Automated teller machines, also known as ATMs, were created in 1984 to allow an alternative for those who wanted to be able to purchase things without carrying cash. Fred J. Gentile and Jack Wu Chang, the inventors of the ATM, envisioned that a person could make a transaction or a purchase through the use of a single, personalized ATM card, thus avoiding the need to exchange cash or write a check. For the cards to be personalized, they needed to be connected to the person’s accounts. This means that all of a person’s accounts, whether checking or savings, as well as credit cards and debit cards, could be accessed with an ATM card individualized for that person.
ATM cards can be processed in three ways: (1) by electronic funds transfer at point of sale (EFTPOS), also known as a personal identification number (PIN); (2) by off-line debit, also known as signature debit; and (3) by the electronic purse card system. Each of these functions so that the ATM card can be used in a variety of ways to make payments and fulfill other banking functions. Most of the cards issued today are owned by the brands Visa and MasterCard. Through ATM cards, these companies guarantee payment without the consumer having to write a check or use cash, while charging licensing fees to the issuing banks. Overall, the purpose of ATMs is to streamline a person’s use of his or her funds without having to keep physical money on them at all times.
The creation of ATM cards has made transactions easier for consumers and banks. However, with this luxury comes a pitfall—security risks. A person’s account information, and any other personal information linked with that account, are at risk of being breached every time the person uses the ATM card. For example, there are several potential issues with the electronic system supporting ATM cards, chiefly the ability of criminals with a modicum of computer savvy to “hack” them and steal from the cardholder. However, there are a variety of security policies to protect consumers’ accounts and money. Such policies include maximum and minimum size purchases. For example, if a cardholder’s maximum purchase per item is $1,000 and the cardholder’s spending limit for a day is $3,000, then any amount exceeding these limits alerts the bank to possible fraudulent spending.
An associated problem is that if a person’s ATM card is stolen or breached, remedying the situation can take time:
Sometimes, due to the company’s policies, it could take up to 3 to 4 weeks to get a new card in the mail to replace the old one; unless the cardholder pays an expediting fee to receive the card sooner However, often, if purchases were made with a stolen card or breached account, the amount of the purchases will be reimbursed to the cardholder.
Large-scale security breaches of consumers’ private accounts and personal information has brought the issue of ATM card security to the forefront. One such security breach is that at U.S. retailer Target in 2013. In December 2013, there was a data breach in Target’s system that held ATM card information of approximately 110 million customers.
The Target attackers gained access not only to card numbers, but also card expiration dates, CVV codes, and cardholders’ names. As a result, they could use the stolen information to make fraudulent purchases via phone or online as well as to create working counterfeit credit cards. ( Yang & Jayakumar, 2015 )
Not only did the hackers receive consumers’ card information, but they received personal information tied to those card numbers, such as consumers’ addresses and phone numbers.
Since ATM cards were created, this has been a problem, as every time a card is swiped for a purchase or other transaction, its associated information is transferred and stored in the receiving company’s system. This can be problematic if these issuing and receiving companies, as well as consumers themselves, do not take measures to protect consumers’ information. Some of these measures are ATM card companies’ issuing cards with updated security chips that require a more secure card reader, cardholders’ monitoring their spending and their bills closely and imposing any limits that they deem fit, and business-to-consumer companies’ spending more resources on security and protection for their customers.
R. Bruce Anderson and Meagan Hebel
See also Information Security ; Online Shopping
Lambert, M. “History of Debit Cards: How Debit Cards Changed the Way We Bank.” Bright Hub. N.p., 6 July 2011. Web. 03 Jan. 2015.
Consumer Financial Protection Bureau. “Someone Took Money from My Account without My Permission. What Can I Do?” N.p., 23 Dec. 2013. Web. 03 Jan. 2015.
Publications. “Cards, Cards and More Cards: The Evolution to Prepaid Cards.” N.p., n.d. Web. 03 Jan. 2015.
Yang, Jia, and Amrita Jayakumar. “Target Says up to 70 Million More Customers Were Hit by December Data Breach.” Washington Post. The Washington Post, 10 Jan. 2014. Web. 03 Jan. 2015.