I just copied this off wiki;
Automatic Teller Machine (ATM) Fraud
To use an ATM has always required the use of a PIN. There have been many very sophisticated methods devised to obtain this information plus the information on the magnetic strip, including dummy ATMs. The universal introduction of Chip and PIN means there will be far more opportunity for PINs to be compromised as PINs will need to be entered in relatively insecure locations (for example, at supermarket counters). The major banks in the UK are seriously concerned that ATM fraud will increase as a result of PINs being compromised at point of sale.
In general the chip prevents counterfeit fraud. However, ATMs can still be vulnerable as the chip can effectively be disabled. The magnetic stripe contains a service code which tells the ATM what type of card it is. For instance, 101 identifies it is magnetic stripe, whilst 201 means it is a chip card. Also, on the chip there is a similar flag which tells the ATM whether it should read from the magnetic stripe or the chip. Further, if the chip malfunctions for some reason then many ATMs will default to using the magnetic stripe. Any fraud detection system must detect the status of the card to determine if there has been a failure of the chip. Many ATM used overseas continue to use the magnetic strip.
Can anyone shed any light on to this subject?  |