader called a skimming device. The captured information is then used for falsifying credit cards for subsequent fraudulent use.

Attempts were made to solve this weakness by introducing EMV smartcards (also known as chip cards). Implementation of EMV cards cuts down crime by reducing the possibilities of stealing magnetic stripe data: 90% of European ATMs are now EMV compliant.

ATM crime has therefore tended towards attacks on the technological infrastructure; criminals seem to have realised that it is more profitable to infect the bank with some kind of malware, to take over remote control of the ATM, rather than stealing user details. The bank does not learn about the crime until afterwards, and this obviously makes it harder to identify the criminal.

Technological weaknesses
Today's teller machines are pretty vulnerable. Many of them employ operating systems like Microsoft Windows (over 85% of security incidents occur on Windows systems) and use IP networks as their communication mechanism. This exposes the system to a high security risks due to the many vulnerabilities in open systems of this type, and they are also prone to malware infection.

GMV Solutions

To mitigate all these risks in a simple and effective way GMV has created checker ATMSecurity, setting up in the ATM a centrally monitored, managed and secure execution and communications environment.

checker is the first ever security product custom designed for financial self-service systems, enabling a centralized check to be kept of which applications are run on the system, which local or remote resources are accessed and which other systems are communicated with. By means of this cast-iron control checker ensures a high security ATM environment cutting off at source any infection by viruses, Trojan horses, worms or other malware, while also preventing any malicious software from being entered or run with access to sensitive ATM resources.

Each ATM in which checker has been fitted has an Access Control List (ACL) giving an exhaustive definition of the processes, system resources (files and libraries) and permitted communications. Any other element not appearing on this list would be automatically blocked. The detail level of these control lists enables an exact definition to be given of what the ATM can and cannot do.

Checker is topped up with a central server for managing and monitoring the ATM network on which the client checker has been fitted. Communication between the ATMs and server is end-to-end encrypted, enabling the ATM's security to be remotely managed and also ensuring that notification of any type of security event detected in an ATM is received in real time.

checker is now up and running in several banks at home and abroad, protecting over 56,000 ATMs around the world. It boasts many top-ranking clients, above all in Spain and Latin America, with an especially strong presence in Mexico, Brazil, Chile and Colombia.