The 27th Meeting of the EAST Expert Group on All Terminal Fraud (EGAF) took place on Wednesday 14th September 2022 at ING Bank in Amsterdam.  The hybrid meeting was chaired by Otto de Jong from ING Bank.

It was attended by 23 key representatives from Terminal Deployers, Terminal Vendors, Networks, Card Schemes, Security Equipment and Software Vendors, Law Enforcement and Forensic Analysts. 9 people were in the room and there were 14 virtual participants.

Experts from the following organisations contributed to the meeting: Atruvia AG, Bits A/S, BKA, BVK, Cennox, Damage Control, Diebold Nixdorf, Europol, Group-IB, ING Bank, KAL, Mastercard, NatWest Group, NCR, PSA, TietoEVRY, and TMD Security.

EAST EGAF, which meets three times a year in advance of each of the meetings of EAST National and Global Members, enables in-depth and technical discussion to take place on Logical and Malware attacks, Card Data Compromise and other issues relating to terminal fraud.

Discussion at the meeting focussed on follow up to two EAST Fraud Alerts relating to Active Shimmer (Wedge) / Relay attacks and presentations were also made in relation to ATM black box attacks, to PCIDSS 4.0 (new requirements relating to e-commerce) and to Transaction Reversal Fraud.

EAST EGAF generates EAST Fraud Alerts for all EAST Members (National, Global and Associate). In total 272 Fraud Alerts have been issued as can be seen in the table below.