ATMs vulnerable to frauds since 3 years


On Friday government woke up as 74% of the cash dispensers are processing on outdated software and are prone to fraud and lack basic security features. The automated teller machines (ATMs) run by public sector banks may be easily accessible to frauds as they are running on outdated software by leaving it vulnerable to cyber attacks.The government, however, did not disclose details of such ATMs that were run by private sector lenders. Most ATMs in India Are Easy Targets for Hackers & Malware Attacks.


A question arises on why do people wait for such attacks to happen to bring about a change? A huge number of machines in the country are operated by public sector players, state run-banks control close to 70% of the business, comprising lending and deposits, and the report says, government telling Parliament that close to 89% of the ATMs belong to this category. The development came at a point when several ATM fraud incidents have been reported in different parts of the country. 


Currently, India has over 2 lakh ATMs and approximately 70 per cent of them still run on Windows XP – which Microsoft itself stopped supporting in 2014. Most of the machines are running on Windows XP which cannot run many of the sophisticated security measures, where advanced security programmes cannot be loaded. Banks were going slow in upgrading the systems.


Since years, consumers have been complaining of increase in ATM-related frauds, which last month prompted the Reserve Bank of India to issue a fresh advisory, asking banks to upgrade software in a time-bound manner and carefully monitor compliance. The RBI has asked banks to upgrade the operating systems and beef up security features in Automated Teller Machine (ATM) machines with immediate effect to prevent frauds. Banks have to complete upgrades with the latest operating systems by June 2019. RBI further said, Banks have to submit a Board-approved compliance or an action plan detailing the implementation plan by July 31, 2018. It is surprise to note that,why bank were silent upto this time,when they have dedicated IT and security team in placed ,hasn’t they knew about this fact and what is the bottleneck for this. There are certain banks have created a head that is Fraud budget,when any cyber crime come to their notice,they simply pay to the customer,rather to fight the case and give money to the consultant and legal officers. Another question comes how much money the banks have disbursed against this type of fraud,question remain unanswered.


The government informed Parliament that between July 2017 and June 2018 there were close to 25,000 complaints issued related to debit and credit cards, while the total number of transactions during this period was 861 crore, indicating that the number of frauds were few.