Barclays are taking steps to avoid the threat card skimmers pose with a new trial of a system that allows customers to withdraw money from ATM’s using just their smart-phones.
The cardless withdrawal system is to be a simpler system than the one introduced by RBS four years ago which allowed customers to withdraw up to £130 at a time by typing a special code which had been texted to them by RBS into the ATM. This process is a little long winded for the fast paced lives we all live today.
With the simpler Barclays system, the customer will be able to use their normal PIN in combination with leaving their smart phone handset near to the bank machine, thereby enabling “contactless” near-field communication (NFC) transmission.
This Will Get Simpler Too!
It has been reported that Barclays are working on ways to make contactless cash withdrawal simpler in the future by enabling customers to be able to wave their phone handset near to the cash machine before typing in their PIN, or wave an NFC-enabled card next to the reader (again in combination with a PIN). This would cut down lines at your local ATM!
Why does it need to be Contactless or NFC?
The ability of criminals to use card skimming has been a major motivator in Barclays wanting to find a system that avoids the use of cards in cash withdrawals. Card skimming works by attaching a skimming device and a miniature camera onto an ATM. This is done to steal the details from a card’s magnetic code (from the skimmer) and record the card’s PIN (miniature camera). This enables them to clone a card and to withdraw money with it.
There are other reasons as to why Barclays have moved toward contactless withdrawal, this is to avoid the risk of ‘distraction fraud’. This is where thieves use distraction techniques to observe the PIN being typed and to steal the card, as well as avoiding the risk of entrapment devices. These devices are inserted into the ATM card slot in order to stop the card being returned and to fool the user into typing their PIN in again whereupon it can be recorded by the device. This gives the thief the PIN and the card (when they come back to retrieve the device).
At present, the new Barclays system can only be used with Android phones. This is essentially because Apple limits the use of iPhones’ NFC chips for its own Apple Pay facility and therefore doesn’t allow third-party apps access. Android being less restrictive allows this contactless withdrawal to be possible.
Where Is The Trial Taking Place?
The trial / pilot of the new Barclays smart-phone “contactless cash” service is taking place at 180 branches across the north of England. If the trial is successful the plan is to have a wider rollout (in an as yet unspecified area) by 2017.
What Does This Mean For Your Business?
This shows that along with the introduction of biometrics, banks are now taking serious steps to plug security holes and to get one step ahead of many of the more crude but successful methods that criminals have been using to steal money from individuals and businesses alike.
This kind of trial can therefore only be good news, although the recent theft from the current accounts of 9,000 Tesco Bank customers shows that bank systems still have many vulnerabilities, many of which they may not know about until it is too late.
With advances in technology there will always be criminals who can crack the security or make new devices which can be used to steal peoples details. It’s almost an infinite loop where security advances but so do criminals. The only thing that seems to change is the period of safety when new technologies hit the general public. Maybe one day criminals will be left behind and safety won’t be an issue anymore.