<img alt="" src="https://secure.glue1lazy.com/215645.png" style="display:none;">

HomeBlog › Article

How to Prevent Duress Attacks During an ATM Replenishment

As banking technology evolves, so do the criminal’s abilities to carry out even more sophisticated financial scams where fraudsters look at the whole payments ecosystem to identify weak points.

Today, it is not simply enough to cover the keypad while entering Personal Identification Numbers (PIN). Cash in Transit security companies have to go beyond the accepted ATM and bank protection methodologies with armoured vehicles, implementing bank ATM security procedures, and keeping up with the ever-evolving forms of attacks such as Duress Attacks.


Duress Attack : definition

Cash replenishment organizations are among the most susceptible to attack. As ATM, protection systems become more resistant criminals look for other opportunities to attack and Duress attacks are seen to be increasingly more frequent.
A duress attack in this context is when a CiT operative is in the process of exchanging the ATM cassettes or an ATM service engineer is making a repair, on both occasions, the safe door is open, criminals then threaten them with violence if they do not hand over the cash cassettes.

Duress ATM premises

Usually these attacks are timed to occur when the last cassette is being exchanged so the maximum amount of cash is available. These attacks are seen to be rising in the US, in high risk areas ATM service engineers are being accompanied by a guard as thieves will deliberately cause the machine to fail and then wait for the ATM engineer to arrive so that they can carry out the attack.

Besides duress attacks, ATM fraud and robbery methods involve:

  • Skimming: a type of ATM fraud involving a skimming device that criminals put over the top or within a card reader slot. Crooks typically use a hidden camera or an overlay on top of the original PIN pad to record the entered PIN. After recording chip card information such as PIN, and card number, the criminals create duplicate cards to withdraw money from the victim’s account.
  • Skimming: an enhanced form of skimming where thieves place a skimming device deep within the ATM card reader to register the card’s chip information. As with skimming, thieves create a duplicate or cloned version of a debit card.
  • Cash-out: these are schemes where there is a simultaneous withdrawal of cash from numerous ATMs in various regions and countries. The schemes for doing this are becoming more sophisticated and complex involving a mix of skimming, phishing emails etc. As a result, criminals can empty ATMs of cash before the scam is realised.
  • Jackpotting: similar to cash out but criminals gain access to the internal controls of the ATM so they can command the ATM to dispense large amounts of cash so there is no need to obtain customer information.
  • Black Box: similar to both cash out and jackpotting but here the criminals bore holes in the ATM fascia in order to gain access to the upper cabinet, the cash dispenser module is then disconnected, attached to an external electronic device – ‘Black Box’ which commands the dispenser to empty all cassettes. Unlike Cash-out these attacks do not need any customer account or bank card information.

Preventing Duress Attacks at the ATM

Both ATM protection and bank protection measures such as using an armored car or higher grade ATM safes are not always enough to deter physical ATM attacks.

Duress attacks at the ATM or when the CiT operative is transporting the cash cassettes across the pavement to the ATM can be deterred by using intelligent banknote neutralization systems within the cash cassettes. Even if the CiT operatives or service engineers do handover the cassettes when the criminals attempt to open them the banknotes will be automatically and almost instantaneously be covered in indelible ink. It is also possible for the ink system in the cassettes to be remotely activated by a colleague in the armoured vehicle.

An extra protection can be proposed to the CiT operative: insert the ink-protected cassette into a smart container that will provide additional physical security to the cassette during the sensitive cross-pavement phase (back and forth travel between the ATM and the armored car).CCL3000

Oberthur Cash Protection provides systems that cover 100% of the banknotes to at least 20% of their surface with machine readable and easily traceable ink.

With these systems deployed incidents of Duress Attack will decrease. 

Another important factor in preventing duress and other ATM attacks is to display a range of warning labels so that the criminals realise that the cassettes are protected so will move onto a softer target.


Ink Dye Solution

The Ink Dye Solution that is deployed in prevent duress attacks is also globally considered the most effective deterrent against ATM physical attacks including ram raid, hook and chain and explosive etc.. Designed to activate instantaneously upon an explosive or other attack, the Ink Dye Solution has proven to be a game-changing technology that indelibly stains the banknotes inside the cassettes so thieves recognise that the value of these notes is not worth the risk of the attack.


ICSD NCR S2The design of OCP, In Cassette Staining Device, ICSD, does not reduce the note capacity of the cassette nor noticeably impact on the ATM servicing and replenishment process.

Experience has shown that ATM and CiT attacks will continue to increase both in frequency and sophistication, the latest manifestation being the rise in Duress Attacks. Implementing traditional ATM protection measures such as additional armour has clearly proven not to be effective in mitigating the risks of such attacks.


ATM deployers and CiT companies must constantly find ways to decrease, if not eliminate, attacks. With Oberthur

Protection’s IBNS solutions they can do just that.

                                                   Eric Hauw , Global Sales & Marketing Director, Oberthur Cash ProtectionEric circle

Discover now : How to Future Proof Your ATM Network from physical Attacks !

ATM Whitepaper