The present invention relates to an anti-fraud device for use with a self-service terminal (SST), such as an automated teller machine (ATM). The invention also relates to an SST incorporating an anti-fraud device, to a fraud prevention system, and to a method of preventing fraud at an SST.
One type of fraud that occurs at an ATM is for a third party to place a small module in front of the ATM""s motorized card reader. The module is professionally designed so that it conforms to the appearance of the ATM and is not obvious to a user. The module generally has a magnetic head for reading the magnetic stripe commonly used on banking cards. The module also has electronics associated with the magnetic head for reading the data stored on the magnetic stripe, and has either a memory for storing the read data or transmission apparatus for transmitting the read data to the third party.
As the module is small, it does not impede insertion or removal of the user""s card. When the user enters his card, the motorized card reader pulls the card in smoothly so that the (genuine) magnetic card reader can read the card. However, as the card is pulled through the small module by the motorized card reader, the card reader in the (fraudulent) module reads the data on the magnetic stripe.
The user is unaware that his card has been read by the fraudulent module because the module is small and unobtrusive and because the module does not impede insertion or removal of the card. Once the card data is known, the third party can re-construct the user""s card. A variety of techniques may be used to obtain a user""s PIN. For example, a false keypad overlay may be located above the actual keypad, such that when a user enters their PIN, the sequence of digits is recorded by the false keypad. Alternatively, a user may simply be observed while using the ATM and their PIN noted. If the third party can obtain the user""s PIN, then the third party has both the card details and the PIN, thereby enabling the third party to generate a counterfeit card and to make withdrawals from the user""s bank account without the user""s knowledge.
According to a first aspect of the invention there is provided an anti-fraud device for use with a self-service terminal characterized in that the device has a housing that is adapted for covering an entry slot for a motorized card reader module so that only part of the width of a card is accessible by a user when presented to the user by the motorized card reader module.
Preferably, the part of the width of the card that is accessible by a user has a magnetic stripe; that is, the magnetic stripe is not covered by the housing. The advantage of this is that a user will grasp the magnetic stripe to remove the card, thereby blocking the magnetic stripe from any fraudulent card reader module.
Preferably, the housing has a profiled edge for exposing part of the width of a card and covering part of the width of a card.
Preferably, the housing is mounted on a plate for coupling the device to an SST.
By virtue of this aspect of the invention, any third party module located in front of the housing to read the magnetic stripe would cause the card to be either completely covered, or covered to such an extent that the card is not accessible to the user, thereby ensuring that the customer cannot retrieve his card. This would alert the user to the fact that there is a problem.
According to a second aspect of the invention there is provided a method of preventing fraud at an SST, characterized by the step of: providing a housing for covering an entry slot for a motorized card reader module, where the housing is adapted so that only part of the width of a card is accessible by a user.
Preferably, the method comprises the further step of alerting the owner of the SST to the possibility of fraud when a card cannot be removed by the cardholder. This has the advantage that if a third party module is placed over the housing then the SST will alert the owner because the cardholder will not be able to remove his card. This limits possible fraud to one card and provides immediate notification to the possibility of fraud occurring.
According to a third aspect of the invention there is provided a self-service terminal, characterized in that the terminal has a fascia incorporating a housing, where the housing is aligned with an entry/exit slot for a motorized card reader module, and the housing is adapted to ensure that only part of the width of a card is accessible by a user when presented by the motorized card reader module.
According to a fourth aspect of the invention there is provided a fraud prevention system comprising a self-service terminal and characterized in that the system includes a housing for shielding at least part of the width of a card, so that, in use, the system presents a card to a user in such a way as to shield at least part of the card.
Preferably, the housing is configured to ensure that at least part of the width of the card does not protrude through the housing.