The increased usage of mobile payment platforms has convinced several industry experts that consumers will become less dependent on cash for making routine transactions. However, a recent collection of data from Retail Banking Research found that the total global ATM withdrawals in fact increased by 7 percent in 2015. Retail Banking Research also projected that the number of ATMs installed globally would increase from two million in 2009 to four million by 2020. But, improved access to ATMs is making consumers more vulnerable to ATM related fraud, particularly the practice of “skimming.”
ATM skimming is the theft of bank account information through the machine itself. Skimmers are card readers that are disguised to look like a part of the machine and steal data from a card’s magnetic stripe by harvesting information every time a card is swiped. The newest and most advanced skimmers are placed deep inside an ATM and are completely hidden from the user. Cameras are often used to capture cardholders’ personal identification.
This form of physical hacking has been an issue of significant concern in the United States for over a decade. The U.S. Secret Service reports a $1 billion loss every year as a result of ATM skimming. According to FICO, a credit score analytics firm, the number of attacks on debit cards used in ATMs around the country during the first quarter of 2015 has reached their highest levels in twenty years. In March 2017, FICO reported 70 percent more compromised debit cards. FICO also reported a six-fold increase in the number of ATM machines compromised by criminals in 2015. Furthermore, according to USA Today, ATM card skimming incidents increased 546 percent from 2014 to 2015.
The National ATM Council conducted the 2017 US Retail ATM Skimming Survey to determine the nature and level of card-skimming activity caused as a result of skimmers inserted into an ATM’s card slot. The respondents consisted of 151 ATM companies, and approximately 70 percent of the respondents had been in the ATM business for over a decade. Four respondents reported seeing six or more instances of skimming on their ATMs, when compared with only two respondents in 2016. Consumers most vulnerable to ATM skimming are those who use nonbank ATMs, especially in convenience stores and remote gas stations. FICO reports that compromises at nonbank ATMs increased from 39 percent in 2014 to 60 percent in 2015.
The increase in ATM skimming incidents in the United States can be attributed to several factors. Firstly, installation of magnetic strip readers requires little technical expertise. There has been significant improvement in the skimming technology and the technical know-how is now available to the general population. Additionally, banks in the United States have not taken meaningful steps to educate consumers about the risks associated with ATM skimming, partially because banks may fear that consumers would limit their ATM usage. Some banks have started introducing debit and credit cards with very small computer chips that are difficult to counterfeit. However, some retailers do not accept cards with tiny computer chips, thereby forcing consumers to use cards with magnetic strips. This makes consumers more susceptible to skimming.
Since it is almost impossible for an ATM user to detect whether a skimmer has been inserted into a card reader, the user must take several precautions. The New York Times advises ATM users to use their hands to shield the pin entry pad, while using an ATM. This would prevent “shoulder surfing”- in which the cyber thief is able to watch the PIN or record it using an illegal camera. It is important to regularly review account statements and change passwords. In several cases, thieves place a fake keypad over the real one. Therefore, to enhance security, users must check the keypad before entering the personal identification number.