Transaction Reversal Fraud

There's a new twist on an old fraud targeting ATMs that was discussed at the 7th Annual SAPTA Skimming Working Group meeting held in Texas in November. The SAPTA Working Group is comprised of public & private sector investigators from the International Association of Financial Crimes Investigators (IAFCI) that are committed to helping safeguard payment terminals from both physical & logical attacks.

Transaction Reversal Fraud (TRF) was discussed at the meeting in depth and has also received a lot of attention in social media in recent months. In November, the ATM Industry Association (ATMIA) issued a security alert highlighting a surge in TRF activities in the U.S., particularly involving prepaid cards.

Modus Operandi
TRF is a deceptive practice where fraudsters manipulate ATM transactions to falsely reverse legitimate withdrawals, effectively obtaining cash without debiting their accounts. Notably, some discussions have inaccurately labeled this method as "jackpotting," which traditionally involves compromising ATM internals to dispense cash illicitly. In contrast, TRF does not require internal ATM compromise and is limited to the value available on the prepaid card being used. This tactic exploits certain ATM systems' vulnerabilities, allowing the perpetrator to retain the withdrawn cash without an actual debit to their account.

Preventative Measures
To mitigate the risks associated with TRF, financial institutions and ATM operators should consider the following actions:

• Enhance Monitoring Systems: Implement advanced transaction monitoring to detect unusual patterns indicative of TRF, such as rapid reversals following withdrawals.
• Update Software and Hardware: Ensure ATM software and hardware are up to date with the latest security patches to address known vulnerabilities that could be exploited for TRF.
• Employee Training: Educate staff about TRF tactics and encourage vigilance in identifying and responding to suspicious activities.
• Customer Awareness: Inform customers, especially prepaid card users, about the importance of safeguarding their card information and promptly reporting any unauthorized transactions.

By adopting these measures, financial institutions and ATM operators can strengthen defenses against TRF and protect both their assets and customers from this emerging threat.