Banks are finding out that stolen passwords are fueling cardless ATM fraud and point to identity proofing as the most difficult challenge in mobile banking. Robert Capps, VP at NuData Security commented below.
“Traditionally, ATM security has long relied on multi-factor authentication, namely, something you have (an ATM card issued by the bank) and something you know (the ATM card PIN). This requirement to possess a physical card kept ATM fraud largely in check. The presence of a physical card meant you either have to steal the legitimate card from the consumer, convince the bank to send a new card to the fraudster or capture the information from the magnetic strip of an authentic bank card, and re-encode this data onto a counterfeit card.”
According to Robert, “With the advent of cardless ATMs, we’ve entered a brave new world of ATM security, where the mere knowledge of the consumer’s username and password enables a fraudster to withdraw large sums of money from any cardless-enabled ATM. By offering this capability, banks have significantly increased the risk exposure to banking customers, while making theft of deposited funds extremely convenient for the fraudster. Luckily, there are technologies in the marketplace that can differentiate between the legitimate consumer and an illegitimate fraudster, even when the bad guys come armed with stolen valid credentials. And, these solutions can do this without burdening the real user with more hurdles. With the application of behavioral analytics and passive biometrics to this problem, these risks can be largely mitigated and safety returned to the ATM channel.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.