The Standard

ATM security lapses you must know

By Standard Digital | 14yrs ago

By Muthoga Kioni

The Automated Teller Machine (ATM) is one of the most innovative and influential technological innovations of the 20th century. As retail transaction processing systems, they have transformed banking in Kenya. The excruciating days of queuing for hours in stuffy banking halls to withdraw money are now just painful memories.

ATM fraud has consequently become a serious problem. You have most likely received those widely circulated e-mails that warn against one ATM scam or the other.

It is important to know a few facts and features of ATM’s that can alert you to ATM fraud.

In the ATM system, all operations regarding customer Personal Identification Numbers (PIN) and other related material are performed in tamper-resistant computer hardware. These PINs are never made available to any bank staff. Apart from PINs, ATM cards are sent to customers from separate facilities. You should, therefore, be extremely suspicious when a bank employee claims to be privy to your PIN and card information.

The server can ‘forget’

Another perennial problem is simple processing errors. A major source of errors is when ATMs fail to send transaction details if a network outage occurs before a confirmation message was received from the main computer server.

The outcome is that the server ‘forgets’ about the open transactions resulting into various scenarios. Your account is debited with another customer’s transaction or the ATM does not dispense the money yet your account is debited and other customers are not debited at all for their withdrawals.

Another important setback is the handling of inter-bank transactions. It is not viable for several banks to share encrypted keys. So each bank connects to a central switch provided by an external organisation.

This switch contains a security module, which translates the inter-bank ATM traffic and also does the accounting. The switch is highly trusted and if something goes wrong, the consequences could be catastrophic.

A modus operandi, which has not yet been seen in Kenya, but is bound to happen soon, is the use of false ATM terminals. These bogus ATMs resemble the real ones and are used to harvest customer card and PIN data. It is not beyond crooks to acquire a proper ATM terminal with a software development kit and install it in a remote location.

—The writer is an ICT Security and Forensic Specialist. Email: [email protected]

Related Topics

Automated Teller Machine ATM PIN bank robbers robbers criminals fraud
.

Latest Stories

John Kaguchia, the MP with a curious take on health, environment
John Kaguchia, the MP with a curious take on health, environment
National
By Esther Nyambura
1 hr ago
New York court overturns Harvey Weinstein sex crime conviction
World
By AFP
8 hrs ago
155 killed in Tanzania as heavy rains lash East Africa
Africa
By AFP
8 hrs ago
.

The Standard Insider

Firm linked to fake fertiliser calls for arrest of Linturi, NCPB boss
By Josphat Thiong'o 1 day ago
Premium Firm linked to fake fertiliser calls for arrest of Linturi, NCPB boss
Azimio calls for independent inquiry into Ogolla's death
By Brian Otieno 1 day ago
Premium Azimio calls for independent inquiry into Ogolla's death
Scented success: Passion for cologne birthed my venture
By Yvonne Chepkwony 1 day ago
Premium Scented success: Passion for cologne birthed my venture
Prosecution, defense lawyers differ over Sh177m Maasai Mara University graft case
By Julius Chepkwony 1 day ago
Premium Prosecution, defense lawyers differ over Sh177m Maasai Mara University graft case
.

Digger Classified

DIGGER MOTORS

DIGGER JOBS

DIGGER REAL ESTATE

GET OUR NEWSLETTER

Subscribe to our newsletter and stay updated on the latest developments and special offers!

CONNECT WITH US

FOR THE LATEST JOB ADVERTS

join Digger Classifieds telegram channel
The Standard
© 2024. The Standard Group PLC. All rights reserved