Micro-ATMs prone to malware attacks, warns cyber security agency
With the usage of micro-ATMs and point-of-sale (POS) counters witnessing a sharp surge post demonetisation, the country’s premier cyber security agency, Indian Computer Emergency Response Team (CERT-In), has cautioned customers, bankers and traders against skimming and malware attacks on these systems and asked them to adopt high-end encryption to plug possible breaches.
By : migrator
Update: 2016-12-04 18:17 GMT
Chennai
The CERT-In, the government’s nodal agency to combat hacking, phishing attacks and to fortify security-related defences of the Indian internet domain, has issued two specific advisories for micro-Automated Teller Machines (ATMs) and POS terminals. The advisory states that as micro-ATMs work with minimal power and connect to central banking servers through a GPRS network, their security features need to be strong and updated to check attempts by hackers who stealthily plan to steal private customer and bank data which leads to the loss of their hard-earned money by way of hacking or electronic stealing.
“Traditionally, data input into the POS system is in memory in clear text which allows attackers, memory scrapers to be very successful. The way to minimise this risk is by encrypting the card data as soon as possible and keeping it encrypted to the maximum extent throughout its life within the system. Point to Point Encryption (P2PE) could be used to address the issue of encrypting data in memory,” the advisory, said.
‘Watch out for small device while swiping’
According to CERT-In, skimming is the theft of classified credit/ debit card data. “A thief can obtain the victim’s credit card number using a small electronic device near the card acceptance slot and store hundreds of victims’ credit card numbers,” it said. A social engineering attack can be engineered at these facilities, it added, by gaining the trust of the owner as the fraudster poses as a member of staff.
Visit news.dtnext.in to explore our interactive epaper!
Download the DT Next app for more exciting features!
Click here for iOS
Click here for Android