EAST EGAF holds 25th Meeting

The 25th Meeting of the EAST Expert Group on All Terminal Fraud (EGAF) took place on Wednesday 19th January 2022.  Due to the Covid-19 situation, it was conducted as a virtual meeting and was chaired by Otto de Jong of ING Bank.

The meeting was attended by 28 key representatives from Terminal Deployers, Terminal Vendors, Networks, Card Schemes, Security Equipment and Software Vendors, Law Enforcement and Forensic Analysts.

EAST EGAF, which meets three times a year in advance of each of the meetings of EAST National and Global Members, enables in-depth and technical discussion to take place on Logical and Malware attacks, Card Data Compromise and other issues relating to terminal fraud.

A presentation on ‘Jackpotting with Malware’ was made by Diebold Nixdorf.

Experts from the following organisations also contributed to the meeting:  Bits A/S, BKA, BVK, Cardtronics, Damage Control, Dutch Payments Association, Europol, Gendarmerie Nationale (IRCGN), GMV, Group-IB, INTERPOL, KAL, LINK Scheme, Mastercard, MCMA, NatWest Group, NCR, PSA, Swedish National Anti-Fraud Centre, TietoEVRY, TMD Security, and TrendMicro.

EAST EGAF generates EAST Fraud Alerts for all EAST Members (National, Global and Associate). In total 264 Fraud Alerts have been issued as can be seen in the table below.

EAST

 

Terminology for the standardisation of locations of CDC Devices at ATMs

Standardisation of Terminology for Locations of Card Data Compromise Devices at ATMsIn June 2015 EAST published a document entitled ‘Standardisation of Terminology for locations of Card Data Compromise devices at ATMs’ to assist with the reporting and analysis of such devices, and to set a common standard for describing the placement of skimming (and shimming) devices.

In order to further promote the usage of the terminology worldwide, the EAST Expert Group on ATM Fraud (EGAF) has agreed that the key descriptions should be openly available on this website.  They can be found on the page Terminology for locations of CDC Devices at ATMs.

This terminology is used in all EAST ATM Fraud Alerts and Fraud Updates and anyone in the industry or law enforcement finding a card data compromise (CDC) device at an ATM is encouraged to use the terminology when making a report.

The full Guidelines are available for download on the EAST Intranet to EAST members (National and Associate),  EAST Associate Membership is free for Law Enforcement Officers.