ATM frauds: Here are some tips to help you minimise the risk

The Reserve Bank of India (RBI) has asked banks to upgrade the older operating system (Windows XP and before that) on their ATMs. By June 2019, all ATMs have to be upgraded. The regulator has also asked banks to implement anti-skimming solutions by next March.


The RBI has come up with the directives as ATM-related fraud is on the rise. In 2016, there was a security breach in the network, after which many customers lost money. The breach was attributed to ATMs running older systems.


“The process to upgrade the ATMs is on-going. But, there are around 240,000 ATMs in the country. Even if 30 per cent are running on old operating systems, that’s 72,000 needing to be upgraded. Besides cost, it’s also a huge logistical exercise, as only the manufacturers can upgrade them,” says Rustom Irani, chief executive officer, Hitachi Payment Services.


Experts say around 80 per cent of ATMs still run on the older operating system and about a third on systems even older than Windows XP. While the RBI has given a year for banks to upgrade ATMs and install anti-skimmers, individuals could take some precautions to ensure they don’t fall prey to ATM-related fraud.


On older operating systems, there’s little in the hands of an individual. “Changing your password regularly can minimise the risk. Many banks allow customers to put restrictions on daily withdrawal, daily spending and blocking international transactions on their respective apps. Individuals can use these facilities to minimise the risk,” says Mukul Shrivastava, partner – fraud investigation & dispute services, EY.


One big concern of the RBI is skimming of cards through fitting physical attachments and devices on an ATM. Irani say there are usually three ways a fraudster can get your sensitive information. Scammers attach a card reader at the slot where customers insert their cards. This device captures the information on the card as an individual inserts it into the slot.


 “Watch out for any protruding attachment on the slot in which the card is inserted. If a scammer has attached a card reader using an adhesive, it will come off on a slight jerk,” says Irani.


To capture the ATM PIN (Personal Identification Number), the criminals attach a spongy membrane on top of the PIN pad. For regular ATM users, it’s easy to know that the number pad feel is different than the usual. Avoid using ATMs in such a case.


Alternatively, an attachment above the number pad which houses a camera and has a hole. When entering a PIN, just move your hands and check for an attachment with a hole just above the PIN pad. When entering your PIN, cover the number pad with the other hand.


Finally, ensure your cash is dispensed if the ATM shows so. Fraudsters have also started putting an attachment on top of the cash dispenser. In this case, a customer might feel the ATM has not dispensed the money but in reality, it’s collected in the attachment the fraudster had deployed. Once the individual leaves the ATM, the fraudster goes in to collect the cash.


Experts say many individuals don’t subscribe to SMS services if banks charge for it. “It’s a small cost to pay to avoid falling prey to fraud. Also, keeping an eye on your daily balance. It’s your awareness that can help,” says Sivarama Krishnan, leader-cyber security services at PWC India.


Business Standard is now on Telegram.
For insightful reports and views on business, markets, politics and other issues, subscribe to our official Telegram channel