EPTF holds Fourth Meeting

EPTFThe Fourth Meeting of the EAST Payments Task Force (EPTF) took place on Thursday 22nd November 2018 at the Banking & Payments Federation Ireland (BPFI) in Dublin.

The EPTF is a specialist task force that discusses security issues affecting the payments industry and that gathers, collates and disseminates related information, trends and general statistics.  The EPTF has recently published Payment Fraud Terminology and Payment Fraud Definitions.  The aim is for the payment fraud terminology, and related payment fraud definitions, to be adopted globally when describing or reporting payment and transaction fraud.

The meeting was chaired by Mr Rui Carvalho, EAST Development Director, and was attended by key representatives from Card Issuers, Law Enforcement, Payment Processors, Payment Providers and Solution Providers.

Presentations or updates were given by BANCOMAT S.p.A, BPFI, Diebold Nixdorf,  EURO Kartensysteme GmbHEuropol, INTERPOL, PayLife, PayPal, Trend Micro, Visa Europe.

The Group, which meets twice a year, adds value to the payments industry by using the unique and extensive EAST National Member platform and Associate Member network to provide information and outputs that are not currently available elsewhere.  EAST National Members represent 35 countries and outputs from the group are presented to National Member Meetings.  There are 202 EAST Associate Member Organisations from 52 countries and territories.

Airline Fraud Action Day leads to 141 Arrests

As part of a global action against airline fraud Europol coordinated raids at European airports, targeting criminals trying to travel using fraudulently bought tickets. Last week (from 18-22 June) over 141 individuals were arrested around the world during a law enforcement swoop which took place at over 226 airports.

61 countries, 69 airlines and 6 online travel agencies were involved in the 11th edition of the Global Airport Action Days (GAAD) targeting criminals suspected of travelling with airline tickets bought using stolen, compromised or fake credit card details. Some 334 suspicious transactions were reported, and a number of investigations have been subsequently opened.

The GAAD which was organised through coordination centres at Europol in The Hague, at the INTERPOL Global Complex for Innovation in Singapore and at Ameripol in Bogota, was supported by Canadian and US law enforcement authorities through the NCFTA in Pittsburgh.

During the action week, representatives from airlines, online travel agencies, payment card companies, Perseuss and IATA worked together with experts from Europol’s European Cybercrime Centre (EC3) to identify suspicious airline ticket transactions.

More information can be found on Europol’s website

Information on the GAAD held in June 2017 can be found here

 

 

EAST assists Europol-ASEAN Strategic Payment Card Fraud Meeting

Payment Card Fraud - 5th Strategic MeetingEAST presented at the 5th Strategic Meeting on Payment Card Fraud held in Hanoi, Vietnam on 29-30 May 2018.  EAST Executive Director Lachlan Gunn gave an overview on Terminal Fraud and Payment Fraud as seen by the industry in Europe and highlighted the issue of related fraud migration to China and the ASEAN region.

The growing presence of chip cards in the European Union (EU) has seen an increase in fraudulent payments with European cards at ATMs in Asian countries. Organised crime groups from Europe set up cells in Asia, creating an illegal network, which resulted not only in a higher number of fraud cases, but also in an increase of violence and serious incidents where members of criminal organisations were killed.

The Payment Card Fraud Meeting was aimed at consolidating and strengthening cooperation under the EURASEAN Investigative Network on Payment Card Fraud to provide an adequate and effective answer to this criminal phenomenon. This network, led by Europol, is supported by both ASEANAPOL and INTERPOL, law enforcement officers from EU Member States and 10 ASEAN countries (Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam) with the assistance of EAST representing the private sector.

The EURASEAN network, established last year, has been increasingly efficient and boosted several investigations that led to arrests between Bulgaria and Vietnam, France and Thailand and Romania and Indonesia. International cooperation, based on the exchange of information, technical support and strategies, whereby organised criminal groups active in Asia and Europe were disrupted, fugitives detected, false ID documents seized and criminal assets recovered.

In the fight against fraudulent payments and cybercrime, law enforcement agencies are not the only ones involved: a fundamental role is also played by the private sector. Stopping cyber fraud in the financial sector requires dealing directly with the private sector.  EAST has been closely working with Europol since 2004 and has had working relationships with ASEANAPOL and INTERPOL since 2015.

The trusted relationships established between Europol, ASEANAPOL and INTERPOL are a crucial factor in strengthening security and, ultimately, protecting EU citizens.

The meeting was financed by EMPACT (European multidisciplinary platform against criminal threats) and led by Romania. Bulgarian authorities led the action on cooperation with Asian countries.

EAST has supported all five of the Strategic Meetings on Payment Card Fraud held to date in the ASEAN region, as well as related meetings held in Europe and Latin America.

Message from the Executive Director

The end of another busy year is almost upon us.  On behalf of the EAST Board I would like to thank everyone who has contributed towards the continued success of EAST this year – and it has been a very busy year.  In June we changed our name to become the European Association for Secure Transactions, the culmination of many discussions held by our Board and National Members, and positioning EAST to continue to be able to support the needs of our members in the fast changing payments landscape.  The announcement was made at our Third EAST FCS Forum in The Hague.  This well-attended event, the best yet, also featured two new interactive workshops run by EAST EGAF and EAST EGAP.

We held National Member meetings in Oslo in February (our 41st Meeting hosted by Bits AS), in The Hague in June (our 42nd Meeting hosted by Europol) and in Edinburgh in October (our 43rd Meeting hosted by the LINK Scheme).  In January Halo BCA joined EAST as a new National Member for Indonesia and in April Banorte IXE joined EAST as a new National Member for Mexico

The EAST Expert Group on All Terminal Fraud (EGAF), chaired by Otto de Jong, held three meetings in January, May and September, all hosted by ING in Amsterdam.  EGAF updated its guidelines on standardising terminology for locations of Card Data Compromise (CDC) devices at ATMs and also the definitions used to report and classify ATM fraud.  Law Enforcement participation is from Europol, the US Secret Service, the BKA and the French Gendarmerie (IRCGN).

The EAST Expert Group on ATM and ATS Physical Attacks (EGAP), chaired by Graham Mott, held two meetings in March and September, both in The Hague, one hosted by Europol and the other by the LINK Scheme.  Law Enforcement participation in this group is increasing with LEAs from 8 different countries participating, in addition to Europol.

The EAST Payments Task Force (EPTF), chaired by Rui Carvalho, held its first face-to-face meeting in April and its second meeting last month.  Both were hosted by the BPFI in Dublin.  This group will add value to the payments industry by using the unique and extensive EAST National Member platform and Associate Member network to provide information and outputs that are not currently available elsewhere.  Law Enforcement participation is from Europol and the US Secret Service.

In addition to the work of the above groups, we supported Law Enforcement during the year by presenting at:  the Europol Training on Payment Card Forensics; an INTERPOL event focussed on countering Cyber and Financial Crimes; Europol’s 4th Strategic Payment Card Fraud meeting in Asia; and Europol’s first combined Strategic Payment Card Fraud Meeting with representatives from Asia-Pacific, Europe and Latin America.

We took part in the 5th Europol-INTERPOL Cybercrime Conference and formalised a relationship with ASEANAPOL, another step forward in addressing the consequences of the spread of the activities of organised criminal groups across regions and globally.

We also presented at the following private sector events: the MasterCard Global Risk Leadership Conference – Europe, the NCR Fraud & Security Summit, the Third Latin America Security Forum, and the General Assembly of Vigie Billet.

EAST continues to keep abreast of the latest fraud trends and crime information, publishing our European Payment Terminal Crime Reports and European Fraud Updates.  Our thanks again go out to all the people and organisations that have shared information for the above, and for EAST Fraud Alerts (41 sent out this year to date), and EAST ATM Physical Attack Alerts (12 sent out this year to date).  Our first Payment Alert is expected to be published shortly.

EAST Associate Membership continues to grow.  We now have 192 Associate Member organisations from 52 countries and territories.  This membership category is open for worldwide application to all Banks, Law Enforcement (free membership available), and other approved ATM Stakeholder organisations.

Wherever you are reading this I would like to wish you a wonderful festive break and a very happy New Year!

Kind regards

Lachlan

 

5th Europol-INTERPOL Cybercrime Conference

The Europol-INTERPOL Cybercrime Conference is a joint initiative launched in 2013. Held annually, it is hosted alternatively by Europol and INTERPOL.  This year, more than 420 participants gathered at Europol’s headquarters in The Hague to attend the 5th annual Europol-INTERPOL Cybercrime Conference.

The central theme of this three day conference, from 27-29 September 2017, was “Actively united for a safer cyber space” and has underlined the importance of law enforcement, private sector, academia, government and NGOs jointly engaging in the fight against cybercriminals.

Expanding on the theme of last year’s conference hosted by INTERPOL in Singapore  – ‘Solutions for Attribution’ – this year’s conference saw 205 participants from different sectors representing more than 185 organisations and 167 law enforcement representatives from 68 countries engaging in fruitful and solution-oriented discussions on a number of cybercrime-related topics.  EAST Executive Director Lachlan Gunn attended the event on behalf of EAST.

More than 50 speakers actively elaborated on the current and new threats and trends in cybercrime , the financial aspects of cybercrime, Internet of Things security and resilience, strategies to combat ransomware, the criminal abuse of encryption and anonymisation, Darknet market sites, access to data and electronic evidence, and DNS abuse.

In the part of the Agenda that focused on the financial aspects of cybercrime cases were presented by both law enforcement agencies and the private sector.  Key topics in this section were new types of logical attack on ATMs and a history of the different types of financial malware.  Threats and trends were also covered which included a threat assessment and current view of the European fraud landscape.

cybercrime

 

EAST assists new EURASEAN Investigative Network On Combating Cyber Fraud

The increasing threat posed by fraudulent payment card activities by organised crime groups has led to the creation of the Investigative Network of Law Enforcement specialists from the European Union and ASEAN countries (EURASEAN). This initiative, led by Europol, is supported by both ASEANAPOL and INTERPOL, with the assistance of EAST representing the private sector.

This network comprises law enforcement officers from EU Member States and 10 ASEAN countries, namely Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam.

This initiative was established during the 4th Payment Card Fraud meeting in Jakarta, Indonesia. This event, which was organised by Europol’s European Cybercrime Centre (EC3) on 19 and 20 July 2017, provided the law enforcement community with a comprehensive overview of payment card fraud issues, such as compromising payment card data, ATM malware and e-Commerce fraud. EAST development Director Rui Carvalho (on the left in the above picture) presented at the event.

The event, which was co-organised with ASEANAPOL and INTERPOL, with the support of the Romanian National Police and the Indonesian National Police (INP) was hosted by the EU Delegation to Indonesia and Brunei Darussalam. A specific action plan concerning further cross-regional cooperation between European and Asian law enforcement was devised, following recent successful operations between the two regions.

EAST has supported all the Strategic Meetings on Payment Card Fraud held in the ASEAN region.

EAST presents at INTERPOL Dialogue

EAST presents at INTERPOL DialogueOn 13th July 2017 Otto de Jong from ING Netherlands and chair of the EAST Expert Group on All Terminal Fraud (EGAF) attended and presented at the INTERPOL event Countering Cyber and Financial Crimes: A High-level Dialogue for a New Governance Architecture in Lyon, France.

Otto de Jong (second from right in the picture) gave an overview of EAST and covered ATM Crime and Card Fraud rising threats from the perspective of the private sector.

Nearly 190 representatives from law enforcement, financial, telecommunications and Internet sectors discussed cyber-enabled fraud issues and recommendations aimed at streamlining the global response in the face of escalating cyber and financial crime threats.

153 detained for ticket fraud following Global Airport Action Days (GAAD)

GAAD control room153 individuals have been detained following the sixth Global Airport Action Days (GAAD) major international law enforcement operation targeting airline fraudsters. The individuals are suspected of flying using airline tickets purchased with stolen, compromised or fake credit card details.

From 6 to 8 June 2017, 64 countries, 84 airlines and eight online travel agencies worked jointly with law enforcement officers to carry out operational actions in 230 airports across the world.

During the operation, 312 suspicious transactions were reported. As a result, 153 people were detained, denied boarding, questioned by police and criminally charged; several investigations are ongoing.

During the actions, new modi operandi were identified as being used by organised crime networks to gain access to transit areas in airports in order to facilitate illegal immigration and drug trafficking.

GAAD checksSince many individuals use credit cards and fake identification documents to facilitate illegal immigration, Europol’s European Migrant Smuggling Centre (EMSC) joined this year’s GAAD to provide better support to EU Member States and partners for fighting human smuggling networks. Europol specialists and analysts equipped with special technical equipment were deployed to several European airports.

Representatives from airlines, online travel agencies, payment card companies, Perseuss, and the International Air Transport Association (IATA), worked together with experts from Europol’s European Cybercrime Centre (EC3) to identify suspicious transactions and provide confirmation to law enforcement officers deployed in the airports.

GAAD was coordinated from operational centres at Europol in the Netherlands, INTERPOL Global Complex for Innovation in Singapore, NCFTA in the U.S., and Ameripol in Bogota. GAAD was also supported by UNODC (AIRCOP for Africa), the Latin American and Caribbean Intelligence Police Community (CLACIP), Canadian and US law enforcement agencies.

Law enforcement is now tackling this international phenomenon on a daily basis in close cooperation with the private sector. This has enhanced trust between all involved parties and will continue to inflict damage to the criminals involved in airline ticket fraud.

For more information visit the Europol website

Message from the Executive Director

Another year is almost over.  On behalf of the Board I would like to thank all those who have worked so hard to provide information, time and resources to help us to meet our targets and objectives.  Some of the highlights are as follows:

EAST National Members - badgeWe held National Member meetings in Stockholm in February (our 38th Meeting co-hosted by Bankomat AB and the Pan-Nordic Card Association), in The Hague in June (our 39th Meeting hosted by Europol) and in Bucharest in October (our 40th Meeting hosted by the Romanian Banking Association – ARB).  In January The Polish Bank Association (ZBP) joined EAST as the new National Member for Poland, taking over from Bank Zachodni WBK.
The EAST Expert Group on ATM Fraud - Logo

The EAST Expert Group on ATM Fraud (EGAF), chaired by Otto de Jong, held three meetings in January, May and September, all hosted by ING in Amsterdam.  EGAF members assisted Europol to translate the co-produced document ‘Guidance & recommendations regarding logical attacks on ATMs’ into German, Italian and Spanish.

The EAST Expert Group on ATM Physical Attacks - LogoThe EAST Expert Group on ATM Physical Attacks (EGAP), chaired by Graham Mott, held two meetings in March and September, both hosted by the LINK Scheme in London.  In February EGAP published a document entitled ‘ATM Physical Security Guidelines’ and in October a document with lists of the Manufacturers of ATM Protective devices.

The EAST Payments Task Force (EPTF), chaired by Rui Carvalho, continues to come together.  EAST has expanded its remit beyond ATMs to include all terminal types and the EAST focus is increasingly moving to Card Not Present (CNP) fraud issues which continue to rise.  A series of teleconferences have been held and the first face-to-face meeting is planned for 2017.

In March EAST supported Europol and represented the private sector at the Second Strategic Meeting on Payment Card Fraud (PCF) in Kuala Lumpur, Malaysia.  I participated in this two day meeting which was co-organised with ASEANAPOL, with the cooperation of INTERPOL and the support of the Romanian National Police and the Royal Malaysian Police.

In May EAST joined forces with the Latin American Association of Operators Electronic Funds Transfer and Information Services (ATEFI) in order to further strengthen cross border cooperation in combating all types of payment crime including payment card fraud, hi-tech crime and ATM cyber and physical attacks.

In June Úna Dillon presented at the 2nd Europol Training Course on Payment Card Fraud Forensics and Investigations, which was held at the National Spanish Police Academy, Ávila, Spain, and at the 37th member meeting of the European Association of Payment Service Providers for Merchants (EPSM), which was held in Dublin, Ireland.

In August Rui Carvalho presented at the SAS Fraud & Security Intelligence Customer Connect event held in the USA at the SAS World Headquarters in Cary, North Carolina.    .

In December I presented on behalf of the private sector at the Third Strategic Meeting on Payment Card Fraud (PCF) organised by Europol in Bangkok, Thailand.  The event was co-organised with ASEANAPOL and INTERPOL with the support of the Romanian National Police and the Royal Thai Police, and was hosted by the Electronic Transactions Development Agency (ETDA), and the Ministry of Digital Economy and Society.

EAST continues to keep abreast of the latest fraud trends and crime information, publishing our European ATM Crime Reports and European Fraud Updates.  Our thanks go out to all the people and organisations that have shared information for the above, and for EAST ATM Fraud Alerts (49 sent out this year to date), and EAST ATM Physical Attack Alerts (3 sent out this year to date).

EAST Associate Members - badgeEAST Associate Membership continues to grow  both numerically and geographically.  We currently have 168 Associate Member organisations from 51 countries and territories. This membership category is open for worldwide application to all Banks, Law Enforcement (free membership available), and other approved ATM Stakeholder organisations

Lastly, registration is now open for our third Financial Crime and Security (FCS) Forum, EAST FCS 2017, which will be held on 8th/9th June 2017 in The Hague.  This event has an exciting new format which will include breakout sessions hosted by both EGAF and EGAP.  As I write early-bird registration discounts are still available.  It would be wonderful to meet you there.

On behalf of EAST, I would like to wish all readers a wonderful festive break and a very happy and fulfilling New Year.

Kind regards

Lachlan

Don’t miss the early registration discount for EAST FCS 2017

EAST FCS 2017

Registration is underway for the EAST Financial Crime & Security 2017 conference (EAST FCS 2017) which takes place at the Grand Hotel Amrâth Kurhaus in Scheveningen, The Hague, Netherlands on 8th / 9th June 2017.

This year the aim is to increase the networking opportunities as well as to provide the most up to date information on ATM security threats, fraud trends, solutions, best practices and the benefits of collaboration with local law enforcement agencies. We will also run several workshops where you can brainstorm together with senior executives from across the globe.

EAST FCS 2015 DelegatesWe have gathered some of the best known and expert speakers from all over the world including from Interpol (Asia), ATEFI (La Asociación Latinoamericana de Operadores de Servicios de Transferencia Electrónica de Fondos e Información   / The Latin American Association of Operators of Electronic Funds Transfer and Information Services), Banorte, U.S. Secret Service, MMA Russia, Citbank plus our esteemed colleagues who chair the EAST Expert Groups on Physical Attacks and Fraud; and many more. A fantastic line-up with plenty of time between sessions to meet with industry peers to discuss shared interests.

Places are limited so be sure to get in before the early bird discount deadline ends on 16th January 2017. To avoid missing out on your place at this prestigious industry event find our registration page here.

If you plan to stay at the venue, be sure to book the hotel during your FCS registration. We have negotiated an excellent rate with the Kurhaus which can be obtained by using the code E16ATM10ST16 under the ‘Group Code’ option on the hotel’s booking page.

This year we have also introduced a networking gala dinner. For only €30 on top of your registration fee, this is a great opportunity to build your network and grow your collection of global contacts. It takes place after Day One, on the evening of 8th June. The hotel promises an excellent dining experience and possibly even a table or two outside, weather permitting!

For relevant solution providers we have a few remaining sponsorship opportunities available. See here for more details on the best ways to reach your target market at this event.

For more overall details on EAST FCS 2017, please see the event’s page on our website.