ATM scam
Ross Anderson
Ross.Anderson at cl.cam.ac.uk
Tue, 08 Jun 1999 10:22:21 +0100
> Does anyone have any further information on the technique(s) used?
`Why Cryptosystems Fail' - http://www.cl.cam.ac.uk/ftp/users/rja14/wcf.ps.gz
> The other interesting feature of this incident is that the bank appears
> to be up-front about what has been going on.
Enough people have gone to jail for ATM fraud by now that the old defence
of `our systems are infallible' won't work. Preumably that's why we now
need an electronic commerce bill to give a `rebuttable presumption of
validity' to digital signatures :-)
> Are UK banks' ATMs all of very similar technology and security features
Yes, they have to be to network
> or are some more vulnerable than others
Also yes, since the managers at some banks are vastly less clueful than at
others :-)
Ross