August 06, 2018 12:00 PM
The memory of the largest data breach in India’s banking sector, in 2016 due to a malware injection is still afresh in our minds. In fact, recent ASSOCHAM study revealed that credit and debit card frauds have witnessed a six-fold increase in the past three years.
Fraudsters are becoming increasingly sophisticated and more efficient in identifying and exploiting vulnerabilities. All businesses including online businesses are losing revenue due to mean-scheming hackers and fraudsters every single day.
To protect business and customers from the continuously changing fraud threats, there is a need for upgrading the prevention solution and adopting latest technologies that offer flexibility, responsiveness, scalability and adaptability without sacrificing accuracy. One must always remember that - staying ahead of fraud is a never-ending battle.
On the backdrop of this, the Reserve Bank of India, on June 21, 2018, as a part of its ‘control measures for ATMs’ correctly directed banks and white-label ATM operators (WLAOs) to implement anti-skimming and white listing solutions by March 2019. In addition, the directive entails all banks and WLAOs to phase-wise upgrade all ATMs with supported versions of the operating system by June 2019. RBI added that any deficiency in timely and effective compliance with the instructions may invite “appropriate supervisory enforcement action.”
By August 2018, the RBI has directed banks to implement security measures such as Basic Input Output System (BIOS) password, disabling USB ports, disabling auto run facility, applying the latest patches of operating system and other software, terminal security solution and time-based admin access should be carried out as the first set of measures.
The central bank has also asked the banks to upgrade all the ATMs with supported versions of the operating system. These upgrades should be carried out in a phased manner and are as follows: not less than 25% of the ATMs should be upgraded by September 2018; at least 50% should be upgraded by December 2018; at least 75% by March 2019 and the rest by June 2019.
Why Should Banks Make the Switch?
For the financial services sector, the process of upgrading IT tools to the latest versions should be a priority. With the potential consequences of continuing to run outdated and unsupported operating systems so high, especially in devices such as ATMs, banks cannot afford to get left behind. The longer financial institutions put off their migration plans, the more likely they are to fail to complete the process before the deadline. If banks are still running unsupported operating systems, they will be exposed to a wide range of issues and security threats. This could also potentially affect the interests of the banks’ customers as well as damage the image of the bank.
The up-gradation to windows 7 and windows 10 will deliver new value and benefit to the banks and its customers. Also, the new technology will help banks gain competitive advantage over their rivals. The upgrading will also benefit the banks in the following ways:
Windows 7 and Windows 10 have emerged as the corporate standard operating system across the world. However, it is beneficial for banks to upgrade to Windows 10 as Microsoft will stop supporting Windows 7 on January 14, 2020. While the shift to Windows 10 will ensure that financial institutions will continue to benefit from security patches and other updates to keep their systems protected, migrations should be seen as much more than guarding against potential vulnerabilities. It should also be viewed as an opportunity to embrace the latest technology and keep up with innovation in the industry. Upgrading to the latest operating system also enables banks to modernize their systems and support branch transformation solutions such as the latest self-service tools to improve the user experience.
Windows 10 will also help organizations integrate technology such as Internet of Things smart sensors, biometrics and contactless technologies into their ATM fleets. With Windows 10 set for a ten-year life cycle, this can ensure that banks are well set up for many years to come. Today, upgrading of ATMs remain need of the hour for banks since it is preferable and indeed far more responsible to implement an operating system that is subject to a significant and continuous investment in security vis-à-vis one which has no response available to new criminal attacks. The clock is ticking for banks that still rely on the old version for their key systems.
India has the third largest number of installed ATMs, behind China and the USA but about 74% automated teller machines (ATMs) of public sector banks are running on outdated software, which makes these machines highly vulnerable to frauds.
With many challenges still to overcome, cash continues to remain the world’s most trusted and fastest form of payment. The ATM remains an extremely important element of the modern retail banking industry. It will continue to play an important role in how banks interact with consumers and deliver services.
Brick-and-mortar, brick-and-click, or completely web-based, it does not matter where payment transactions take place. Organizations must realize that data security and fraud prevention are essential to the success of their entire business. It is no more a ‘Choice’ but a ‘Priority’.