Skimming Attacks At European Atms Rise 24%

[james.wilson]

13 October, 2010 -- The latest European ATM Crime Report published by EAST, shows a 24% increase in card skimming attacks at European ATMs. 5,743 attacks were reported for the period January to June 2010, compared with 4,629 for the same period in 2009. For the same periods, skimming related losses fell from €156 million to €144 million.

This is the largest number of such attacks reported in a six month period since EAST first began recording these statistics in 2004, although not all countries are reporting increases.

In several cases there have been significant falls in skimming attacks. Anti-skimming measures are now in place at many European ATMs and throughout Europe initiatives are in place to encourage cardholders to shield their PIN at ATMs and payment terminals.

The EAST report shows that ATM related card skimming losses have fallen consecutively for the last five reporting periods, from a high of €315 million in the second half of 2007, to the €144 million just reported. The fall is believed to be a direct result of the effectiveness of the EMV rollout, as compromised European cards are increasingly being used outside of the 31 countries of the Single Euro Payments Area (SEPA).

Domestic losses (losses from national cards within national borders) have fallen 41%, from €41 million in the first half of 2009, to €24 million.

International losses (losses from national cards outside national borders) have risen 4% from €114 million to €119 million. A significant part of these international losses are now occurring outside Europe in areas where EMV has not yet been implemented.

The EAST report also provides statistics relating to other types of ATM fraud, as well as to physical attacks at ATMs, and robberies, and EAST has recently placed seized criminal video footage onto its website, showing how criminals can capture PINs, and how cardholders can protect them.

[hpotter]

try looking for "atm skimming" on youtube.

also never let go of your card

http://www.youtube.com/watch?v=U0w_ktMotlo&feature=related

[arfur mo]

this makes me wonder about security issues with Barclays non contact technology, they show that nerdy guy sliding down the shoot and simply proxing his barclaycard to pay.

while it stops pin surfing/poaching, all they need steal is the card surely?

would it not make more sense and be more secure to have prox fob instead of a pin - or both? perhaps use the bookng in tech recently mention, authorisng the transaction secretly while the user is within range of the atm?

Arfur

[james.wilson]

The main problem imo is that the pin is stored on the card

[hpotter]

agreed.

also think banks look at the losses as a mark down percentage, rather than a crime. they'll do more about it when cost of changes represents good return on capital investment relative to losses incurred by not changing...

... if you get what i mean

[james.wilson]

cant disagree, the losses must be huge, but then if the card holder is liable for any losses are they really that bothered?

[arfur mo]

lot more to it than cost surely?

i'm no finance guru - just ask my bank manager .

but it's also users perception of the security offered against such crimes and fraud which affects card use.

i look at it this way, many i speak to during normal sales or conversation won't use credit/debit cards because of fear of being duped, they won't trust online transactions either, so that must massively reduce the available 'spend' power as a whole (by self denial).

if so, the hidden costs is imho in the reduced possible transaction charges made (including debts run up), which could actually be astranomic to their profits if viewed in the bigger scheme of things.

designing a scheme to make transactions far more secure, simply has to more than pay for it self to my mind.

Arfur

[hpotter]

only have to think back to resitance banks over here had to chip & pin, said wont work like it does in US etc. Was down to cost of implementation. once cheque fraud breached their break even threshold it was rolled out.