Sept 26 - The ATM Industry Association, the only global non-profit association for the ATM industry, has published new end-to-end encryption best practices for all ATMs. The manual shows step-by-step how to encrypt communications between an ATM and its host.
“In an era of EMV migration, it is important to realize that EMV does not guarantee the privacy of ATM transactions,” said Mike Lee, CEO of ATMIA. “This manual addresses that gap and I urge all who believe that the best approach to ATM security is to reinforce its whole lifecycle, in order to keep the crooks out of our systems, to study these expertly written best practices.”
The new manual, titled simply End-to-End Encryption for ATMs, is free for ATMIA members. It defines End-to-End Encryption as the application of cryptography to keep data private when data is communicated between an ATM and a host.
“As ATM traffic increasingly shifts from closed networks to the Internet,” said Technical Editor Henry Schwarz, “and with cyber criminals targeting cardholder data, and individuals battling to keep their personal information private in an era of surveillance, the importance of encrypting ATM communications simply cannot be overstated.”
“We battled for two years to complete this in-depth work due to its complexity,” Lee added. “But we are mighty proud of the finished product and believe it will become a little classic in our library of ATM security best practices. I would like to thank Henry, Susan Matt and all the contributors for their hard work and persistence.”
To read the best practices paper, log in to your ATMIA account at https://www.atmia.com/main/atmia-best-practices-library/.