Here’s our take on the top five risks you could face when you don’t upgrade your ATM software stack to the most recent versions:
The impact of large cyber-attacks make headlines, but why do they happen? Outdated software means your ATMs are not running the latest security patches and have software that’s not supported or has been replaced by newer versions. This means hackers have had time to work out how to infiltrate its’ flaws. Consider the WannaCry outbreak in 2017, where more than 160 million computers were affected—those who had delayed the upgrade to Windows 7 found themselves particularly vulnerable.
2. Customer data
Data is a highly profitable commodity to fraudsters, and it’s also your most valuable asset. If your software isn’t updated it’s making it easier for them to exploit flaws and vulnerabilities to infiltrate your consumer’s information. And, the financial penalties for not adequately protecting consumer data can be huge—1&1 Telcom in Germany was fined 9.55 million euros in 2019 for not having the sufficient technical and organizational measures in place to prevent unauthorized access to customer information.
3. Business continuity
While a cyber-attack may not always impact consumers, it can impact day-to-day running of your FI. In 2017, seven of the UK’s largest banks had to reduce operations or shut down entire systems following an attack. . For consumers, being locked out of accounts for hours, let alone days, means they can’t pay their bills or access their finances, and their own credit rating can be hit potentially causing personal ramifications in the longer term and this can significantly damage the FIs brand and see customer loyalty plummet.
4. ATM availability
Consumers expect to find your ATM readily available when they’re looking to access their cash. Outdated software is much more prone to crash, interfering with ATM availability and causing impacted customers, who are now without a reliable self-service access point to you, to go to someone who does.
Without up-to-date software, you’re not compliant. Ensuring that you’re always keeping software current means that you’re meeting regulatory compliance—whether that’s security, local regulations, and PCI (although keeping current software doesn’t make you PCI compliant—there’s much more involved, but you must be current to be compliant).