Go to:

April 2019
< Mar May >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

ATM Beginning to Stand for 'At Their Mercy'
Monday, June 1, 2015 6:30 AM

Criminals are stealing card data from U.S. automated teller machines at the highest rate in two decades, preying on ATMs while merchants crack down on fraud at the checkout counter.

The incidents, in which thieves steal information from debit cards to make counterfeit plastic, are taking place at ATMs owned by banks as well as independently owned cash kiosks in shopping centers, convenience stores, and restaurants, according to industry executives.

From January to April 9, 2015, the number of attacks on debit cards used at ATMs reached the highest level for that period in at least 20 years, according to FICO, a credit-scoring and analytics firm.

Debit-card compromises at ATMs located on bank property jumped 174 percent from Jan. 1 to April 9, compared with the same period last year, while successful attacks at nonbank machines soared by 317 percent, according to FICO.

The incidents come as banks are racing to issue new credit and debit cards with computer chips that make it more difficult for thieves to create counterfeits. Most ATMs do not yet accept the new technology.

Although merchants will be on the hook to absorb the cost of fraudulent transactions starting in October, that liability shift will not take place for ATM operators until a year later at the earliest. Card issuers currently have the liability for most fraudulent transactions.

Many of the ATM incidents involve a long-established technique in which criminals install devices that capture information from the card’s magnetic stripe. The method, called skimming, sometimes also involves a tiny camera that records the cardholder entering a personal identification number. Criminals use the information to manufacture counterfeit debit cards that can be used to withdraw cash at an ATM or make a purchase in a store or online.

The trend is particularly troublesome because thieves can drain a bank account when they have access to cardholder information. Though cardholders aren’t typically liable for unauthorized activity on their debit cards, issuing banks may have some discretion to determine if the customer promptly reported the theft.

Industry executives say it is difficult to quantify the amount of fraud losses associated with such attacks. Tremont Capital Group, a consulting firm that specializes in the ATM industry, predicts that thieves will make at least 1.5 million ATM cash withdrawals this year. That is only a small fraction of total ATM transactions. A study released last year by the Federal Reserve found that U.S. consumers made 5.8 billion ATM withdrawals in 2012, totaling $687 billion.

FICO said that the latest attacks are occurring in Miami, Albuquerque, Memphis, Philadelphia, and New York City.


Source:  The Wall Street Journal, 20 May 2015