Kaspersky Lab reveal how criminals could exploit biometric ATM authentication
Researchers at Kaspersky Lab have investigated how cybercriminals could exploit new biometric ATM authentication technologies to steal the fingerprint data of banking customers.
While many financial organizations consider these emerging biometric-based ATM solutions to improve security over current authentication methods, cybercriminals can potentially use biometrics to steal sensitive information.
In its investigation into these underground cybercrime practices, Kaspersky Lab researchers found that there are already at least 12 sellers offering skimmers capable of stealing victims’ fingerprints.
At least three of these underground sellers are currently researching devices that could illegally obtain data from palm vein and iris recognition systems.
The first wave of biometric skimmers was observed in “presale testing” in September 2015, in which the developers of these skimmers discovered several bugs.
Developers found that the main issue related to the use of GSM modules for biometric data transfer, which were too slow to transfer the large volume of data obtained.
As a result, new versions of the biometric skimmers will use different, faster data transfer technologies.
“The problem with biometrics is that unlike passwords or pin codes, which can be easily modified in the event of compromise, it is impossible to change your fingerprint or iris image,” said Olga Kochetova, security expert, Kaspersky Lab. “Thus, if your data is compromised once, it won’t be safe to use that authentication method again.
“That is why it is extremely important to keep such data secure and transmit it in a secure way. Biometric data is also recorded in modern passports – called e-passports – and visas. So, if an attacker steals an e-passport, they don’t just possess the document, but also that person’s biometric data. They have stolen a person’s identity.”
There have also been ongoing discussions in underground communities regarding the development of mobile applications in which attackers exploit the victim’s photo posted on social media and use it to dupe a facial recognition system.
In addition to these biometric ATM theft tools, Kaspersky Lab researchers reveal that hackers will continue to perform malware-based attacks, blackbox attacks and network attacks to compromise data that can later be used to steal money from banks and its customers.
Securelist.com offers a full threat overview report regarding upcoming cyberthreats to cash machines and safety tactics that can be deployed to protect banks from these threats.
Additionally, there are a number of videos demonstrating the various attack vectors against ATMs.
Previously reported, WISeKey International Holding Ltd released WISeID 6, an updated edition of its personal data and identity protection application that is now integrated with BlockChain technology.
Article Topics
ATM | banking | biometric authentication | biometrics | fraud prevention | Kaspersky Lab | security
Comments
23 Replies to “Kaspersky Lab reveal how criminals could exploit biometric ATM authentication”
Leave a Reply
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication https://t.co/vXHpAULDdM
Kaspersky Lab reveal how criminals could exploit #biometric ATM #authentication https://t.co/6XhNfmNDib
RT @BiometricUpdate: Kaspersky Lab reveal how criminals could exploit #biometric ATM #authentication https://t.co/6XhNfmNDib
RT @BiometricUpdate: Kaspersky Lab reveal how criminals could exploit #biometric ATM #authentication https://t.co/6XhNfmNDib
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication – Biometric… https://t.co/TKyRdOvmyj https://t.co/lENDtZvgCW
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication – Biometric… https://t.co/gC11KXsOnr https://t.co/agE5S2wpE6
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication – Biometric… https://t.co/xLJtmRiNj4 https://t.co/goShxpz1Et
RT @BiometricUpdate: Kaspersky Lab reveal how criminals could exploit #biometric ATM #authentication https://t.co/r6B26JXXHx
RT @BiometricUpdate: Kaspersky Lab reveal how criminals could exploit #biometric ATM #authentication https://t.co/6XhNfmNDib
RT BiometricUpdate: Kaspersky Lab reveal how criminals could exploit #biometric ATM #authentication https://t.co/JVI8LOMBrW
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication https://t.co/a2ttMVYtgD
#biometric #atm #security
RT @BiometricUpdate: Kaspersky Lab reveal how criminals could exploit #biometric ATM #authentication https://t.co/5LRgLgIqvC
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication Biometric Update Researchers at… https://t.co/aMLLXmSaQ2
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication – Biometric… https://t.co/9TdmDie9sA https://t.co/931I74klji
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication – Biometric… https://t.co/v6H4J8wJp2 https://t.co/e8dWjIf9Zs
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication https://t.co/PeVt0Zwqw8
RT @vigisec: RT BiometricUpdate: Kaspersky Lab reveal how criminals could exploit #biometric ATM #authentication https://t.co/JVI8LOMBrW
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication | BiometricUpdate https://t.co/MVwtoXAHWS #biometrics
Researchers at Kaspersky Lab have investigated how cybercriminals could exploit new biometric. https://t.co/L1Ec19tWf8
RT @BiometricUpdate: Kaspersky Lab reveal how criminals could exploit #biometric ATM #authentication https://t.co/6XhNfmNDib
https://t.co/83Z96AQSE1
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication | BiometricUpdate https://t.co/OMiIXGF3HN #biometrics
Kaspersky Lab reveal how criminals could exploit biometric ATM authentication | https://t.co/W9RcM5BTiB