Gartner Says ATM/Debit Card Fraud Resulted in $2.75 Billion in Losses in Past Year
Gartner has announced the results of a survey of 5,000 active online US adults that examined fraud involving ATM/debit cards. The report "Criminals Exploit Consumer Bank Account and ATM System Weaknesses" is available for purchase online.
Gartner estimates that in the 12 months ending in May 2005, ATM/debit card fraud in the U.S. generated losses of $2.75 billion, with an average loss of more than $900. Criminals secretly are obtaining consumer banking account and password information by online phishing and keystroke logging attacks, and then using this information to hack into consumers' ATM accounts."Criminals sometimes counterfeit ATM/debit cards with just account numbers and PINs in hand, and they can use this stolen information at ATMs to withdraw cash from a cardholder's account," said Avivah Litan, vice president and research director at Gartner. "They succeed when the card-issuing bank is not validating security codes on the magnetic stripe of the card while authorizing transactions." PINs are personal-identification numbers.
"These security codes are stored on Track 2 of the magnetic stripe and include PIN offsets and Card Verification Value (CVV) codes," Ms. Litan said. "The codes link the physical card to the customer's account number. Surprisingly, perhaps as many as half of U.S.-based financial institutions are not validating Track 2 security data while authorizing ATM and PIN debit transactions. Most of these institutions are unaware that they, or the outsourced ATM transactions processor they rely on, should be doing so."
Stumble It!
Add your comment... (note that all comments are reviewed before they're published)