Atm Manufacturing Compnies
... are long overdue. By the end of this year, the Payment Card Industry Security Standards Council is expected to release guidance on the issue as well as a set of “best practices” to enhance security at ATM machines everywhere. ... However, consistent best practices need to be laid down for everything from manufacturing to distribution to maintenance of ATMs. ... Privacy Policy by TRUSTe Better Business Bureau Switch Commerce Better Business Bureau A Plus Rating. Copyright ...
Atm Manufacturing Companies
ATM security is a big concern for the PCI council. With ATM fraud becoming easier, new security measures are long overdue. By the end of this year, the Payment Card Industry Security Standards Council is expected to release guidance on the issue as well as a set of “best practices” to enhance security at ATM machines everywhere.
ATMs are subject to a number of security holes, one of the more popular being skimming. Skimming is the process of attaching a fake card reader to a real ATM. The unsuspecting user then swiped his card through the fake scanner and enters his PIN number into the machine. The card data is stored on a nearby computer or cell phone so that it can be decoded later. A nearby camera records the user’s PIN number.
Often times, skimming equipment is kept in place for just a short period of time – a few hours at most. The fake readers are attached to the real ATM reader with double-sided tape or some other temporary adhesive. While it might sound high-tech, it’s really a pretty simple way to defeat current existing security measures.
ATMs have moved away from the green and black screens and have become increasingly complex. Because of this, many financial institutions have outsourced management of ATM machines to third-party vendors. These vendors may not have the same security standards as the issuing bank, but banks and other institutions use them in the hopes that third-party management can act as another layer of protection to the bank’s inherent machine security.
By it’s nature, an ATM doesn’t need a teller or attendant, but this doesn’t mean that the machine should be completely ignored. More frequent ATM monitoring, including regular inspections to uncover tampering, may mitigate scams like skimming.
The PCI council is releasing ATM security guidelines that are currently being reviewed by member institutions. The review period ends November 13th, at which point the council will begin reviewing feedback to make an official set of guidelines. The council’s main concern is PIN pad security, since a PIN is the “key” to a user’s bank account. However, consistent best practices need to be laid down for everything from manufacturing to distribution to maintenance of ATMs.
It’s not clear whether PCI compliance would be mandatory or whether the guidelines would simply be suggestions for best practices. Enforced compliance would ensure consistent security across all manufacturers and financial institutions. PCI compliance, on a voluntary basis, would be difficult to enforce if the guidelines are mere best practices. While encouraging, best practices set the minimum level of security recommended in the industry.
The minimum has never been ideal, especially in credit card and ATM security. This is evidenced by the fact that credit card fraud has reached such a fever pitch that leading card makers are now creating tightened security measures built right into their cards, called EMV chips. The safety and security of consumers’ card and banking information hangs in the balance. Only time will tell if the PCI council will up the ante.
Trip Ochenski is Switch Commerce customer support manager and ATM specialist. For more information about Switch Commerce products, please visit our contact page.
Complete this form so a Switch Commerce expert can answer your questions and provide the perfect combination of technologies and services for you.
ATMs are subject to a number of security holes, one of the more popular being skimming. Skimming is the process of attaching a fake card reader to a real ATM. The unsuspecting user then swiped his card through the fake scanner and enters his PIN number into the machine. The card data is stored on a nearby computer or cell phone so that it can be decoded later. A nearby camera records the user’s PIN number.
Often times, skimming equipment is kept in place for just a short period of time – a few hours at most. The fake readers are attached to the real ATM reader with double-sided tape or some other temporary adhesive. While it might sound high-tech, it’s really a pretty simple way to defeat current existing security measures.
ATMs have moved away from the green and black screens and have become increasingly complex. Because of this, many financial institutions have outsourced management of ATM machines to third-party vendors. These vendors may not have the same security standards as the issuing bank, but banks and other institutions use them in the hopes that third-party management can act as another layer of protection to the bank’s inherent machine security.
By it’s nature, an ATM doesn’t need a teller or attendant, but this doesn’t mean that the machine should be completely ignored. More frequent ATM monitoring, including regular inspections to uncover tampering, may mitigate scams like skimming.
The PCI council is releasing ATM security guidelines that are currently being reviewed by member institutions. The review period ends November 13th, at which point the council will begin reviewing feedback to make an official set of guidelines. The council’s main concern is PIN pad security, since a PIN is the “key” to a user’s bank account. However, consistent best practices need to be laid down for everything from manufacturing to distribution to maintenance of ATMs.
It’s not clear whether PCI compliance would be mandatory or whether the guidelines would simply be suggestions for best practices. Enforced compliance would ensure consistent security across all manufacturers and financial institutions. PCI compliance, on a voluntary basis, would be difficult to enforce if the guidelines are mere best practices. While encouraging, best practices set the minimum level of security recommended in the industry.
The minimum has never been ideal, especially in credit card and ATM security. This is evidenced by the fact that credit card fraud has reached such a fever pitch that leading card makers are now creating tightened security measures built right into their cards, called EMV chips. The safety and security of consumers’ card and banking information hangs in the balance. Only time will tell if the PCI council will up the ante.
Trip Ochenski is Switch Commerce customer support manager and ATM specialist. For more information about Switch Commerce products, please visit our contact page.
Complete this form so a Switch Commerce expert can answer your questions and provide the perfect combination of technologies and services for you.
No comments:
Post a Comment