.jpg)
Transaction Reversal Fraud at ATMs - Update for S1 Currency Dispenser
This communication is an update to the security alert issued on 30 May concerning a series of Transaction Reversal Fraud (TRF) at ATMs in the United States, United Kingdom and Europe. In these attacks, the criminal uses a tool to break the shutter off the ATM which provides access to pull notes from the exposed S2 dispenser cash transport shuttle. The S1 dispenser has not been the main target of these attacks, but in principle similar attack vectors could be applied to S1.
At this time, no new TRF attacks have been reported to NCR Atleos.
We are issuing this update to announce that software changes to detect this class of TRF on the S1 dispenser have now been released. NCR Atleos recommends that ATM deployers treat these software updates as important and apply to ATMs at the earliest update opportunity. Any ATM that does not have this software update is at risk of cash losses due to TRF.
Software update details:
NCR Atleos has made an update to the base XFS platform software for S1. This software change will enable the S1 dispenser to detect this specific class of TRF. Base XFS platform and application software upgrades must both be applied to protect against this attack method.
Application software upgrades have previously been announced and released.
For details on how to obtain this new platform software, and information on application software pre-requisites, please contact your NCR Atleos representative.
Sign up for NCR Atleos Security Updates
As part of our commitment to ATM security, we regularly provide alerts and updates to the market on global ATM security issues and situations.
We issue alerts when:
- We receive reports of new ATM attacks
- We receive reports of modifications to ATM attack methods
- Industry compliance issues require actions by ATM deployers