Technology to fight ATM skimming continues to advance, but so do the threats. Fraudsters have devised new ways to work around - if not defeat - new anti-skimming solutions, say industry experts who point to global ATM fraud trends.
This kind of problem happens to everybody, says Marcus Ranum, CSO of Tenable Network Security, in response to the widely publicized breach at RSA. And maybe hes right. Perhaps this kind of problem does happen to everyone. But should it?
Skimming remains the top threat to ATMs worldwide, but certain regions are also seeing a rise in logical security breaches - malware - according to Chuck Somers, VP of ATM Security and Systems with Diebold, the global ATM supplier.
Banking/security leaders aren't crazy about banking regulators telling them they could have done a better job detecting ACH fraud, and they're eager for more specific guidance on what to do going forward.
Speculation about the pending update to online authentication guidance has been circulating around water coolers for months now. "A [disclosure] like this could make it more challenging for the regulators," says attorney David Navetta.
"It's interesting to see regulators putting the onus on the financial companies for fraud that occurs after the theft has already happened," says David Navetta, co-chairman of the American Bar Association's Information Security Committee.
A preliminary draft of new authentication guidance puts greater responsibility on financial institutions, and the ACH/wire fraud case between Experi-Metal Inc. and Comerica Bank marks the first major corporate account takeover incident to hit a courtroom.