What security threats will the financial institutions face in 2018?

By : Owen Wild

February 27, 2018 01:00 PM

The ATM Industry Association (ATMIA) recently called on the sector to “stand

together to face down the threats of attack from ATM and cyber criminals.”

There is no doubt that the  ATM will continue to attract the attention of

fraudsters over the coming years, so the onus is on banks, independent

deployers, software developers and other parties to mitigate this risk.


A pivotal year for the ATM industry?
Delivering his new year message in January 2018, Mike Lee, chief executive of

ATMIA, suggested that the coming year could be a highly significant one for all

aspects of the ATM industry, including security.

He acknowledged that criminals will pose an ongoing and evolving threat, but

also stressed that the modernization of the ATM channel will provide great potential and opportunities for

businesses to unlock.


"2018 promises to be a turning-point for the worldwide ATM industry," said Mr Lee. "There is huge consensus and

momentum behind the future-proofing exercise of the industry's search for a new model for ATMs in today's

mobile world. At the same time, the industry has no option but to stand together to face down the threats of

attack from ATM and cyber criminals."

With this final point in mind, what are the threats - old and new - that banks and ATM deployers need to be aware

of in 2018, and how can you protect against them?


Black box attacks
Black box attacks involve the connection of an unauthorized device, such as a laptop, to an ATM. The device can

then be used to instruct the machine to dispense cash. This criminal method is becoming increasingly common in

Europe and has recently spread to the United States.

One of the most effective ways to mitigate this threat is to conduct regular monitoring and inspections across your

ATM network to pick up on any suspicious activity. It's also vital to ensure that ATM software and hardware are

fully up to date to maintain the strongest protection against criminal activity.


Like many industries, banking is facing a growing threat from malicious software and viruses. If it is successfully

installed, malware has the potential to take complete control of an ATM's cash dispensing function, or to monitor

the machine's PIN pad so the perpetrator can acquire card and PIN data.

Up-to-date logical protection is absolutely essential to keep malware at bay and to shield your ATM hardware and

software from criminal interference. It's also beneficial to keep up with the latest trends and developments in



Computer chip vulnerabilities
If an attacker knows where to look, the smallest vulnerability in a computer chip can compromise an entire



Banks and ATM deployers should stay up-to-date with the latest announcements on any potential security

weaknesses in computer chips and install the most recent updates and patches from manufacturers to keep their

network protected.


Skimming and physical attacks
Criminals have evolved their methods to exploit flaws in ATM software and operating systems, but they are also

continuing to use old-fashioned methods such as brute-force physical attacks and card skimming.

There are various solutions available to help you combat these sorts of threats, such as dedicated tools to protect

against gas-initiated explosions and devices that send out multiple signals to prevent skimmers from isolating and

recording payment card data.


As the industry continues to evolve, technologies such as contactless withdrawal could further reduce the risk of

skimming, keeping customer data safe and making life harder than ever for the criminals.

Owen Wild

Security Marketing Director

Other articles by this author

Owen Wild is responsible for marketing strategies for the NCR Security Solutions within NCR’s Financial Solution Portfolio. Over the past 15 years, Owen has held several sales and marketing positions with leading travel and tech cos.