Diebold top exec boasts ATMs are market's 'most secure'

Security is a big issue with ATM machines. It seems not a day goes by where you won't find something in the news about an ATM being blown up, dragged away by a backhoe, or falling victim to a skimming or jackpotting attack. 

At Diebold Nixdorf's recent DN Intersect event in Las Vegas, ATM Marketplace sat down with David Phister, the company's director of systems security product management, to talk about how the DN Series of ATM machines, launched earlier this year, is tackling security issues.  

When asked about his biggest security worries, Phister gave this answer: physical attacks — mainly explosive attacks — skimming attacks against card readers and cyber attacks against the system's internal communications. 

"Those three keep us up at night, and those were the three that had the largest influence on the design for our DN Series terminals," he said.

Here's how the DN Series defends against each type of attack.

Explosive attacks

Explosive attacks, where criminal gangs blow up ATMs and their vaults with dynamite or gas, aren't as prevalent in the US, but they are commonplace in Europe and South America. 

In many parts of the world, thieves use explosive gas to blow up ATMs, but in Brazil, gangs have taken to using dynamite, which they steal from mines and construction sites.

When banks aren't able to control the heists by adding additional security measures, such as facial recognition and cameras, they often end up shutting down branches, leaving some communities without access to cash. 

To fend off these types of physical attacks, Diebold Nixdorf reconfigured the note transport path in its DN Series. 

"In previous designs, the cash dispenser would be up towards the front of the safe," Phister said. "We have moved that transport path much deeper into the center of the system, making it even more difficult to get access to the safe itself, which provides better protection against explosions." 

Skimming attacks

Skimming attacks are a bigger problem in the U.S. than other parts of the world. Skimmers come in all shapes and sizes, but the basic idea is, thieves place a bogus card reader on top of the real reader to capture payment card data from the magnetic stripe on the backs of the cards. Even with the advent of EVM (chip and pin technology), cards still have mag stripes. Often a pinhole spy camera near the PIN pad records cardholders entering their PINs. The thieves then clone new cards and use PINs to withdraw cash from victim's accounts. 

Today's skimmers are often Bluetooth devices, so a thief can collect the data from their car, without having to open up the machine again. 

One particularly malicious type of skimming device called a "deep insert skimmer" (also known as a M3) is designed to be inserted deep within the card reader itself, making it even more difficult for anti-skimming devices to detect their presence.

Diebold Nixdorf tackles the problem with what it calls an ActivEdge reader introduced back in mid-2014.

As Phister explained, traditional card readers operate on a short-edge orientation, where users insert the card short edge first and the reader is static, so the card moves across the reader. "That design lends itself well to skimming technologies," he said. 

In contrast, ActivEdge approaches skimming from a different angle, literally, by requiring users to insert cards into the reader via the long edge, putting the mag stripe in the back, where a moving head reads the data. 

That moving head makes it, not impossible, but significantly more difficult for someone to insert one of those miniature readers due to the limited amount of space in the reader, Phister said. He added: "We're putting additional sensors in there to defend against someone trying to insert an M3 skimmer and encrypting all the information that is detected from the card reader internal to the card reader itself."

The company claims that, to date, its ActivEdge readers have not been skimmed. 

Black box attacks

In an ATM black box attack — also known as jackpotting — the criminals drill holes into the top of the machine to gain access to its internal infrastructure. They then unplug the machine's cash dispenser from the PC core, and attach it to an external electronic device — the so called "black box." The black box then sends commands to cause the machine to spew currency, bypassing the need for a card or transaction authorization. 

"In Diebold's DN series, we're now encrypting — and actually have been in our legacy systems as well — all communications between security relevant modules," Phister said. "So we're now encrypting the information between the cash dispenser and the PC core, and the two are checking each other, so that if someone does unplug that device, and the dispenser senses an unauthorized connection, it will shut down."

The trusted device communication allows the DN Series to defend against someone installing an unauthorized device, including an unauthorized skimmer, into the machine. "Layers of security from physical to cyber provide the best defenses for the ATM against the attacks we're seeing in the market," Phister said.

Finally, the DN Series comes with smart dispensing recycling technology to give the cash modules the ability to monitor machine behavior. "If the notes dispensed in a given time period exceeds a pre-configured threshold, then it will trip the sensor, and the machine will shut down," he said. 

Phister believes that the DN Series is "the most secure ATM family" in the market.