2. Round the clock access to our money from any part of the world is a
convenience we enjoy today thanks to the development of Automated
Teller Machines (ATMs). Little more than four decades ago, however, this
possibility did not exist and people were able to withdraw money from
banks only during their opening hours.
ATMs have spread like wildfire since the pioneer one in Enfield, now
adding up to over 2 million around the world, offering huge advantages to
both bank and customer. Right from the start, however, their security
posed a tricky problem.
3. • Scheduled and random physical checks of ATMs by branch staff and
technicians;
• A detection system that senses and sends an alert -- and/or takes the ATM
offline -- when anything is attached to the card reader, keypad or fascia;
• Jitter technology, which uses a start-stop motion when a card is inserted;
4. • The use of software/behavioral analytics that recognize anomalous or out-
of-character behavior for the cardholder or a terminal . "I call it 'collision'
analytics -- when two things occur at once that don't make sense," Wilhelm
says, such as a card being used at an ATM that the cardholder never or rarely
visits, or withdrawal amounts and transaction times that are not consistent
with the cardholder's patterns;
• Reliance on a jamming mechanism, which detects, via an electromagnetic
field, when a skimmer is placed on an ATM and "jams" or disables the
skimmer.
5. Banks and credit unions should also regularly check vestibule log files, to
track who's accessing the ATM and when.
Each ATM in which checker has been fitted has an Access Control List (ACL)
giving an exhaustive definition of the processes, system resources (files
and libraries) and permitted communications. Any other element not
appearing on this list would be automatically blocked. The detail level of
these control lists enables an exact definition to be given of what the ATM
can and cannot do.