ATM Security: Improving Threat IntelligenceCompetitors Sharing Information to Thwart ATM Attacks
ATM vendors are joining forces to enhance threat information sharing to help banking institutions prevent fraud.
In part two of an exclusive three-part interview, executives at the world's three leading ATM manufacturers - Diebold Inc., Wincor Nixdorf and NCR Corp. - explain why collaboration has become so important.
For example, last year, Diebold and Wincor Nixdorf announced the formation of a new consortium designed to help thwart ATM crime (see New Industry Group Tackles ATM Fraud). The consortium will soon launch its website to help ensure the free flow of threat intelligence among vendors, law enforcement and banking institutions.
"'We need to have an organized answer to organized crime," says Joerg Engelhardt, Diebold's vice president of product management and marketing. "We need to have speed and reaction to fraud."
Uwe Krause, vice president of banking for Wincor Nixdorf, says the effort these competing ATM manufacturers have spearheaded to collaborate and share information stands out for a number of reasons.
"It's the first time that manufacturers, financial institutions and vendors have come together to discuss the real issue," Krause says. "We must find ways to work together."
NCR is still considering participation in the new consortium. But Owen Wild, global marketing director of NCR financial services, says information sharing is increasingly critical.
"Information sharing is a global, cross-industry issue, and we've got to continue to stay proactive in our approach and design of what will work best," Wild says.
Beyond Market Competition
Bernd Redecker, director of corporate security and fraud for Wincor Nixdorf, says helping banking institutions understand that ATM vendors are not competing, when it comes to security, is key.
"When we started discussions, the banks were reluctant to talk about some of this," Redecker says. "They were uncomfortable to talk about what was impacting different vendors. But we see these attacks are jumping cross-vendor, and now we are trying to help institutions understand that this association will give us the speed we need to share information from a global perspective."
Wincor Nixdorf's Krause says cross-industry collaboration must be part of the ATM security strategy. "We need a very clear platform for how to address emerging ATM crimes," he says.
Also discussed during this interview:
- Why collaboration with global law enforcement has posed challenges;
- How ATM vendors are overcoming some of their hardware and software differences; and
- Ways banking institutions and other industries are getting involved to help enhance information sharing.
In part three of the series, to be posted soon, the panel discusses how ATM cash-out schemes and vulnerabilities to Windows-based operating systems are impacting ATM vendors and banking institutions, as well as how EMV and PCI compliance are likely to have an impact on ATM fraud.
And in part one, the panel discussed the role contactless card and card-reader technology is likely to play in the battle against skimming.
Engelhardt oversees management of the business lifecycle for Diebold's product portfolio.
Krause heads Wincor Nixdorf's banking product management and marketing for national and international markets.
Wild oversees the global development and execution of NCR's marketing strategy and programs for its security solutions portfolio.
Redecker heads Wincor Nixdorf's corporate security and fraud management team, which works on security products and solutions.
The other panelist, Nick Billett, oversees Diebold's research, development and delivery of extensions for financial services products, operating systems, systems software, security modules and security-related ATM products. His team also investigates global ATM skimming and logical attacks.