hacked-iiAs the US payment card infrastructure continues to move to EMV, fraudsters are turning their targets toward unattended self-service terminals, such as US ATMs, most of which have not yet been upgraded to read EMV chips.

Globally, the European ATM Security Team reported a 19% increase in ATM-related fraud attacks from 2014 to 2015. Debit-card compromises at ATMs located on bank property in U.S. jumped 174% from January-April 2014 to January-April 2015, while successful attacks at nonbank machines increased by 317%, as reported in the Wall Street Journal. Earlier this year, FICO reported a six-fold increase in US ATM fraud from 2014 to 2015.

EMV is deployed in most European markets, but without tokenization and end-to-end encryption, fraudsters can still often intercept relevant card data. What can banks do to protect their ATM machines? Regularly inspect all ATM for skimming and shimming devices and routinely test ATM software for cybersecurity vulnerabilities.

What else can we do? FICO Global Intelligent Profiles (GIP) technology monitors individual ATM machines, allowing FICO® Falcon® Fraud Manager models to detect bursts of fraudulent activity in real time. Falcon profiles cardholders and looks for out-of-pattern behavior. GIP takes this approach to other entities, including ATMs, and spots when terminals show uncharacteristic behavior patterns or align with fraudulent past behaviors for other terminals.zoldi-scott-fico

The following plot shows that GIP quickly identified the burst of ATM fraudulent activity during a recent four-day sophisticated fraud attack.  This is based on the production data of one of FICO’s Falcon clients using the US Debit model with GIP.

Posted by Scott Zoldi

Source: FICO Blog