Connect with us
Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Top Stories

Consumer Card Controls Could Have Prevented $11.5m ATM Heist

Consumer Card Controls Could Have Prevented $11.5m ATM Heist

Gordon McKenzie,EMEA MD at Ondot Systems explores how consumer card controls can tackle the challenge of ATM cashouts

Wherever there are users and money there will be cybercrime and fraud. So it is that financial institutions and their customers are increasingly being targeted by global attackers. Most recently, Indian lender Cosmos Bank lost $11.5m after an international criminal network fraudulently withdrew funds from ATMs in 28 countries around the world. That’s despite a warning from the FBI that an “ATM cashout” operation was imminent.

In our 24×7, digital-first society customers increasingly expect to be empowered with greater control over card management.

It’s a move that could have saved this financial institution, and many more like it, millions in losses and brand damage.

Out of control

ATM cashouts typically happen at smaller banks where security controls are less rigorously implemented, there’s less budget to throw at the problem and third-party vulnerabilities may be more obvious, according to the FBI’s warning. Global gangs usually phish or hack their way into back-end systems. Just before the allotted hour, they’ll often remove internal fraud controls such as maximum ATM withdrawal amounts and limits on volume of daily withdrawals, and may also artificially increase customer balances. Forged magstripe cards are then used around the world to withdraw funds in a highly co-ordinated campaign.

This is certainly not the first ATM-based cyber-attack: in 2013 cyber-criminals stole $45m from ATMs, and in 2016 over $12m was taken from cashpoints in Japan using cards cloned from a South African bank. However, the bad news, according to the FBI, is that it “expects the ubiquity of this activity to continue or possibly increase in the near future.” ATMs — unmanned and usually loaded with cash — are also particularly vulnerable to external tampering. Attackers can quite easily attach “skimmers” to the front of the card reader slot to read card info as it’s pushed into the machine, and overlay pads which record the card’s PIN, or motion-activated cameras to record the same information. That provides everything they need to create a clone. It’s no surprise that ATM-maker Diebold Nixdorf has described skimming as a $2bn+ problem globally.

These ATM attacks are also part of a wider pattern of soaring global card fraud. In the UK alone, an estimated £2bn+ was stolen from the bank accounts of cardholders last year, a 38% rise from the previous 12 months. Other figures pointed to steep rises in e-commerce fraud (24%) and fraudulent applications for cards (12%). The bottom line is that as financial institutions and organisations undergo digital transformation to become more competitive, agile and innovative, they’re also exposing their systems to increasingly well resourced and determined cyber-criminals. The vast underground cybercrime economy has effectively democratised access to customer account data, PII, and hacking tools while the anonymising power of the dark web and crypto-currencies have significantly reduced the risk of getting caught. The result? A thriving threat landscape.

Time for change

So what’s the answer? Thousands of financial institutions around the world have already woken up to the possibilities of card control applications. Offering granular control to cardholders through a simple mobile app interface can —amongst other things — empower them to restrict usage of certain transactions. That means in the event of an ATM cashout warning, accounts could be locked down so that even spoofed cards won’t work. If a user needs emergency cash, they can temporarily enable ATM withdrawals, get the money and then disable ATM transactions again. And, while ATM withdrawals are blocked, a user could still enable in-person, e-commerce or other types of transaction.

This granularity extends across a range of scenarios, allowing cardholders to decide where in the world their cards can be used, as well as spending limits, time frames and even merchant categories. It’s all about providing maximum visibility and control over how cards are used, with transaction alerts provide peace of mind when consumers need it most.

Financial institutions can not only reduce fraud rates in this way but also lower call centre costs, improve false decline rates, drive greater use of cards and build closer bonds with their customers. In our always-on, 24×7 world there are opportunities round-the-clock for the bad guys to expose gaps in protection. By handing more control back to the consumer to self-serve, financial institutions are already adding value and supporting digital transformation whilst protecting them and their customers from an escalating fraud epidemic.

The fraud and threat landscape is constantly evolving. That’s why, in order to succeed, our response must be just as innovative.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post