informa
/
2 MIN READ
News

Banks Prepare For ATM Upgrades

Mandates from Visa U.S.A. and MasterCard will require banks to increase encryption security on ATM machines.
Banks are in the midst of upgrading or replacing their automated teller machines to comply with new industry and government standards. Visa U.S.A. and MasterCard International have mandated that by April 1, 2005, all ATMs must be equipped to handle triple-DES (Data Encryption Standard), a method of scrambling personal identification numbers.

Banks for years have employed single-DES encryption, which specifies a key length of 56 bits; the triple-DES method uses a key length of 168 bits, making it more difficult for a hacker to crack personal identification numbers.

Banks have the choice of either replacing or upgrading their fleets of ATMs. Replacement is costlier; a new machine with triple-DES software costs between $30,000 and $40,000. Existing machines can be upgraded with a minor software modification but there's a catch--only machines less than five years old are upgradeable; anything older will have to be scrapped.

Susquehanna Bancshares Inc., a Pennsylvania-based bank, is replacing its 160-machine fleet with new ATMs from Wincor Nixdorf Inc. including cash dispensers and through-the-wall and drive-up ATMs. The bank had both the DES requirement and an impending governmental regulation on its mind when it made the decision to upgrade: Congress is expected to add a provision under the Americans with Disabilities Act stipulating that ATMs be equipped with voice technology for the visually impaired.

The triple-DES and expected ADA requirements "gave us an opportunity to examine how to meet the security and compliance needs of an integral part of our distribution network," says Greg Duncan, Susquehanna's chief operating officer.

The machines, which will include both triple-DES and voice technology, come equipped with PassPort switching software from banking-software provider Jack Henry & Associates to connect the ATMs to regional debit networks. IBM, through its Global Services division, is integrating the new ATMs with the rest of Susquehanna's branch network system.

The machines are providing an opportunity for Susquehanna both to extend its brand and reduce costs. For example, the machines will be HTML-compliant, allowing the bank to provide the same look and feel across its retail distribution channels--branch offices, ATMs, call centers, and Web banking. And they'll be capable of capturing images of checks, enabling Susquehanna to send them electronically to the paying bank instead of shipping boxes of paper; that's been legalized through the Check Clearing for the 21st Century Act, also known as Check 21, which takes effect in October.

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing