 "NCR Adds Value To Consumer Protection In The ATM Channel")
To discuss the very topic, Biztech2 spoke to Nikhil Mhapankar, solution market manager, NCR Corporation, a well known provider of ATMs. According to Mhapankar, although break-ins as such cannot be completely averted, they can surely be constrained by following some basic security measures.
What kind of layered security are we looking at with regards to ATMs?
Well when it comes down to ATM security, it exists at a few levels. Security should be a part of every level, such as physical security and software related security. For example, we have a solution in our ATMs, which, in case of a physical break-in sprays notes with a proprietary ink developed by NCR’s Fluiditi subsidiary. This technique proves to be a deterrent to physical attacks on the ATM, and makes it easier for us and local authorities to trace the party that is responsible for the crime.
With regards to software level security, we look at OS hardening, which is nothing but effectively managing patches and security updates. We also recommend that all policies are maintained at an OS level.
What kind of security functions does NCR incorporate in its ATMs?
One of the prevailing forms of ATM fraud is card skimming. In order to subdue this trend, NCR has developed the Enhanced Card Drive (ECD) or Jitter. Jitter is a start stop motion, embedded in the ATM, which makes card skimming ineffective.
We also have the Fraudulent Device Inhibitor (FDI) which is a protruding, illuminated hardware feature that hinders any criminal attempt to attach foreign devices around the card reader.
Apart from the above mentioned, we’ve also developed Intelligent Fraud Detection, which can detect a variety of fraudulent devices attached to the ATM fascia. The deployer receives an instant alert when a fraudulent device is added or removed form the ATM.
Could you tell us a little about NCR’s APTRA software security module?
The ATM remains to be on of the most secure channels for transactions. However, the use of open environments, Web technologies and new integrated services in the ATM channel, has also heralded the advent of viruses, worms and trojans. With APTRA, ATMs are effectively ‘locked down’ against the risks in today’s environment, whether from a criminal at the ATM or through a network-based attack.
As part of the overall APTRA software security, NCR has integrated new technology from Solidcore, and has developed an effective approach to future-proofing and protecting the security of ATM’s software environment. Solidcore for APTRA tackles the real underlying problem; the introduction (from whatever source) of unauthorised code. Solidcore for APTRA’s integrated technology only allows authorised code to run, protecting good code from being tampered with or hijacked.
Globally, many ATMs make use of biometric technologies for authentication. Do you believe these will catch on in India?
Well, Biometric systems have done well abroad. However, cultural issues could prove to be inhibiting factors towards the adoption of these technologies in India. This is one of the prime reasons for the lack of use of biometric systems in ATMs in India.
However, although it isn’t being used much at this point in time, there is value in enabling it across a bank’s ATMs. The technology can be used as an alternate or added source of authentication. For example, when you consider high security accounts/ access, one can use a biometric solution as an additional to the pin number or account number.
Hence, I believe that although the technology is coming up, and is already being used in countries such as Chile, Pakistan, Colombia, and Guatemala, it can only be considered for deployment once the cultural issues have been cleared.
For a bank, securing the ATM channel is of prime importance. Leaving one of the most popular transaction methods used across the world vulnerable to attacks is not a good sign for any bank. Although some of the security breaches discussed in the article haven’t gained momentum in India, they are on the rise.
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
