An old method used for stealing card details is drilling holes in the ATM and hooking a data-intercepting device to the card reader in the machine. The problem with the old-method is that the traces of tampering can be easily detected by the bank employees or service personnel.
NCR, a global manufacturer of ATMs has identified a new technique (derived from the old method) that has compromised ATMs in the United Arab Emirates and Europe.
In the new method, hackers target free-standing ATMs, such as those placed in retail locations. Access to the inside card reader is done by opening the top box of the machine by picking the locks.
Since this type of attack doesn’t leave any evidence of intrusion from the outside, the data-intercepting device can remain undetected by bank employees filling the money cassettes or by service personnel.
“…. all observed cases of eavesdropping to date have been against Personas ATMs, however all ATMs must be protected against this form of attack,” NCR says.
NCR recommends an Anti-Eavesdropping kit that provides a physical protective shield around the ATM Card reader for SelfServ and Personas ATMs.