We have been warned many times, advised to hide the hand while dialing our secret number when withdrawing money from an ATM. However, cloning credit cards or phishing is a criminal offense that doesn’t require the cybercriminal’s physical presence to access numbering scheme, expiration date and CVC number.
The methods used by criminals include, fake emails from the alleged entity asking to change the passwords or enter the pin, or hacked POS terminals which transfer the customers banking information. Once duplicated, card can also become a commodity between criminals, dealing with them in an online black market.
Neither the traditional magnetic stripe nor the latest chip installations have managed to slow down cloning. This latest technology seemed promising: it generates a unique code for each transaction, which hinders fraud.
Nevertheless, security experts at Cambridge University demonstrated that data phones and ATMs fail when producing random numbers. Actually, it can be predicted applying the needed methods.
Banks are looking for alternatives to protect their customers from possible attacks. The latest idea is eliminate credit cards (if something creates problems, what a better solution than to wipe it away) and replace them with mobile phones. If we are already able make transactions with our smartphone, why wouldn’t we be able to withdraw money?
BMO Harris Bank, one of the subsidiaries of Bank of Montreal Canadian, has launched the biggest ATMs network that uses this new system. In order to use them you don’t need to remember any password, or cover your hand while dialing the pin with the other one.
The entity’s customers only have to take out their mobile phone, download and register in to the banking application Mobile Cash. What follows it is nothing like the traditional method, of pressing the machine’s keys or the screen.
The app asks the user the amount he wants to withdraw and only saves the banking details during the communication with the ATM, where he must select the option Mobile Cash.
Then the machine generates a QR code, like the ones airlines or concerts halls use. Simply hold the smartphone so it reads the QR code and automatically orders the withdrawal.
Those who are for this system, maintain that it will speed up transactions and it ensures safety, since the mobile tool doesn’t store any banking information on your phone permanently.
A cybercriminal has to access your mobile phone and get the password you use in the banking application to freely manage the money in your account. Although some banks believe this is not an easy process, the issue may raise a number of concerns.
Every day we discover new cases of apps that without the user’s permission access certain personal data, information stored on other features and smartphones vulnerabilities and backdoors. How can an application guarantee complete security?
Withdrawing money through our smartphone is still not available worldwide. But when the possibility arrives we will have to analyze the possible consequences it may carry. Convenience and speed in transactions are not the only things that matters.