Open Forum

Wireless ATMs?

  • 1.  Wireless ATMs?

    Posted 5 days ago
    Not sure about the rest of you but I found this to be a bit disturbing.  Mainly the part about spoofing wireless???  It seems ... like some of the same considerations could apply to any wireless credit card setups.

    https://www.zdnet.com/article/most-atms-can-be-hacked-in-under-20-minutes/

    ------------------------------
    Michael Walsh www.kingkoin.com
    King Koin Laundry, Car n Dog Wash
    Bismarck ND
    ------------------------------


  • 2.  RE: Wireless ATMs?

    Posted 4 days ago
    Kind of what I thought ... probably the most of us laundromat-ATM owners would tend to avoid wireless ... considering the stakes involved.  Ha Ha ... of course I can't read other laundromat owners minds though ... since this thread has not reached dialogue stage at this point.

    ------------------------------
    Michael Walsh www.kingkoin.com
    King Koin Laundry, Car n Dog Wash
    Bismarck ND
    ------------------------------



  • 3.  RE: Wireless ATMs?

    Posted 4 days ago
    Michael,

    ATMs are high tech.  Every transaction is encoded.  I  feel the threat may be over-stated.

    We regularly read about credit card information theft and duplication but we never hear about ATM intrusion through a back door.

    ------------------------------
    Larry Adamski
    Muskegon Laundromat
    Spring Lake MI
    (616) 566-1987
    ------------------------------



  • 4.  RE: Wireless ATMs?

    Posted 4 days ago
    Michael,
    I agree with Larry. The threat in this article is way over stated. I run an ATM route, about 25 machines, in different establishments in SoCal and about 50% of them are running on wireless cell units. The wireless cell units are as secure as direct Ethernet connection to an internet router. If own and operate an ATM at your laundromat, you should always make sure the machine is programmed/configured correctly and the latest software version is uploaded. Your ISO (ATM processing company) typically notifies you if there's a new software updates for your machine, but I would recommend checking for updates yourself periodically. Another additional safety measure is to change the locks. The ATM keys are the same for each manufacturer. This will prevent someone from opening the ATM and trying to install a black box.

    If you need to know the latest software version for your ATM, let me know the make/model of your ATM.

    ------------------------------
    Hani A.
    Laundromat Owner
    SoCal
    ------------------------------



  • 5.  RE: Wireless ATMs?

    Posted 4 days ago
    Edited by Michael Walsh 4 days ago
    Hani,

    What I surmised from the article is that they might be referring to an ATM that is hooked up to a wireless router with specifically the wireless router not being configured by a professional for the specific brand.  I am not sure if a consumer grade wireless router would also be more vulnerable???  Cellular wireless seems more likely to be safer but some cell data plans can get expensive ... especially if you already have wifi in your laundromat.

    Some little voice inside of me told me when I got my ATM about 7 years ago ... that I should always maintain a supported commercial grade SonicWall or a Sophos router & I did not try to configure it myself.   That of course along with also making sure that the ATM's & Router's firmwares are current.

    ------------------------------
    Michael Walsh www.kingkoin.com
    King Koin Laundry, Car n Dog Wash
    Bismarck ND
    ------------------------------



  • 6.  RE: Wireless ATMs?

    Posted 3 days ago
    I also have an ATM route and all but one of my ATMs run on a wireless cell device.  There are a couple of companies that make cell devices specifically for ATMs and are designed with very high grade encryption.  I have never had one hacked in 7 years.  They don't charge fees like your phone, they charge a fixed fee per month.  Usually on the lines of $8-10 per month.

    ------------------------------
    Randy McCall
    Arlington TX
    ------------------------------



  • 7.  RE: Wireless ATMs?

    Posted 3 days ago
    While I agree that the threat is probably overstated, wireless is /nowhere near/ "as secure as direct Ethernet connection to an internet router."

    Good security is about minimizing attack surfaces.  With a wireless connection you expose at least three new attack surfaces: the radio on the ATM, the wireless protocol itself, and the router.

    Firmware for routers, wireless radios, and wireless encryption standards have been compromised in the past.  It would be unwise to think they will not be compromised in the future.

    tl;dr: unless you cannot use a wired connection, do not use wireless for an ATM.

    ------------------------------
    B Jasperson
    B Jasperson Person
    Beverly Hills CA
    ------------------------------



  • 8.  RE: Wireless ATMs?

    Posted 2 days ago
    Edited by Michael Nemetz 2 days ago
    A lot in that article is overblown.

    Use OptConnect to connect your wireless ATM to a wireless Carrier.  ~ $20 a month and it takes two ethernet connections so can support two ATMs.  Using OptConnect on ATMs and Spyderwash works flawless.  Solved many of the connection issues I was having with my Spyderwash devices.  The data from ATMs and Spyderwash is encrypted.

    The comment about don't use Wireless - are you talking Wi-Fi or carrier Wireless?  If Wi-Fi if you get a quality router like Cisco or OpenMesh you can connect it to a Wi-Fi access point (I prefer OpenMesh) and then set up a Public Wi-Fi separate from your employee Wi-Fi or up to two additional Wi-Fi networks and dedicate them to different purposes.  All can have separate password and make it impossible to connect to any device on the LAN.  This isn't rocket science it's reading the manual and checking a box in the set up.

    If you want to educate yourself on what the bad guys are up to the Verizon Data Breach report is always a good read.  It is published annually and to save you a Google search here is the link.

    https://enterprise.verizon.com/resources/reports/dbir/#2018DBIR

    I've worked for MCI, Vz, CenturyLink, Rackspace and sold security assessments and intervened after data breaches so in this particular case I know what I am talking about.

    - Mike

    ------------------------------
    Michael Nemetz
    Michael Nemetz Person
    Manteca CA
    ------------------------------



  • 9.  RE: Wireless ATMs?

    Posted 2 days ago
    Both Michael N & B Jasperson make what appears to be valid points.

    Michael N,

    Thanks for the heads up about OpenMesh ... it appears that route might be way cheaper than Cisco, SonicWall or Sophos commercial grade routers.  At this point ... I am not sure on the setting up & configuring technical expertise involved & possible ongoing support needed with OpenMesh though.

    ????     https://www.amazon.com/Open-Mesh-OM2P-802-11gn-Wireless-Mini-Router/dp/B0087HMMC2

    Also ... I wonder if OptConnect is available everywhere geographically???


    ------------------------------
    Michael Walsh www.kingkoin.com
    King Koin Laundry, Car n Dog Wash
    Bismarck ND
    ------------------------------



  • 10.  RE: Wireless ATMs?

    Posted 2 days ago
    Michael,
    The ATM should never be connected to a wireless internet router and I don't think this is possible. You can run the ATM on phone line, direct Ethernet cable or wireless CELL unit.

    When I mentioned wireless cell above, It is an actual wireless cell device made specifically for ATM's. Those devices are very secured, encrypted  and the firmware is updated automatically by the provider remotely. They are similar to mobile phones, run on G3, G4 or Lte networks like Sprint or Verizon. They cost about $100-$200 to purchase and monthly data fee about $10 (DPL Wilreless and OptConnect). I do like the ones made by DPL (DPL Hercules), you can view the wireless unit portal online, reboot the ATM remotely which resolves lots of error codes. They also have GPS add-on kits and you get alerts and tracking if the door is open or there's a theft attempt.  Most of my ATM fleet now is running on those DPL wireless units. I highly recommend them and prefer them over Ethernt direct connection for ATMs

    ------------------------------
    Hani A.
    Laundromat Owner
    SoCal
    ------------------------------



  • 11.  RE: Wireless ATMs?

    Posted 2 days ago
    Edited by Michael Walsh 2 days ago
    Hani.

    Thanks you make the most sense of all specifically to ATM wireless option especially where there is not an existing broadband connection or wiring can be an issue possibly based on cosmetics & other reasons within a building etc.

    DPL Wireless and OptConnect ... are they geographically available everywhere?

    ------------------------------
    Michael Walsh www.kingkoin.com
    King Koin Laundry, Car n Dog Wash
    Bismarck ND
    ------------------------------



  • 12.  RE: Wireless ATMs?

    Posted 2 days ago
    Michael,
    With the DPL units, they run on Verizon or AT&T networks and have great coverage in my experience in SoCal. You can pick whichever network you want when you purchase the device. If you have good cell signal at your laundromat location(s), the DPL will have the same cell signal/coverage. I don't worry about cell units coverage in any metro areas and that goes for DPL and OptConnect devices.

    ------------------------------
    Hani A.
    Laundromat Owner
    SoCal
    ------------------------------



  • 13.  RE: Wireless ATMs?

    Posted 2 days ago
    As I said, the article was indeed overblown.

    I too have spent a couple few decades in the industry and know of what I speak.  I've set up commerce systems for Fortune 50 companies -- even a well-known encryption company, given speeches on software and security.

    But the truth is, encryption schemes are routinely broken.  Code behind a black box is not any guarantee of security, quite the opposite.  The rule is, the more eyes on encryption the better.

    Setting up a second private wifi network does substantially improve security but it is very dangerous to suggest that it would be impossible for someone to get to your LAN.  Your wifi encryption protocol can be cracked, the router and every device that connects to that router can be exploited.  Your password can be socially engineered or brute forced.  If you update the firmware on your router, you know they're quite frequently being patched to cover off exploits.

    Sending data over a radio (wifi, cell, RF packet modem, whatever) is vastly less secure than a hard line; the data can be trivially recorded, probed and attacked from a distance.

    There is a lot of criminal money to be made by exploiting wireless ATM connections.  It isn't a matter of if, it is a matter of when.

    ------------------------------
    B Jasperson
    B Jasperson Person
    Beverly Hills CA
    ------------------------------



  • 14.  RE: Wireless ATMs?

    Posted 2 days ago
    Edited by Rich Cruz 2 days ago
    Actually, a POTS line is the most secure.  Even a direct connect Ethernet connection can be hacked if you're not careful, but I'm just giving you my experience with 20 ATMs and 7 years.  I don't worry about it and it is my cash in the ATMs.
    Take care,

    Randy McCall





  • 15.  RE: Wireless ATMs?

    Posted 2 days ago
    Michael, go here

    https://www.amazon.com/Open-Mesh-G200-Cloud-Managed-Integrated-Firewall/dp/B07CLGQNM3/ref=sr_1_3?keywords=open+mesh+router&qid=1550250644&s=electronics&sr=1-3

    OptConnect appears to be nationwide.  I signed up for a 12 month term and they gave me the equipment for free.  I don't think about my Spyderwash connectivity anymore...it just works.  You can use them on ATMs and Kiosks too.  Go here

    http://www.optconnect.com/2015/OptConnect.html

    A final note change your pw every 90 days and use hard to break numeric and alpha numeric passwords.  Use a solution like Secure Safe to keep track of them vs. a spreadsheet.

    Go here:

    https://www.securesafe.com/en/

    Free for first 100 I think.  They are in Switzerland.  I've used them for years, great solution!  They can auto generate very complicated passwords and then store them in a secure easy for you to access site.

    - Mike



    ------------------------------
    Michael Nemetz
    Michael Nemetz Person
    Manteca CA
    ------------------------------