HEADS UP!! – ATM Transaction Reversal Fraud in the UK

by chebbi abir

NCR has been made aware of a new method of Transaction Reversal Fraud (TRF) currently being executed in the UK.

Transaction Reversal Fraud (TRF) is the term applied the class of criminal techniques which have the goal of causing the transaction host to fail to debit the account, while allowing the criminal to extract all, or some, of the requested cash amount. TRF is typically done by inducing a fault on the ATM, and often exploits the error reporting flow between the different software layers in an ATM environment (i.e. firmware, drivers, application, terminal handler).

This method involves manipulation of the S1 currency dispenser to induce a fault which is then reversed by the transaction host. This action allows the criminal to withdraw funds, without a corresponding debit being made to the account linked to the withdrawal. Criminals are reported to be using multiple different cards to perpetrate the fraud, with Bank Identification Numbers (BINs) corresponding to issuers in Russia and Ukraine. The crimes are typically occurring between 10pm and midnight.

A bank identification number (BIN) is the initial four to six numbers that appear on the card. The bank identification number uniquely identifies the institution issuing the card. The BIN can also be known as the Issuer Identification Number, IIN.

Note that this method of TRF does not require any interaction with the card reader or use of modified cards.

NCR will be releasing an update to the Service Provider in APTRA XFS that should be deployed by customers to address this fraud. This update is planned for the week of 14 November and will be available to all customers under APTRA XFS software maintenance from your NCR representative


To read the original article:



Interdit de copier  ce contenu