Payment Alliance International, a privately-held ATM provider, is collaborating with the U.S. Secret Service and local law enforcement agencies to thwart man-in-the-middle attacks at ATMs. Using proprietary real-time reporting software, PAI is able to alert officials of potential attacks while they occur, enabling law enforcement to apprehend criminals on the spot.
PAI recently identified a Central Florida attack in progress, aiding law enforcement officials in apprehending the suspects while they were fleeing with an undisclosed amount of cash and the device used to carry out the crime. Three individuals were arrested for emptying an ATM entirely of its vault cash. They were allegedly responsible for similar fraud activity at numerous ATMs across Florida.
In recent months, ATMs across the country have come under seige, a release from PAI stated. With man-in-the-middle attacks, criminals place a foreign device between an ATM and its wireless communication box, altering vital settings so cash is dispensed incorrectly. It is unknown how many attacks have occurred nationwide or the amount of vault cash stolen, but certainly tens of thousands of dollars have been lost.
“Nobody in the ATM industry has the capabilities we have developed to stop ATM fraud like man-in-the-middle attacks, and I couldn’t be prouder of our team,” said PAI CEO Neil Clark. “Our customers can sleep well at night knowing we have sophisticated tools to help identify, track and stop fraud.”
Customers with PAI wireless communications can remotely update settings with the company’s proprietary eRMS program to prevent this type of fraud.
Operators of ATMs that are internet capable and using wireless devices for transaction communication can take these steps to mitigate man-in-the-middle attack risk:
- Program ATMs with TLS 1.2 and enable certificates to ensure the proper encryption standards are being utilized to communicate directly with processors.
- Ensure software versions are up-to-date with all new security features enabled.
- Inspect ATMs for tampering and confirm wireless units are secure with no foreign devices present.
- Get access to technology that detects fraudulent activity as it’s happening.
Interested parties may contact PAI at (877) 271-2627, x4526 to learn more.