There has been another spate of cash machine fraud, near where I live, entirely coincidentally. The police have instructed us to... well, let them tell you.

Officers have advised members of the public that if possible they should not leave the scene if their card is retained

[From BBC News - Cash machine users in Woking warned over thefts]

So, essentially, if an ATM keeps your card (this has never, ever, happened to me) then you should stay by the machine and call for help. Who you are supposed to call is not made clear, but I will call one of our local police stations. These are open from 8am to 10pm. As an aside, when I last went to one of our local police stations, I was ushered into a small room with a telephone, from where you are connected to the same call centre as if you had just stayed at home and phoned them, so come to think of it I may just as well call the call centre directly. Perhaps it's time to rethink the "hello 1966" card plus 4-digit PIN system and either get rid of ATMs completely or improve their security.

Perhaps we should look further afield for ideas for new ATMs.

The Intelligent ATM comes equipped with a camera that recognises the customer’s face and sends details of the facial dimensions to a database for verification... Its use could also reduce the now common incidents where carjackers force their victims to empty their accounts at gunpoint, often taking the card and the personal identification number (PIN).

[From Daily Nation: - News |Your face is all you’ll need at an ATM]

I think this is unlikely: it would simply replace customers being forced to hand over their ATM card at gunpoint with customers being forced to go to an ATM at gunpoint, which strikes me as being more dangerous! Relatively few people are carjacked and shot dead in Woking at the moment -- this generally happens up the A3 in South London --- but it could all change. Mind you, you've got to be pretty brave to use an ATM at all in the UK.

'We were surprised by our results because the ATM machines were shown to be heavily contaminated with bacteria; to the same level as nearby public toilets... In addition the bacteria we detected on ATMs were similar to those from the toilet, which are well known as causes of common human illnesses.'

[From Cash machines 'as dirty as public toilets' | Mail Online]

Yuk. It's time to stop the silly 1960s fashion for putting things in slots and touching filthy keypads. This might help prevent fraud as well as the propagation of intestinal disorders.

The future may lie with RFID chips and mobile phones. If a mobile phone replaced the ATM card and withdrawals could be performed only by placing an RFID phone near an ATM then cell site analysis (plus E911 and E112 compliance) would greatly limit the scope of fraud against banks. But such a secure deployment needs investment - and in these difficult times this looks doubtful.

[From Forensic Computing Expert and Barrister - Automated Teller Machines]

Maybe Barclays, who have issued millions of contactless debit cards in the UK, might want to start experimenting with ATM de nos jours. After all, I want to leave home without a wallet, with only a phone, but there are still backward and underdeveloped parts of the world (eg, Woking) where many retailers do not yet have contactless terminals and so there is the need for occasional recourse to the hole in the wall, but it's difficult to get my iPhone in the slot, especially when it is fitted with anti-fraud devices. Consider this appealing alternative: take splendid new Barclaycard/Orange mobile phone with NFC, open card application and enter numerical passcode and amount of money required. Then hold phone next to ATM and wait for the money to come out.

Comments

Using an NFC enabled mobile phone with an open card application that requires a numerical pass code to be entered to get money out of the ATM, may be a new way of getting your cash out of the ATM but it solves very few of the issues that are talked about. In fact it only resolves the issue of your bank card not being swallowed up. (If hygiene is an issue, you still need to touch the money out of the ATM, which has as much bacteria on it as an ATM key pad; thieves can still jump in to snatch the money as it comes out of the machine; and you still need your wallet to put the money in!).

The biggest debate is: Would this utopian ATM solution improve security? Not massively. Recent blogs have discussed how fraud is a problem with digital wallets and the mobile contactless payments technology is still in its early stages; it won’t be free from the mercy of the cyber thieves. The security levels of these solutions are still up for debate. For example, online banking fraud is on the rise and mobile banking is likely to have to go through the same teething problems.

What is suggested is innovative, the ATM is outdated and it would be great to have a replacement system, but the bigger issue is security. The ‘ATM 2.0’ must put security at the top of its requirements list.
______

Comment from Hemant Lamba, Banking and Capital Markets Practice, Infosys, and posted by Infosys Press Team

Posted by: Infosys Press Team | 14 February 2011 at 08:51 AM

But I don't see why a carkjacker wouldn't just make you use your mobile phone to empty your account, then take your phone and your code?

Posted by: Simon HB | 10 February 2011 at 08:58 AM

I think battery/power technology needs to improve by several orders of magnitude before we can solely rely on mobile devices for financial transactions. My smartphone barely lasts a day of regular use, and don't want to be searching around for power sources just so I can withdraw money from my bank account.

Posted by: Paul | 10 February 2011 at 07:54 AM