Terminal Fraud Update – EAST FCS Seminars 2019

Terminal Fraud

Act now to save your place for the Terminal Fraud Seminar that will be held by the EAST Expert Group on All Terminal Fraud (EGAF) on 9th October 2019.

SESSION FOCUS – LOGICAL SECURITY UPDATE

This session will focus on logical attacks against ATMs. These can be split into two types – black box attacks and malware attacks.

Terminal FraudEAST EGAF Chair, Otto de Jong of ING Bank, will first present on black box attacks. These are a type of jackpotting attack. The criminals connect an unauthorised device (or black box) which sends dispense commands directly to the ATM cash dispenser in order to ‘Cash-Out’ the ATM. He will cover the latest developments for this type of attack methodology.

Terminal FraudThen Terence Devereux of Diebold Nixdorf will present an update on malware attacks. For these attacks the criminals use unauthorised software, or authorised software run in an unauthorised manner, on the ATM’s PC. These attacks are focussed on either jackpotting (most common), or card skimming, as follows:

  • Jackpotting: Targets control of the cash dispense function in order to ‘cash-out’ the ATM
  • Man-In-The-Middle (MitM): Targets communication between the ATM’s PC and the acquirer host system in order to falsify host responses and dispense cash without debiting the criminal’s account
  • SW-Skimming: Targets card and PIN data in order to create counterfeit cards for subsequent fraudulent transactions

This interactive event follows the basic structure of EAST EGAF Member meetings. Attendance at EAST EGAF meetings is limited, as it is a working group, and this event enables a wider participation and the opportunity for all attendees to engage with the Group and its organizers.

Terminal Fraud

The EAST FCS Seminars will be co-located with RBR’s ATM & Cyber Security 2019 event, although separate registration is required.


2019 EAST FCS ATM Physical Attack Seminar Sponsors

 

 

 

 

Additional sponsorship opportunities are still available

EAST presents at Mastercard Global Risk Leadership Conference

Otto de Jong from ING Netherlands and chair of the EAST Expert Group on All Terminal Fraud (EGAF) attended and presented at the ‘MasterCard Global Risk Leadership Conference – Europe’ in Albufeira, Portugal.  The focus of the event was the sharing of knowledge and best practices on key payment security issues, vulnerabilities, and innovative techniques to mitigate fraud.

On 26 September Otto de Jong (second from right in picture), together with representatives from MasterCard and MacAfee, gave a presentation on Cybersecurity Research Leadership and Cyber Attack Methods.  In his talk he gave an overview of EAST and covered rising card fraud threats from the perspective of the industry (ATM and POS terminal).

The Conference, which ran from 25 to 28 September 2017, was attended by stakeholders from the card payments industry in Europe (Issuers , Acquirers and Vendors).

EAST presents at INTERPOL Dialogue

EAST presents at INTERPOL DialogueOn 13th July 2017 Otto de Jong from ING Netherlands and chair of the EAST Expert Group on All Terminal Fraud (EGAF) attended and presented at the INTERPOL event Countering Cyber and Financial Crimes: A High-level Dialogue for a New Governance Architecture in Lyon, France.

Otto de Jong (second from right in the picture) gave an overview of EAST and covered ATM Crime and Card Fraud rising threats from the perspective of the private sector.

Nearly 190 representatives from law enforcement, financial, telecommunications and Internet sectors discussed cyber-enabled fraud issues and recommendations aimed at streamlining the global response in the face of escalating cyber and financial crime threats.

3rd EAST FCS Forum – the most successful yet!

EAST FCS ForumThe sun has set on another successful EAST Financial Crime & Security (FCS) Forum which was held for the second time at the Grand Hotel Amrâth Kurhaus, in Scheveningen, The Hague. Feedback from delegates has been hugely positive.  This year marked a new format which included plenary sessions covering expert information from global regions: Asia-Pacific (ASEAN), Latin America, USA, Russia and Europe. 19 expert speakers travelled from 14 countries around the world to share their knowledge of ATM crime prevention.

In addition an afternoon of breakout sessions was held covering topics related to ATM and payment terminal fraud, and to ATM physical attacks.

Networking opportunities were abundant – a welcome cocktail the evening before the event, ensured all delegates were comfortable to kick off the Forum having met with their peers in a relaxed environment. Exhibitors enjoyed increased traffic through the exhibition hall, giving demos to attendees during coffee breaks, lunch and demonstration sessions.

 

Day One of the EAST FCS Forum opened with keynote speaker Steven Wilson, Head of the Europol Cyber Crime Centre (EC3) who spoke about the multi-faceted approach to countering cybercrime and the success of public private partnerships, especially the cooperation between EC3, non-EU States and EAST members.

Lachlan Gunn, Executive Director EAST, provided relevant statistics from the EAST European ATM Crime Report. He also announced a name change for EAST which is now the European Association for Secure Transactions. A milestone for EAST which has mainly focused on issues facing the ATM industry thus far, but which will now look at all threats against payment terminals (ATM, SST and POS), as well the security of payments and transactions.

Lachlan was followed by presenters from ASEANAPOL, the US Secret Service, the Russian Mastercard Members Association, and from the Latin American Association of Operators Electronic Funds Transfer and Information Services (ATEFI), who all gave the audience the most current information on activity in their regions.

In the afternoon breakout sessions Otto de Jong, EAST EGAF Chair, led discussions which covered R&D by fraudsters on EMV and old school ATM Fraud, and Graham Mott, EAST EGAP Chair, facilitated discussions on banknote degradation, physical attack types and countermeasures and traditional attacks.

The day closed out nicely with a BBQ by the beach!

Day Two kicked off with Group-IB providing an overview on the evolution of logical attacks on financial institutions. This was followed by a case study on Black Box attacks from NCR Czech Republic and an update from ING Netherlands on the evolution of gas and solid explosive attacks. There was a case study on countering such explosive attacks from the UK’s West Midlands Regional Organised Crime Unit, and the final talk of the day came from Rui Carvalho, Development Director EAST, who is building the EAST Payments Task Force and provided an overview on current and future activities for EAST.

In her closing address, conference Chairman Úna Dillon, Development Director of EAST, summarised the two-day conference by noting the importance of cross-border public-private sector cooperation in the fight against financial crime – stressing the need for private sector industry stakeholders to collaborate with law-enforcement agencies. She added that whilst EAST delivered the conference, the people charged with building the event are also deeply involved in the collaborative work already going on. Their ‘on-the-ground’ involvement means the EAST FCS Forum agenda will always be relevant and current.

This 3rd EAST FCS Forum has proven to be a successful platform in bringing together the perfect mix of banking representatives, security experts, law enforcement, payments associations, government agencies and many other stakeholders in the ATM and payment crime prevention sector  –  the dialogue and learning from  across Europe, the USA, Latin America, Russia and Asia-Pacific will no doubt help all participants to better detect and prevent current and future financial crime threats.

The event could not have taken place without the support of sponsors, exhibitors, speakers and delegates. EAST hugely appreciates the participation of all who took part and thanks everyone for their contribution to making the event a success.

Overall sponsor of the EAST FCS Forum 2017 was 3SI Security Systems.

Other sponsors and exhibitors included, the ATM Security Association, ACG, BVK, GMV, MIB, Startech Ltd. and TMD Security.

EAST EGAF holds 12th Meeting

The EAST Expert Group on ATM FraudThe Twelfth Meeting of the EAST Expert Group on ATM Fraud (EAST EGAF) took place on Wednesday 18th January 2017 at ING Domestic Bank in Amsterdam.

EAST EGAF is a regional expert group that focuses on regional and global ATM crime and fraud related issues, threats and counter-measures.

The meeting was chaired by Mr Otto de Jong and was attended by key representatives from ATM Deployers, ATM Networks, ATM Vendors, Security Equipment and Software Vendors, Law Enforcement and Forensic Analysts.

The Group, which meets three times a year in advance of each of the meetings of EAST National Members, enables in-depth and technical discussion to take place on ATM Skimming, ATM Card Trapping, ATM Cash Trapping, ATM Reversal Fraud and ATM Logical Fraud.

The focus of the Group is on topics and issues raised by EAST National Members, which represent 34 countries with a total deployment of 1,332,228 ATMs. Outputs from the group are presented to all meetings of EAST National Members.

In addition EAST EGAF generates EAST ATM Fraud Alerts for all EAST Members (National and Associate). In total 127 EAST ATM Fraud Alerts have been issued, 3 to date in 2017.

EAST Expert Group on ATM Fraud holds 11th Meeting

The EAST Expert Group on ATM Fraud - LogoThe Eleventh Meeting of the EAST Expert Group on ATM Fraud (EAST EGAF) took place on Wednesday 28th September 2016 at ING Domestic Bank in Amsterdam.

EAST EGAF is a regional expert group that focuses on regional and global ATM crime and fraud related issues, threats and counter-measures.

The meeting was chaired by Mr Otto de Jong and was attended by key representatives from ATM Deployers, ATM Networks, ATM Vendors, Security Equipment Vendors, Law Enforcement and Forensic Analysts.

EAST EGAF, which meets three times a year in advance of each of the meetings of EAST National Members, enables in-depth and technical discussion to take place on ATM Skimming, ATM Card Trapping, ATM Cash Trapping, ATM Reversal Fraud and ATM Logical Fraud.

The focus of EAST EGAF is on topics and issues raised by EAST National Members, which represent 34 countries with a total deployment of 1,332,228 ATMs. Outputs from the group are presented to all meetings of EAST National Members.

In addition EAST EGAF generates EAST ATM Fraud Alerts for all EAST Members (National and Associate). In total 115 EAST ATM Fraud Alerts have been issued, 40 to date in 2016.

EAST Expert Group on ATM Fraud holds 10th Meeting

The EAST Expert Group on ATM Fraud - LogoThe Tenth Meeting of the EAST Expert Group on ATM Fraud (EAST EGAF) took place on Wednesday 11th May 2016 at ING Domestic Bank in Amsterdam.

EAST EGAF is a regional expert group that focuses on regional and global ATM crime and fraud related issues, threats and counter-measures.

The meeting was chaired by Mr Otto de Jong and was attended by key representatives from ATM Deployers, ATM Networks, ATM Vendors, Security Equipment Vendors, Law Enforcement and Forensic Analysts.

EAST EGAF, which meets three times a year in advance of each of the meetings of EAST National Members, enables in-depth and technical discussion to take place on ATM Skimming, ATM Card Trapping, ATM Cash Trapping, ATM Reversal Fraud and ATM Logical Fraud.

The focus of EAST EGAF is on topics and issues raised by EAST National Members, which represent 34 countries with a total deployment of 1,332,228 ATMs. Outputs from the group are presented to all meetings of EAST National Members.

In addition EAST EGAF generates EAST ATM Fraud Alerts for all EAST Members (National and Associate). In total 93 EAST ATM Fraud Alerts have been issued, 18 to date in 2016.