News & Events

News Hub

Businesses learning more about ATM skimmers

Businesses learning more about ATM skimmers

When deploying an ATM at a business, the owner must take security into consideration. This is especially important if the store or retailer only accepts cash as payment. Consumers that withdraw money want to make sure their information isn't compromised, resulting in theft or fraudulent activity occurring under their name. If something happens to their card and the source of activity comes from a retailer's ATM, then it's possible the shop will lose a significant amount of business from wary customers. Vigilance and understanding of criminal activities regarding cash dispensers enable a greater level of security and consumer confidence.

New guidelines ensure better understanding of ATM skimmers

The most common and visible threat in compromising ATM security is skimmers. Criminals and other dubious figures integrate these devices either externally or internally to grab key information during a transaction. That includes the card number, PIN and the bank accounts linked to the card. With this information in hand, a criminal can easily extract money from the account or perform other actions such as launder money or set up fraudulent accounts that, when uncovered, would initially point to the innocent mark.

In order to combat this situation, many organizations are working to identity areas where security can improve. The Payment Card Industry's Security Standards Council established a standards guide that explains all the best practices that a business or bank should undertake to prevent ATMs from being used for criminal purposes.

One example of those best practices is preventing the ATM from suffering from attacks that aim to retain the payment card. It refers to the Lebanese Loop, a type of card trapping trick where crooks place a plastic sleeve on the machine's card slot that prevents its exit. While customers get angry from being unable to use their card or get it back, a criminal waits for the patrons to leave before secretly removing the sleeve, recovering the card and utilizing the PIN they memorized to use the card and empty the account.

Such terms are all over the place, which is why the European ATM Security Team announced a new guideline, the "Standardization of Terminology for locations of Card Data Compromise devices at ATMs," to address this issue. While applying specifically to European issues, American businesses can learn about the various skimmers and how they function. With many evolving from mere card readers at the throat of the card slot, the sophistication of these devices is enough where they're undetectable without significant inspection. Through great care and vigilance, businesses can mitigate the impact of skimmers at the ATM.

December 9, 2015