ATM and finance security challenges in Jamaica put customers at risk


ATM and finance security challenges in Jamaica put customers at risk


Friday, May 29, 2020

Print this page Email A Friend!

THE unprecedented effects on humanity and the economic impact caused by COVID-19 has raised a multitude of concerns for families and businesses around the world. In Jamaica, debit and credit card skimming fraud is becoming more prevalent.

In pursuit of acessing personal and financial information, criminals are betting on the ATMs to steal information or money at a noticeably alarming rate. A large part of the criminal campaign is to send fake emails messages in order to obtain customers' bank credentials.

ATMs have historically been subject to physical theft of the machine itself or the cash inside. Today, the fastest-growing risk comes from cyberspace, including a variety of techniques to steal card information without the victims' knowledge. While credit cards are generally associated with large-scale system hacks in which criminals steal database information from merchants, debit card fraud usually happens through point of sale (POS) or ATMs.

How? Criminals inconspicuously can place a card reader device in an ATM which then obtains data remotely, and hidden cameras are also placed nearby to extract the victim's PIN number. Thieves who “skim” card data generally create a dummy card with a magnetic stripe identical to that on the victim's card.


For the enterprise security experts, the lesson learned from these and other well-publicised cyber attacks is that ATMs must be included in a bank's branch and corporate network security strategy. This strategy must include technologies such as end point protection, secure access and network visibility, advanced threat protection, email security gateways, sandboxing technologies, etc.

From the customers' perspective, the free use of debit cards, without realising the vulnerability of their information every time they swipe it somewhere, could represent a risk. Some of the best practices people can follow to prevent these card frauds include:

• Avoid online transactions that ask for card numbers or personal information when using public Wi-Fi.

• Only use your debit and credit cards on secure websites that you are already familiar with and trust.

• Ensure that you receive transaction alerts from your bank either to your mobile phone or email address.

• Closely monitor your bank statements and balances.

• Do not use unusual-looking or unfamiliar ATMs. Examine the ATM before using it. If the keypad or any other feature appears loose, do not use the machine and alert bank staff.

• Pay close to attention to nearby customers, alleged store clerks, or bank tellers. Do not use machines if you see any unusual behaviour, such as tampering with the ATM.

If someone has been the victim of card fraud, the first thing to do is to monitor accounts and watch out for any unauthorised charges. Reporting suspicious activity to the bank as soon as possible can prevent any further damage to the victim's finances.

As banks adopt new policies and procedures for keeping the ATMs secure, they must also ensure they are meeting all appropriate regulatory requirements. At the same time, financial institutions must minimise the impact of these measures on the total cost of ownership (TCO) of the ATM network.

The average loss in an ATM attack is US$50,000, but obviously the damage can be much greater. Considering the pervasiveness of the threat, even the average loss is a penalty that banks cannot afford to ignore.

Consumer education remains a key part of the strategy to protect cardholder account information. Understanding the difference between credit and debit cards can prevent users from using them blindly, while knowing the potential risks and common fraud techniques can make people alert to their actions and hopefully prevent fraud from happening.

Layard Terrero is director of engineering at Fortinet for Central America and the Caribbean

Now you can read the Jamaica Observer ePaper anytime, anywhere. The Jamaica Observer ePaper is available to you at home or at work, and is the same edition as the printed copy available at




1. We welcome reader comments on the top stories of the day. Some comments may be republished on the website or in the newspaper � email addresses will not be published.

2. Please understand that comments are moderated and it is not always possible to publish all that have been submitted. We will, however, try to publish comments that are representative of all received.

3. We ask that comments are civil and free of libellous or hateful material. Also please stick to the topic under discussion.

4. Please do not write in block capitals since this makes your comment hard to read.

5. Please don't use the comments to advertise. However, our advertising department can be more than accommodating if emailed:

6. If readers wish to report offensive comments, suggest a correction or share a story then please email:

7. Lastly, read our Terms and Conditions and Privacy Policy

comments powered by Disqus



Today's Cartoon

Click image to view full size editorial cartoon