ATM Security & Fraud: Tools & Techniques to Mitigate Persistent Losses

July 12, 2004


Boston, MA, USA July 12, 2004

ATM Security & Fraud: Tools and Techniques to Mitigate Persistent Losses

Have ATMs become just another way for criminals to access cash?

There are more than 370,000 ATMs in the United States幼reating convenience for bank customers but also generating accessibility for criminals. Although fraud statistics have remained low, criminal activity surrounding ATMs is by no means dormant. In a new report, ATM Security & Fraud: Tools and Techniques to Mitigate Persistent Losses, Celent explores the latest challenges facing the ATM industry with respect to fraud and security. It will also propose solutions and dependable tactics for many of these challenges.

Statistics suggest that banks have been successful in preventing fraud. However, advances in technology are equipping criminals with clever ways to outwit the system and are beginning to offer them the upper hand. Schemes like skimming and Lebanese Loops continue to threaten ATM owners. Criminals are relying more on gadgets, such as micro cameras and palm pilots, for capturing data rather than on con artist stunts designed to fool the cardholder. But more important is the lack of proper authentication at the ATM and the doorway it could potentially open for criminals.

The industry is full of solutions to counter the various threats. Some are modifications that may be made to the exterior of an ATM, while others are software-based monitoring solutions. The price and level of sophistication for these products varies.

"Decisions in purchasing both hardware and services designed to tackle ATM fraud are often challenged by lack of a cost justification," comments Ariana-Michele Moore, author of the report. "The industry has grave difficulty in measuring ATM fraud given the lack of a national classification, the secrecy surrounding such frauds, and the unfortunate fact that one cannot know the true cost of fraud until one is hit with it. Even low-cost solutions, such as customer awareness, challenge banks who fear scaring customers away from the ATM, or worse, into the doors of a competitor," continues Moore.

Aside from revenue generation and cost savings, ATMs are becoming the face of many financial institutions. For many consumers, ATMs are becoming the only interaction they have with their banks. In addition, ATMs are also becoming a competitive mark for many banks. Therefore, it is imperative to ensure that the customer痴 experience with the ATM is safe and secure.


table of contents for this 35-page report is available online.

of Celent Communications' Retail Banking research service can download the report electronically by clicking on the icon to the left.  Non-members should contact for more information.


Send mail to with questions or comments about this Web site.

Celent is a research and advisory firm dedicated to helping financial institutions formulate comprehensive business and technology strategies. Celent publishes reports identifying trends and best practices in financial services technology and conducts consulting engagements for financial institutions looking to use technology to enhance existing business processes or launch new business strategies. With a team of internationally based analysts, Celent is uniquely positioned to offer strategic advice and market insights on a global basis. Celent is a member of the Oliver Wyman Group, which is a wholly-owned operating unit of Marsh & McLennan Companies [NYSE: MMC].

Media Contacts

North America
Michele Pace
Tel: +1 212 345 1366

Europe (London)
Chris Williams
Tel: +44 (0)782 448 3336

Asia (Tokyo)
Yumi Nagaoka
Tel.: +81 3 3500 3023

Table of Contents


Boston, MA, USA July 12, 2004

ATM Security & Fraud

Return to report Abstract


  Anonymous Theft Machines 5
  Important Points 7
  Attacks Made Against the ATM or Its Cash 8
  Attacks Made Against Cardholder Accounts 9
  Frauds Perpetrated by the Cardholder 14
  Measuring the Impact 15
  Issues of Liability 18
  Frequency & Location of Threats 19
  Machine-Based Security Features 20
  Monitoring-Based Approach 21
  Policy-Based Security Features 25
  Triple Data Encryption Standard (DES) 26
  Check Imaging & Truncation 27
  The Need for Better Authentication 30

Sign in to download reports and access personalized information