It may be surprising to many that, even as credit and debit card technology becomes increasingly sophisticated, old-fashioned ATM skimming is on the rise. Skimming involves compromising a card-reading device to capture cardholders’ private and personal data for financial gain.
In the past year, according to ATM Marketplace, ATM skimming fraud has resulted in more than $2 billion in losses at ATMs around the world. Thirty-three percent of all fraud incidents are linked to skimming fraud and 98% of all losses result from skimming crime.
One might think new chip-enabled Europay, Mastercard, Visa (EMV) cards, which are now being rolled out in the United States, would prevent this type of loss. But remember, in today’s environment, cards with EMV chips still have magnetic stripes. Even in countries where EMV chip-enabled cards have been in place for years, skimming activity is increasing. The magnetic stripe data that remains on these cards is still vulnerable to criminals.
Fortunately, new technology is turning skimming on its head—literally.
A few years ago, Diebold began in-depth research on skimming, and on types of ATM engineering that could change the game. Until then, the focus on ATM skimming losses had been after the case, how to stop thieves from attaching skimmers to the card readers or how to prevent communication systems hacking.
Through research, Diebold experts concluded that ATM suppliers needed to change the game—to stop trying to detect skimming devices and attempts, and instead determining how to fundamentally defeat them.
Diebold’s team of innovators flipped the technology with the creation of ActivEdge—the industry’s first complete anti-skimming card reader. ActivEdge requires users to insert cards into the reader via the long edge, instead of the traditional short edge. By shifting the cards insertion angle, the magnetic stripe no longer passes over a fixed point, thereby eliminating the skimming device’s ability to read the full magnetic stripe. This simple change prevents all known forms of skimming including:
The member experience
Sometimes change can cause confusion. For this reason, Diebold performed usability studies to make sure changing the card orientation wouldn’t be an inconvenience for the user.
Consumer feedback was positive. They reported it was fairly easy for them to adapt to the ActivEdge technology. And they actually preferred it, realizing it provided additional protection for their information. Ninety-five percent of consumers who participated in the study not only preferred the ActivEdge card reader over current motorized and dip card readers, but were also willing to change their card insertion behaviors in return for more secure transactions.
Future threats; greater security
Fraudsters will continue to seek new ways to compromise ATM systems while skimming continues to be the largest current ATM security risk. For example, within the past five years, the frequency and types of “logical” attacks—those that attack the systems running the ATMs and their networks—have continued to grow. These include:
Various ATMs have unique features, and some are more vulnerable to specific attacks than others. Diebold’s next generation of ATMs has a significant level of security protection against logical attacks. The default systems have significant anti-attack integrity built in, and then financial institutions can add and turn on additional security features as they need them.
Each credit union is different, and has unique ATM sites, physical locations, hardware connected to the systems, and other characteristics.
Ultimately, it’s multiple layers of security that will make a difference. It’s not just about any one technology at the end point; rather it’s really about the big picture. Diebold’s goal is to give financial institutions options to do business in the most secure ways possible.