ATM Security: 4 Tips for Protection

GPS, Ink Staining Among Emerging Solutions Being Considered for Security
ATM Security: 4 Tips for Protection
ATM security keeps Terri Ipson up at night.

As the ATM protection "evangelist" at Diebold, the security solutions vendor, Ipson says she is constantly on the watch for the latest emerging threat that criminals are employing against ATMs globally.

"There is no one silver bullet when it comes to ATM security," Ipson says. There is no one method a bank or credit union can use to prevent the myriad types of attacks against their cash machines. As data and logical security breaches become more complex, hackers, worms and viruses pose an ever-shifting landscape of danger. And because these attacks are less obvious than physical security breaches, it's extremely important to implement a logical security system that stops digital crime before it is unleashed.

Ipson is part of Diebold's global security taskforce, which looks at attacks on an international scale. Her 10 years at Diebold have shown her that any type of security attack that happens on one side of the world, once it becomes popular, can migrate quickly. "Usually because it follows the path of least resistance," she says.

"We're always looking for the new ways criminals can break into [ATMS]," she says. "Tools and methods continue to evolve."

Among the ways Diebold is looking to prevent criminals from getting away with ATM crimes include:

GPS tracking placed inside the ATM vaults. "The criminals could not know it is there. It would be the 'lo-jack' of ATMs and would not be visible to the thieves," Ipson says.
Ink staining of the money inside a stolen ATM is also being looked at as a way to prevent the criminals from using the cash inside a stolen ATM. This would work the same way that dye packs do in bank robberies.

Four best practices that Diebold's Ipson offers financial institutions to ensure ATM security:

1) Strong, reliable firewall - this is a critical layer of digital security that should be designed to make all possible electronic points of entry invisible to hackers, viruses and worms. The firewall should be coupled with software that can monitor, analyze and authenticate any outside source attempting to make contact with the ATM.
2) Analytical software - Use it to analyze and compare patterns of data to those of known attacks, and send alerts when suspicious activity is detected.
3) Employ encryption technology - Encrypt all messages transmitted from the ATM to the network with each keystroke. These tools should be configured to the highest security settings possible. And, where possible, ATM security software should be set only to the "limited user" privilege rather than the "admin" privilege, which is far more vulnerable.
4) Effective physical security system - this is another important component to securing any data and should include perimeter surveillance, access control, intrusion detection and a central monitoring station that can be alerted to dispatch immediate security assistance when trouble is detected.

About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.