Cardless ATM Fraud Is Fueled By Insecure Bank Countermeasures


Bank ATMs have been attracting criminals from all over the world. Emptying these machines can be done in various ways, although careless fraud is becoming more prevalent. Cardless ATM transactions are the prime reason why criminals have a much easier time as of late. Once criminals obtain stolen bank account usernames and passwords, converting it into cash is just a few steps away.

What makes fraudulent cardless ATM withdrawals so annoying is how affected customers are virtually unable to dispute the transaction. After all, the withdrawal indicates the cardholder was at the crime scene. It is nearly impossible for banks and financial institutions to distinguish between legitimate and fraudulent withdrawals. Cardless ATM access sounds convenient, but it is a delicate balancing act between convenience and security.

Cardless ATM Withdrawals Create More Fraud

Obtaining these login credentials is far too easy for criminals. WiFi hotspots,  particularly at hotels and public places, are often logging all information transmitted through the connection. It doesn’t take much effort for criminals to snoop on users and what they are doing. The fact that banks have weak security when it comes to unauthorized login access is not helping matters much either.

With the login information, criminals can add new forms of 2FA, such as an additional mobile phone number. They can also change contact information for the account, and complete online transfers with relative ease. It remains a mystery as to why financial institutions do not perform thorough security checks for these types of transactions.

Criminals are only aided by the new deployment of a cardless ATM. Rather than entering the card, users can authenticate through a smartphone app. In most cases, this means logging in with the username and password combination. If anyone obtains this information, they can easily drain an entire bank account in mere hours. Hardly any bank requires users to enter their card pin or any other form of secure authentication to process withdrawals.

Even if customers can provide evidence they did not request a money withdrawal, chances are slim they get the money back. Once someone authenticated through the login and password, the bank can decide this is a legitimate transaction. Customer support is not the bread and butter of banks, and these types of decisions will only hurt their business model. It is evident cardless ATM technology is still in its infancy, and should not be deployed on a large scale.

Header image courtesy of Shutterstock

You want the latest news about Crypto? Sign up to our weekly Newsletter!


< <上一篇