Journal of Computer Science Applications and
Information Technology

Automated Teller Machine (ATM) card is one of the most important ways of transactions. Its main rule is to develop the concept of “Anytime Anywhere Anyplace” banking. It has given the opportunity to access cash and other financial information very easy and trust worthy to the consumers. But in recent time there have been proliferation of ATM fraud in the country and across the globe. ATM card is one of the biggest threats to business establishments today and it resulting in the loss of billions of dollars. The study in this paper carried out an empirical research to analyze the cases of ATM usage and fraud occurrences within some financial organization in Bangladesh. The research identifies the common ATM frauds, when, where and how these frauds are perpetuated and then offers security recommendation that should be adhered for both the banks as financial institutions and the ATM users in order to eliminate or reduce its impacts.

Keywords: ATM Frauds; Fraudulent transactions; Card skimming; ATM forgery; ATM security;

An Automated Teller Machine (ATM) is a computing device that provides the users of a financial organization to perform financial transactions automatically. Using an ATM, customers can access their bank accounts in order to make cash withdrawals, cash advances, transferring funds between accounts, and check their account balances. The main services that are offered by the ATMs are listed in Table-1. Unfortunately, now-a-days it has an evil side that is a global problem, known “ATM frauds” [1]. The banking sector is struggling to reduce this problem. Different categories of ATM frauds have been mentioned in table-2 [2].

In recent years an ATM card is an easiest method of payment. So most of the fraudulent transactions attempted on legitimate ATM card. The ATM card frauds not only cause financial loss to banks but they also undermine customers’ confidence in the use of ATMs. So it is needed to take necessary actions that give greater protection to the ATMs, particularly in those areas that are less secure.

In online banking, ATM service is one of the most important services. Presently ATM industry of Bangladesh has seen explosive growth and most of the fifty-plus banks have already implemented ATM service in order to facilitate cash withdrawal, balance enquiry, balance transfer, and other services. So in recent time the numbers of ATM of the bank are increasing every day, every week and every month. In Bangladesh 9019 ATMs are installed at the end of December 2016. Most of the ATMs are installed in the divisional cities and district-level town. Around 44% ATMs are installed in Dhaka City. A very few ATMs are being operated in rural areas, less than 4.84%. It is mentionable that Dutch Bangla Bank Limited (DBBL) has first transformed the concept of ATM banking. So 46% of ATMs is set up by Dutch Bangla Bank Limited (DBBL) alone. Among 9019 ATMs, 95.54% are setup by Private Commercial Banks, 1.48% by State-Owned Commercial Banks, 0.26% by Specialized Banks and rest of the 2.58% by Foreign Commercial Banks [3]. The increasing level of ATM in Bangladesh per year is given in table 3 [Table 1,2; Figure 1,2; Table-3] [4].

In 1999 the total volume of transactions through ATM is recorded Tk .0.70 billion. In 2001 it’s growing moderately and recording a transaction of Tk.2.11 billion. Since 2001 a significant increase is shown in transactions through ATM. At the end of 2006 ATM is observed showing a transaction volume of TK. 37.19 billion. According to Bangladesh Bank the total volume of transaction through ATMs across Bangladesh was around Tk. 939.1 billion in 2016. It increases rapidly for the huge set up of ATMs by DBBL. In Bangladesh debit card and credit card both are used for ATM transactions. Debit card was introduced by Nationalized Commercial Bank (NCB) in 1999 and the number of customers stood at 2,014. Similarly, Credit Card came into Bangladesh’s market in 1997 through one PCB and one FCB; and the total number of customers stood at 1,607 by the end of 1998. Up to November, 2016, total number of plastic cards was recorded at 1, 08, and 028 [3]. The volumes of ATM transactions are summarized in figure-2.

ATM card fraud has become a serious problem throughout the world also Bangladesh. Companies and institutions loose huge amounts annually due to ATM card fraud. There are many ways in which fraudsters execute an ATM card fraud. The different types of methods for committing ATM card frauds are described in the following sub-sections [5,6].

(i) Lost or stolen card: A card can be lost or someone can steal the card for criminal purposes. This type of fraud is the easiest way for a fraudster.

(ii) Account Takeover: This type of fraud occurs when a fraudster obtains a valid customers’ personal information illegally. The fraudster takes control of (takeover) a legitimate account by either providing the customer’s account number or the card number.

(iii) Tampering magnetic strip: A fraudster can tamper an existing card that has been acquired illegally by erasing the metallic strip with a powerful electro-magnet. The fraudster then tampers with the details on the card so that they match the details of a valid card, which they may have attained.

(iv) Fake card: A fraudster can create a fake card from scratch using sophisticated machines. People use fake ATM cards and withdraw money from ATM booth. Recently some banks of Bangladesh are affected by card fraud. Investigation proved that, these fraudulent activities were done through skimming in several ATM’s.

(v) Altering card details: A fraudster can alter cards by either re-embossing them by applying heat and pressure to the information originally embossed on the card by a legitimate card manufacturer or by re-encoding them using computer software that encodes the magnetic stripe data on the card.

(vi) Skimming: Most cases of counterfeit fraud involve skimming, a process where genuine data on a card’s magnetic stripe is electronically copied onto another.

(vii) White plastic: A white plastic is a card-size piece of plastic of any color that a fraudster creates and encodes with legitimate magnetic stripe data for illegal transactions.

• In June 2012, a credit card scam involving over TK 10 crore was detected at the United Commercial Bank Limited (UCB) [7].

• In 2013, another high-profile ATM forgery committed by IT officials and their associates at Mutual Trust Bank (MTB), was valued at BDT 20 million [8].

• Recent from EBL (Eastern Bank Limited) money was withdrawn from ATM booth by using fake card. The compensation amount of Tk 17.53 lakh [9].

• The largest heist of recent times was perpetrated by an international group of organized European fraudsters in February 2016 [8].

• In May 2016, further ATM frauds were recorded. Reportedly having committed 20 card skimming acts at a single Prime Bank ATM [7]. [Table-4]

As number the number of ATM card transactions increase rapidly, the ATM forgeries are also increasing. Different Banks of Bangladesh are affected by this ATM forgery. They lost huge amount almost every year [8]. The ATM forgeries of different banks in Bangladesh and their lost amount are shown in table-4.

In Bangladesh the scenarios are that ATM card fraud is increasing effectively and to reduce this problem is the main challenge now. If we want to reduce ATM scams it is important first to understand the mechanisms of executing a fraud. Credit card fraudsters employ a large number of methods to commit fraud. The various methods to commit ATM scams are described in the following sub-sections and shown in figure-3 [1,5,8].

(i) Many cardholders lost their money, because of hidden cameras and other devices. Forgers set up cameras above ATM machines to record the client’s information and a Near Field Communication (NFC) device on the booths’ doors to copy the cardholders’ information. They then put the information into new cards with magnetic blank strips, using these devices that can read and write cards.

(ii) Fraudsters start with attaining knowledge of the local banking sector. Then informed technical accomplices and procuring hi-tech equipment. Using fake IDs, the fraudsters then enter ATMs as banking technicians and install skimming devices in the form of magnetic stripes around the card slot; this copies card information onto the device.

(iii) The PIN is swindled off using illegally installed cameras in the ATM booth, pointing at the PIN-pad. Sometimes a PINoverlay copies the PIN. They use the information to clone other ATM cards. Then cloned cards are used to withdraw money in a client’s name.

(iv) Using fake ID cards the fraudsters enter ATM booths of different banks and introducing themselves as IT experts and maintenance engineers of the banks. In the name of security upgrade, they told the clients to swipe their cards in the NFC devices, mounted on the doors. When the cardholders did so, the fraudsters got their all the information they needed. Then using duplicate cards, they withdrew money from ATM booths.

The scams at ATM booths have a severely negative effect. It has not only the financial effect but also has other effects such as product losses, fines, loss of reputation, etc. Bangladesh Bank (BB) statistics show that in the month of February, up until February 15, transactions valued at BDT 2.53 billion were recorded. However, until February 13, the value stood at BDT 2.38 billion. With a usual daily average of BDT 181 million, withdrawals on February 14 saw only BDT 46 million taking a few days to increase to the average figure [1-8]. So to reduce the impact of scams it must be need to minimize ATM card fraud rapidly. [Figure 3]

As the number of ATM fraud is increased, the Bangladesh Bank (BB) has issued strict guidance to all banks to remain alert and implement more contemporary security systems. The following security systems are suggested to reduce ATM card frauds for financial organizations in Bangladesh.

(i) Set up CCTV camera: Bangladesh Bank suggests all the banks to set up a CCTV camera inside the ATM booths. So that if any scam occurs than from the CCTV footage fraudster can be easily detected.

(ii) PIN-shields: To protect from skimming incidents, Banks have a few contemporary measures such as PIN-shields. It can hide the PIN entry.

(iii) Anti-skimming device: Installation of anti-skimming device in every ATM can protect against skimming incidents.

(iv) Adopt EMV chip cards: Banks can also adopt EMV chip cards. These create a unique transaction code upon each transaction, which magnetic stripe cards do not.

(v) Payment Card Industry Data Security Standard (PCIDSS): Bangladesh Bank has also directed all banks to be certified by Payment Card Industry Data Security Standard (PCIDSS). It is an information security standard maintained by banks that extend branded ATM card facilities.

Lack of proper IT knowledge and literacy of customer is another problem in ATM transaction. To aware customers about operation and security is also a great challenge. The problem is more in the rural areas. Frauds are also increasing due to the lack of proper knowledge of the customers. So customer also needs awareness at the time of using ATM. On a customer level, below are safety tips to minimize the risk of ATM or credit/debit card fraud [10].

√ Using a familiar or a particular ATM regularly.
√ Not forcing cards in
√ Only inserting cards when the ATM asks.
√ If you see something unfamiliar or non-standard, immediately stop and ask a banker.
√ Covering up at the time of PIN entry to prevent hidden camera.
√ When inserting the card, wiggle it slightly; this disrupts the reading capability of the skimmer.
√ Inspecting the ATM card slot for scratches, marks, adhesives or tape residues which indicate tampering.
√ Checking balance frequently through receipts and Check bank statements regularly.
√ Not accepting external assistance and avoid use of ATM if people are hanging around and observing you.
√ Not leaving if ATM Card is stuck in ATM machine.

The technology of ATM keep developing and ATM card frauds is also improving. But the banks are not providing sufficient measures of control to avoid fraud at ATM. In the face of this threat, the banks are providing little effort which is not proportional to rate of fraudsters that are working to defraud customers. The security measures adopted by some banks are less significant and allowing fraud at ATM. As a result one of the main challenges in banking sector of Bangladesh is fraud prevention and detection. From the study, considering the nature of the frauds, the following strong security systems in ATM card has been recommended.

a) Scheduled and regularly physical checks of ATMs by technicians
b) A strong fraud detection system that senses and sends alert.
c) The use of software/behavioral analytics that recognize anomalous behavior for the cardholder or a terminal.
d) Ensure that ATM networks are secure.
e) Strong security system in ATM card else it cannot be skimmed.
f) Customer more awareness.

Now-a-days, people want to use IT based banking facilities and the banking system of Bangladesh improve day by day like other developed countries. ATM service is the most popular service in banking system. The ATM card transactions in Bangladesh have recorded a continuous growth over the period of time, and people have realizes the convenience in using the ATM card. But ATM card fraud has become a serious problem throughout the world also Bangladesh. Companies and institutions loose huge amounts annually due to ATM card fraud. There are many ways in which fraudsters execute an ATM card fraud, such as, Lost or stolen card, Account Takeover, Tampering or Altering Card Details, Fake card, Skimming etc. Though the technology of ATM keep developing as well as ATM card frauds is also improving, the banks are trying to provide sufficient measures of control to avoid fraud at ATM. This study gives some security suggestions reduce ATM card frauds for financial organizations. So the banking sector of Bangladesh should use this new technology to minimize ATM card fraud and to keep safe the ATM services in the e-Banking portfolio.

The authors would like to express their sincere thanks to all the supporting stuffs of financial organizations in Bangladesh; and the colleagues and students Computer Science and Engineering department of Jatiya Kabi Kazi Nazrul Islam University, Trishal, Mymensingh, Bangkadesh.

1. Adepoju SA, Enagi MA. Challenges of Automated Teller Machine (ATM) Usage and Fraud Occurrences in Nigeria–A Case Study of Selected Banks in Minna Metropolis. Journal of Internet Banking and Commerce. 2010;15(2).
2. Shaikh AA, Shah SM. Auto Teller Machine (ATM) Fraud – Case Study of a Commercial Bank in Pakistan. International Journal of Business and Management. 2012;7(22).
3. Rahman Alam M. Adoption Of ATM Banking In Bangladesh: An Analysis of Current Status, Problems and Challenges including Probable Remedies. Fintech-Technology Business Innovation. 2017.
4. Bangladesh Bank. Central Bank of Bangladesh. Available from:   https://www.bb.org.bd/pub/publictn.php/   and https://www.statista.com/statistics/672970/automated-teller-machines-bangladesh/
5. Bank Business and Finance Article. Current scenarios of debit and credit cards forgery in Bangladesh: Forgery technologies and prevention techniques. 2015. Available from: http://majorstudy.blogspot.com/2015/09/current-scenarios-of-debit-and-credit.html
6. Bhatla TP, Prabhu V, Dua A. Understanding credit card frauds. Cards Business Review:2003–01. 2003.
7. Rahman S. ATM Frauds Rattle Banks, Customers. The Daily Star. 2016. Available from: http://www.thedailystar.net/business/atm-frauds-rattle-banks-customers-510868
8. Sarwar A.  Recent ATM Scams in Bangladesh. ULAB. 2016.
9. The Daily Star Article. EBL to compensate ATM fraud victims. 2016. Available from: http://www.thedailystar.net/country/ebl-compensate-atm-fraud-victims-573763
10. Almeida NJ. ATM fraud. Dawn Magazine. 2016.  Available from: https://www.dawn.com/news/1270939
Bibliography
11. Mahmood S. ATM service in Bangladesh. 2016. Available from: https://www.slideshare.net/Sultan-mahmood/atm-service-in-bangladesh-61666415
12. Rahman M, Saha NK, Sarker NI, Sultana A, Shafiullah Prodhan AZM. “Problems and Prospects of Electronic Banking in Bangladesh: A Case Study on Dutch-Bangla Bank Limited. American Journal of Operations Management and Information Systems. 2017;2(1):42-53.
13. Mahmud B, Islam MM, Naher K. Empirical Study of the Use of Automated Teller Machine (ATM) among Bank Customers in Dhaka City, Bangladesh. European Journal of Business and Management; 2015;7(1).
14. Karim SS. Cyber-crime Scenario in Banking Sector of Bangladesh: An overview. THE COST AND MANAGEMENT. 2016;44(2).
15. Kabir ME, Islam MB, Inam MT. Uniform Payment System for Banking Industries: A Case Study in Bangladesh. International Journal of Computer and Electronics Research. 2013;2(2).
16. Islam MS. Security Measures of Banking Activities:  A Case Study on The City Bank Limited.  BRAC University Institutional Repositor. 2015.
17. Hossain MM, Bari MR. Understanding of ATM (Automated Teller Machine) in Bangladesh. BSc Thesis, Dept of Computer Science and Engineering. 2006.
18. Kitten T. 10 Tips to Improve ATM Security. 2010. Available from: https://www.bankinfosecurity.com/10-tips-to-improve-atm-security-a-2852