A leading UK cyber security firm has joined forces with an Australian pioneer in payment card control technology to fight against the rise of global ATM Cashout fraud.
Australian-based Tranwall’s transaction security software will be offered with Foregenix’s Managed Detection and Response (MDR) and Threat Sweep. Both services provide security visibility of business critical assets in a single pane of glass and prevent advanced targeted attacks with early detection and skilled response.
Tranwall software will provide a second layer of security to issuing banks and is used widely by financial institutions in the Middle East and Africa. It gives banks and their customers granular control of bank accounts and cards and allows them to lock down entire BIN ranges to stop certain transaction types such as international ATM withdrawals and ecommerce payments. Additionally it offers granular control to the end customer on two-factor authentication on all customer bank accounts as well as limit setting to name a few options.
UK headquartered Foregenix is a leading global authority on ATM Cashout fraud through their PCI Forensic Investigations and Incident Response service. They have worked a significant number of ATM Cashout incidents in Africa where the problem is especially acute.
Cashouts have affected regions across the globe, with high profile attacks including an India-based bank system being accessed through malware which resulted in over US $13m being stolen and an attack in Japan which saw another US$13m stolen through ATMs in three hours as ~14,000 fraudulent withdrawals were made.
Often referred to as the FASTCash Campaign, the attacks are attributed to the Hidden Cobra cyber criminal syndicate with strong links to nation-state attackers from North Korea. These criminals are targeting issuing banks and payment card processors. The initial access mechanisms are varied but are often through poor digital hygiene and phishing or unpatched Internet-facing systems.
The cyber criminals subsequently exploit the poor architecture as well as lack of security of internal systems, manipulate limits or intercept transactions on the backend and use stolen or cloned cards at ATMs to fraudulently withdraw large amounts of hard cash. The cashouts are typically performed by associates or ‘mules’ who copy and imprint the stolen data on magnetic cards and perform the physical cash withdrawals in hundreds of locations, simultaneously.
Andrew Henwood, CEO of Foregenix, the leading authority on preventing ATM Cashouts comments:
‘Tranwall has a fantastic track record, its solutions have reduced fraud rates by as much as 75% to 95%. We believe our partnership will be a major new step in tackling the issue of ATM Cashouts for banks worldwide.’