Secure ATM Transaction

HOW TO ENSURE				should not compromise their card to anybody. It is akin
SAFE SECURE ATM TRANSACTION				to cash-would you handover you wallet to a person
The ATM is the new technology built for Quick, Easy				you don’t know?
cash transaction. Since it was invented, it has reduced				� SKIMMINGSkimming is a process
long queue in the Banking halls worldwide The				where the magnetic strip at the back of your card is
introduction of the Automated Teller Machine (ATM)				copied using a skimming machine. The major source of
brought succors to Nigerian banking environment as				skimming is through merchant establishments where
long queues in the banking halls began to decrease as				you hand over your card to the merchant and in some
most customer opt to transact through that direction.				instances the card is taken out of your sight for a
This relief however, did not last long as incident of				moment.
fraud resulted in a decline in customer confidence on				It is during this period that fraudsters are likely to copy
ATMs. This article identifies some of the common				the data from the magnetic stripe of your card after
tricks that ATM fraudsters are using to fraud innocent				having watched you enter your PIN when he brings
victims.They uses the Mobile platform instead of the				across the terminal to you. Restaurants, hotels and
internet to complete the carding process.The following				bars are the most common place where these types
tips will Safe you from falling into fraudsters:First, be				of transactions occur and skimming is likely to take
vigilant when you are in crowded ATM machine. Keep				place through assistance from dishonest employees.
an eye out of the people around and note if there is				With card details and the PIN number, the fraudster is
any around who is not making any transaction or who				able to prepare a counterfeit card that is used to
appears to be working in a gang.Secondly, take out				defraud the account.
your card only when you reach the ATM machine and				More sophisticated skimming fraud occurs when a
donot disclose the front or back of you card to any				fraudster attaches a skimming device to the
one.				receptacle that receives the card at an ATM machine.
Thirdly, shield the ATM keypad before entering your				This device is configured to look like a part of the
PIN.				ATM machine. The PIN number is observed by a
1. Finally, choose a PIN that is not easy to guess and				member of the fraud ring and in the more
that involves the rapid movement of your hand across				sophisticated crimes, through a camera fixed by the
the keypad of the machine. Do not choose number				fraudster in such a way that the key pad is tracked
such as 1111, 0000, 2233 but choose numbers that are				and the PIN is captured on camera. This sophisticated
very difficult to guess and that will move you hands all				type of ATM fraud is popular in off-site ATMs where
around the machine. Regulators				there is less security around the ATM.
� PHISHING				Banks are however able to detect it nowadays
Recently, several ATM card customers have has				through the use of Fraud Early Warning Systems
received e-mails purportedly from Inters witch (The				(FEWS) which have the capability to data mine the
switching company in Nigeria) and the Central Bank of				transactions from a defrauded account over a period
Nigeria, stating that there are has been an upgrade of				of time to arrive at the possible points of compromise.
service and in some instances that the company has				There are a few simple precautions that can help you
improved it’s security features and hence the need				to avoid falling prey to skimming.
for the customer to click on the link to ensure that he				1. When you use the ATM machine, check that the
she card is usable. The link appears to be very				card slot does not have any attachment – most
authentic and details requested on the website includes				ATMs look similar. If you are uncomfortable – use
card number, card holder’s name, Personal				another ATM machine.
Identification Number (PIN) and other details that the				At present, there is little evidence to suggest that
fraudster needed to make a copy of the card. Ones				skimming is prevalent in Nigeria. However, to be
this data is received by the fraudster on this bogus				forewarned is to be forearmed!
website, the details are feed into a card encoding				Hacking – Online Purchases
machine and encoded into the magnetic strip of any				The internet is now frequently used to make
plastic card. This card becomes the ‘clone’ of				purchases and other transactions where the card is
the individual ATM card and is thereafter used by the				not physically presented to the merchant. These
fraudster to withdraw funds from any ATM machine				transactions are called Card Not Present (CNP)
across the country. These fraudulent e-mails are also				transactions.
called ‘Phishing’ e-mails. Years ago, they were				All that is required for a purchase over the internet,
in bad broken English and emanated mostly from				email or telephone are your card details and PIN. Some
Central and Eastern part of Europe and the erstwhile				cards have an additional 3 or 4 digit security code at
soviet Bloc Countries using ‘Yahoo’ or				the back which is used on such transactions.
‘Hotmail’ e-mail identities. More recently, the				The site where you use your card to make purchases
fraudsters have become more sophisticated in				may not be a secure site and any data that you enter
creating authentic looking e-mail IDs of the CBN and				onto that site could be compromised. In more
Interswitch. They have also created websites that				sophisticated hacking crimes, websites of genuine and
appears genuine to the ordinary consumer. Consumers				high profile merchants have had their systems hacked
must be aware that Banks and card companies will				with fraudsters stealing thousands of customers’
never asked for a card holder’s PIN number and				card data in one attack. This data is then used to
therefore are urged to call their bank on a Bank				either prepare counterfeit cards or for further web
customer service line not on the number provided on				purchases.For more and quick info
the fraudulent e-mail and confirm the authenticity of the				To protect against this type of theft, do not visit web
request. Consumers are advised to immediately delete				sites that are not ‘secure’. Look for sites that
such e-mails and advise friends to do same.				have a ‘Verified by Visa’ or ‘MasterCard
				Secure Code’ sign for example. If you are unsure
SURFING				of a site, avoid making that purchase.
Fraudster needs some critical data such as card				Carding
number, expiry date, and the PIN number before they				Carding is a process where the fraudster tries to
can clone the card. One of the simplest ways to get				verify the card details that are in his possession
the information is to observe the card holder at ATM				through making a small transaction, typically on the
machine. Quite often, there are one or two members				web, to check if the card details are genuine and that
of the gang watching at ATM machine when it is				the card is not closed. Quite often a charitable
crowded by customers. In most instances, these				institution website is used and a small charitable
fraudsters are baby faced youngsters who one will				contribution is made by the fraudster. Once the
never suspect. Quite often, they are seen punching				transaction is successfully consummated, the fraudster
away numbers in their mobile phones with the				knows that the card account is active and proceeds
information that they have gained. The data is sent to				to defraud the account.
a gang member who is typically in another state. Who				This is a common occurrence today where a number
rapidly prepares a clone card ( it only takes a few				of websites are continuously used by fraudsters to
minutes to clone a card ones the data are been				break into customer accounts. Sometimes, the
received) and he/she will set off to the closest ATM				fraudster may only have the card number but does
for withdrawal.				not have the PIN details and he keeps trying out
SOCIAL				different combinations in an attempt to guess the PIN.
ENGINEERING				Alternatively, the fraudsteo have a role to play with
In some instances, the fraudster tricks the card				regards to easy availability of card Encoding machine.
holder to show him/her the card. He lures the				In developed countries, these devices are illegal.
customer into conversation and comments on the				However, today, they are available freely in Nigeria and
state of the card-for example, that the card looks				off the Internet.
damaged and that the customer should change the				As an industry, Nigeria is moving towards a more
card. The fraudster would then ask the customer to				secure ‘Chip and PIN’. The chip and pin stores
check the card for damage. The fraudster would have				data on the chip of the card rather than the magnetic
gained confidence from his pre using various tactics				strip of the card. This chip is similar to the chip used on
such as offering assistance to the customer who				mobile SIM card an is more difficult to clone. This the
perhaps would have tried to use the ATM without				standard that the entire industry is moving towards.
success or perhaps the customer is not familiar with				Pretty soon, magnetic strip cards will not be in use in
the use of ATM and needs assistance.				Nigeria any more and consumers will once again enjoy
Social engineering is all about gaining trust hence, the				the convenience of ATM transaction.
fraudster poses himself as a member of the staff or				Be vigilant and make sure you protect your ATM card
even security guard, quite simply, and customers				at all times.

Credi View

Secure ATM Transaction

Articles