NCR Corp. is adding a reporting tool to its ATM fraud software to help banks detect when the machines have been infected by a virus.
The Duluth, Ga., ATM maker's Solidcore Suite for APTRA can now alert users to any changes to an automated teller machine — authorized or unauthorized updates, and who made them. These changes appear in a scheduled report.
NCR announced on Wednesday its partnership with McAfee of Santa Clara, Calif., to provide a version of APTRA that adds on to McAfee's ePolicy Orchestrator software. The monitoring tool will not improve NCR's ability to stop fraud; the aim of the add-on is to tell banks when they have been attacked by a virus.
"When you have these malware, or Trojans, those can sit on the machines for days, weeks, months," Bob Tramontano, vice president of marketing for NCR's financial services business, said in an interview. "So what we are trying to protect against is where malware can hook on to the ATMs."
Tramontano said malware can hide on ATMs far longer than skimming devices, which fit over the card slot to steal payment data. Though skimming devices are designed to blend in with ATMs, they can often be removed by hand — sometimes even by eagle-eyed consumers.
Payments-related fraud cost about $54 billion worldwide, according to recent research NCR cited from Javelin Strategy and Research.
NCR and McAfee have been working together for about six months, an NCR spokesman said. Already, there are about six U.S. customers "underway" with the latest APTRA iteration, he said, but he would not name those customers.
The software, analysts said, acts as a preemptive strike against criminals who are constantly innovating.
"Malware is something that changes all the time, so the ability to intelligently intercept new forms of malware is important," said Jacob Jegher, a senior analyst at the Boston market research firm Celent. "The fraudsters are constantly trying to increase their attempts for those attacks."
Jegher said that if a bank knows its ATMs are being attacked it can shut them down and investigate. "I think that's crucial for banks," he said, "for banks to have notification come to them internally, on the fly, as they occur in real time."
Robert Vamosi, an analyst at Javelin, said there was at least one incident globally of criminals uploading software that gave them access to ATM keypads. He said they were able to download any transaction that went into the machine.
Vamosi said he hasn't heard of any such attacks in the U.S. yet.
Vamosi said those attacks are more likely to come from someone who has regular access to the device.
As banks are focusing more and more on ATMs as a way to cut down on costs, security for those machines has become increasingly important.
"ATM manufacturers are stepping up to the risk" of fraud, Vamosi said.
