Share this
by Admin
Transaction Reversal Fraud (TRF) is a method of obtaining cash from an ATM without the account used to initiate the transaction being debited. This is typically accomplished by the criminal inducing a fault at the ATM during the cash dispense operation such that the host application software logic will reverse the transaction (i.e. not debit the account), although the ATM will dispense the cash and the criminal will remove it from the ATM.
Criminals will typically use anonymous accounts for this fraud to avoid detection, often using prepaid cards or stolen or skimmed cards. This particular form of TRF has been reported in the United Kingdom, Ukraine, and Canada to date. The typical ATM models attacked are Through-The-Wall (TTW) ATMs.
The M.O. in the recent reports uses a technique that causes a fault at the ATM card reader during the cash dispense transaction. A card and PIN are correctly entered into the ATM, and a cash withdrawal is requested. While the transaction is being authorized at the host, the ATM will pre-position the bills behind the dispenser shutter, ready to dispense. The card is ejected, and rather than take the card as per a normal transaction, the criminal leaves the card in the slot.
The ATM transaction will timeout, and the card reader will attempt to capture the card. At this point, the criminal will hold onto the card preventing it from being captured. This results in the ATM reporting a card jam, and because no cash has been dispensed, the host software will reverse the transaction. Now the criminal will force open the dispenser shutter and remove the cash before the ATM has an opportunity to put the cash into the dispenser reject bin.
Get in touch with our experts >
FTSI has over 25 years of experience in financial institution security. We are available to discuss your strategy and help you overcome roadblocks.
If you want to better protect your financial institution from TRF attacks, contact solutions@ftsius.com today.