FBI Alert: Global “Unlimited” ATM Cash-Out Scheme Exposed

FBI Alert Image

According to a confidential alert obtained by security researcher Brian Krebs, “The Federal Bureau of Investigation is warning banks that cybercriminals are preparing to carry out a highly choreographed, global fraud scheme known as an “ATM cash-out,” in which crooks hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours.”

As reported in his August 18 blog the alert states “The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation’,” The FBI stated that unlimited operations compromise a financial institution or payment card processor with malware to access bank customer card information and exploit network access, enabling large scale theft of funds from ATMs.

According to a Finextra announcement of August 19th the alert also warns that “Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities” stating that it “expects the ubiquity of this activity to continue or possibly increase in the near future” and offers a host of tips to combat the crooks.

Last month, KrebsOnSecurity broke a story about an apparent unlimited operation used to extract a total of $2.4 million from accounts at the National Bank of Blacksburg in two separate ATM cash-outs between May 2016 and January 2017. Hackers used phishing emails to break into the Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total. Now the financial institution is suing its insurance provider for refusing to fully cover the losses.

Learn more about protecting your institution from “Cash-out” catastrophe.

Click “Breaking the Bank” and Contact CSFi to learn more about, FraudBlock™, FraudBlock™ Standalone (SA), Foreign Card Limits, and other solutions limiting or restricting cardholder cash withdrawal transactions at your bank’s ATMs.

By : Sales and Marketing /August 22, 2018 /Featured News, FraudBlock, News /0 Comment Read More

CSFi Partners with MEA Solutions to Participate in National Show

CSFi recently participated as a partner vendor in the 6th annual national MEA User Conference located in New Orleans, Louisiana. Our attendance gave new opportunity for regional and core-platform-specific financial institutions to learn more about our ATM driving and debit processing solutions. This event also represented the culmination of several months of discussion between CSFi and MEA Financial Solutions to solidify the partnership of our two systems and provide customers with one combined offering.

The annual conference, held in June, showcased MEA’s latest product offerings and development, along with a unique opportunity to provide feedback on future development to their upcoming solutions. The event hosted a variety of vendor organizations, including CSFi, to display the strategic offerings from valued partners. In attendance were nearly three dozen banks and financial institutions that showed interest in a combined CSFi/MEA solution.

Primarily focused on financial institutions using Jack Henry core banking systems, the MEALink solution offers online and real-time debit interfacing for cores such as SilverLake and CIF 20/20. An alternative to jXchange, the direct interface installs on the same AS/400 server as the core system. This option provides a more streamlined approach, achieving the highest throughput and performance possible for memo posting a debit transaction to the Jack Henry core.

MEA Solutions is a national leader in the provision of innovative software solutions to the financial services marketplace around the nation. As specialists in both innovative technology and the financial industry, MEA’s highly experienced and versatile team creates and supports flexible solutions that meet the demanding requirements in an adaptable industry.

CSFi is a global provider of electronic payment software that includes in-house ATM driving and management, on-line routing of debit card transactions for authorization to a core system and direct interfacing to most all domestic EFT networks. CSFi’s solutions provide real-time fraud detection and prevention, EMV debit card issuance and management, graphical ATM monitoring with real-time alert notifications, and countless other features for the ATM/debit delivery channel.

Bejan Nouri and Tony Cappadora, CSFi Sales and Marketing




By : Sales and Marketing /August 16, 2018 /Events, News /0 Comment Read More

Border State Bank Upgrading to EZswitch G4 with RTCM

Border State Bank LogoGreenbush, MN: Dedicated to employing the most advanced technology available to provide the best customer experience possible, Border State Bank is upgrading from EZswitch® 2012 to EZswitch® G4 with Real-Time Card Maintenance (RTCM). The new online interface connecting the bank’s Fiserv Precision core banking system to the First Data (Star) EFT network will enable the implementation of a host of new EZswitch features proven to lower costs, boost revenues, and improve operational efficiency.

Established in 1935, the bank has remained dedicated to meeting the evolving banking needs of Minnesota residents and businesses for nearly 83 years. With total assets now exceeding $500 million, the bank continues a long tradition of exceeding customer expectations.

In keeping with that tradition, the upgrade to EZswitch G4 will enable the bank to enhance both operational efficiency and cardholder experience by taking advantage of the latest features and enhancements to EZswitch software. The EZswitch G4 platform provides a highly customizable solution for financial institutions aiming to minimize costs, expand revenue sources, and maximize data and transactional security. The systems features and options for reducing fraud losses and streamlining management of debit card operations include:

  • FraudBlock integrated, rules-based, real-time fraud detection and prevention system
  • Sentinel Alert Notification System providing unattended monitoring of ATM’s, core system interface, EFT network connection(s) through email and SMS-text notification
  • G4 Web-based Apps real-time transaction and cardholder research and reporting, full system monitoring and automated job/task schedule managing
  • Support for Cardholder Alerts via email and SMS-text
  • On-demand ATM/EFT Network Denial Rules for immediate protection against a wide range of fraud sources
  • Stand-in authorization using a positive balance file (PBF) and/or card limits (the system will authorize using a PBF or card limits when the host authorizing system is unavailable)
  • Secure, single point of card maintenance entry
  • Advanced “drill down” capability for transaction and cardholder research and reporting
  • Reconciliation subsystem
  • System health check monitoring including all connections and database status
  • Automated job/task schedule management
  • Audits and logs of all user activity and much more…

Additionally, the VMware installation will include integrated support for full EMV functionality and utilize CSFi’s First Data Star Real-Time Card Maintenance (RTCM) interface. In the past, the bank has relied upon sending batch files at the end of the day to update the card record kept on the EFT network. Now, implementing the CSFi RTCM module, any changes to a card record performed from the bank’s core system will instantly flow to CSFi’s EZswitch software and on to the First Data Star EFT network.

RTCM enables instant access to debit card information and activity and the leveraging of trends in card usage essential to maintaining peak operational efficiency of debit card programs including:

  • Current account activity and balances
  • Account transfers
  • Debit card activations
  • Changes in personal cardholder preferences
  • Interchange fee generation
  • Suspicious or fraudulent activity

The new G4 front end, providing an at-a-glance view of the switch network and intuitive navigation and research tools, will allow authorized users easy access to the powerful system’s full capabilities including:

  • Real-time transaction and cardholder research and reporting with “drill down” capability
  • Real-time full system monitoring of all connections and database status
  • Simplified automation of routine job/task scheduling and management
  • Secure, single point of sign-on for multiple users with customizable roles and permissions and more

In addition to driving increased card based revenues, the upgrade will enhance the cardholder experience with real-time balance updates, speedy resolution of transactional disputes, stand-in processing, and support for many additional options and features including CSFi’s FraudBlock™ real-time, rules based fraud detection and prevention solution.

To learn more, Register now at and enable full access to our web resources. Once registered, users have full access to brochures, videos and additional information fully describing the features and benefits of EZswitch®, G4, Sentinel™, FraudBlock™, EMV support, and our entire suite of products, services and solutions.


By : Sales and Marketing /August 03, 2018 /Announcements, EZswitch, News /0 Comment Read More

ADIB is Live with Iraqi National Switch

ADIB logoAbu Dhabi, UAE: Abu Dhabi Islamic Bank (ADIB) is live with a new SWITCHWARE® interface required by the Central Bank of Iraq (CBI) to support ADIB’s Iraq branch delivery of ATM acquirer transactions and receiving POS issuer transactions.

Utilizing a single instance of SWITCHWARE located in Abu Dhabi, the system now supports the Iraqi National Switch and enables Iraqi ATMs to accept foreign cardholder transactions and authorize ADIB Iraqi cardholder transactions at foreign ATMs and POS devices. The new system supports multiple currencies and languages and is able to process both magnetic stripe and chip card transactions.

Since 1989, ADIB has relied upon cost effective and scalable CSFi products and services on its mission to provide Islamic banking solutions to the global community. A dynamic bank with a culture of innovation, the bank has pursued an ambitious growth strategy designed to meet and exceed both customer and shareholder expectations. With branches in Egypt, Saudi Arabia, the United Kingdom, Qatar and Iraq, ADIB is one of the largest banks in the UAE with more than 80 retail branches and 720 ATMs.

As the first UAE based financial institution to get approval from the CBI to operate in Iraq, its presence constitutes a key component of their international growth strategy.

For nearly 40 years, CSFi has helped customers around the world meet competitive challenges, achieve operational excellence, and enhance their bottom line.

The ability to accommodate the latest innovations in profit maximizing technology is more important than ever. The flexibility and scalability of SWITCHWARE® G4 is unsurpassed. Learn more about incorporating the transaction processing power, and functionalities of SWITCHWARE® with G4 Web-based Apps in your unique ATM operating environment. Contact Sales to arrange for a personal appointment.

Register now at and enable full access to our web resources. Once registered, users have full access to brochures, videos and additional information describing the features and benefits of our entire suite of products, services and solutions.

By : Sales and Marketing /July 17, 2018 /Announcements, News /0 Comment Read More

ATM Communications Encryption Using SSL/TLS 1.2

The ability to secure communications using SWITCHWARE’s support for SSL/TLS provides an essential layer of security for ATM networks. This commonly used encryption protocol is the same technology that powers the majority of internet and web encryption for all major web browsers. The security and power of a hardened encryption solution along with a highly adopted and well-known version makes SSL/TLS 1.2 the perfect solution for ATM communication encryption.

The most important aspect of securing the communications channel for an ATM is to maintain high levels of availability, which banks expect in their ATM network. Using SSL/TLS 1.2 provides a secure means to satisfy PCI requirements for encrypting transmission of cardholder data across open, public networks.

The Demand for Encrypted Communications

There are many reasons financial institutions should use encrypted communications:

  1. Mandated by PCI DSS for ATMs in use in open, public networks
  2. Protect against several logical in-network attacks, such as Man-in-the-Middle Attack, Network Cable Skimming Attack, Host Emulation Attack, Replay Attack and a Truncation Attack

Man-in-the-Middle Attack

A type of active eavesdropping where the attacker is able to make separate connections with the victim’s systems and relays messages between them, making both parties believe they are talking directly to each other over a private connection when in fact the whole conversation is intercepted (and possibly manipulated) by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones.

A man-in-the-middle attack is only successful when the attacker is able to impersonate each endpoint to the satisfaction of the other. Most encryption protocols, including TLS 1.2, provide endpoint authentication and can prevent these types of attacks.

Network Cable Skimming Attack

This is where a special device is attached directly to the ATM network cables in order to capture card data. By encrypting the full network communications package before it leaves the ATM, using TLS 1.2, the captured information is rendered useless.

Host Emulation Attack

Where an emulated server or box is connected to the ATM network connection. Messages sent to the host during this type of attack are received by the host emulator and then a fraudulent response is sent back containing commands that allow unauthorized actions, such as cash dispensing.

Replay Attack

This attack uses a re-transmitted data stream to trick the system into unauthorized operations. For example a false identification or authentication or a duplicate transaction can be sent, which allows the attacker to gain unauthorized access to the network.

Truncation Attack

This attack involves the attacker causing the TCP session to be closed (via a TCP FIN) before the sender is finished sending data, forcing the receiver to think that all data has been received. As a consequence, the receiver can never be sure that more data was not forthcoming.

Encrypting All Endpoints is the Key

Using SWITCHWARE® support for SSL/TLS provides a way to encrypt communications between the ATM and the host. This security measure is essential to meeting the mandated standards set by PCI DSS, specifically for ATMs located in open, public networks. CSFi strongly recommends that customers begin to make the move to TLS 1.2 as soon as possible. NCR and Diebold’s Secure TLS Communications products can be used in conjunction with CSFi’s SSL/TLS feature to provide total encryption for your ATM network.

Learn more about how CSFi can secure your ATM communications network using SSL/TLS 1.2

Contact CSFi to arrange for a review of your ATM data security protocols. Ensure that they conform to industry best practices for secure communications.


By : Sales and Marketing /June 18, 2018 /News, SWITCHWARE /0 Comment Read More

Win/Win: Deposit Automation and Cash Recycling

The Facts

Deposit Automation and Cash RecyclingOver 80% of traditional teller transactions can be handled through a self-service device. Investment in ATM deposit automation and cash recycling functionality yields big returns through a more streamlined cash and check deposit process that eliminates envelopes. Cash automation functionalities allow bank staff to focus on high value sales, product promotion and service activities and less on low value transactions and ATM cash replenishment.

Leveraging the capabilities of ATM deposit automation and cash recycling are key to an efficient and effective remote ATM/debit delivery strategy. Cost aware financial institutions are reshaping their branches towards a sales and service business model rather than a transaction processing model. As the need for low value tasks has diminished, the drive to enhance self-service capabilities has risen to the forefront. The automation of deposit validation, counting, sorting, storage and cash dispensing saves time and money. ATM cash recycling and deposit automation devices allow branches to operate more efficiently with less cash on hand.

It Gets Better

The immediate and proven benefits of cash automation have inspired rapid global adoption and remarkable enhancement of the technology. In response to clear demand, providers have stepped up with enhanced hardware and software solutions. The latest dedicated “pocket” recyclers deliver a vast increase in note capacity and improved customer experience for both individual consumers and small business customers.

CSFi on Top

SWITCHWARE® G4 is designed to maximize the profitability of multi-vendor ATM fleets and other integrated self-service devices. As a certified supporter of the latest innovations in cash recycling and deposit automation from nearly every major provider, CSFi is qualified to discuss how cash automation technology can accelerate branch transformation efforts in your unique operating environment.

Embrace the Future

CSFi solutions can maximize the efficiency of your branch network by addressing the needs of individual consumers as well as the needs of small to medium sized business. Cash automation solutions represent a major opportunity for financial service providers to streamline operations and enhance their bottom line.

Contact CSFI to learn more about SWITCHWARE® G4, Deposit Automation and Cash Recycling

By : Sales and Marketing /June 18, 2018 /Deposit Automation, News, SWITCHWARE /0 Comment Read More

Breaking the Bank

Switchware G4 - Foreign Card Withdrawal LimitsWhile the “jackpotting” escapades of ATM fraudsters garner headlines, the activities of “foreign cardholders” pose a more significant and frequent threat to U.S. ATM operators. Card acquirers reporting the incidence of ATMs being drained of cash by persons using foreign-issued payment cards is on the rise.

Financial institutions around the world have disclosed that when ATM cash supplies are unexpectedly and abruptly emptied it most likely involves payment cards issued from one of the following:

  1. Card issuers located in foreign countries
  2. Foreign (not U.S. based) internet payment services

The Problem

Internationally based banks and payment services accept and provide for fund deposits, withdrawals and wire transfers from a wide variety of sources. Many provide account holders with payment cards that can be used anywhere in the world with few limitations.

The willingness of foreign banks to establish multiple accounts and payment cards to single persons or organizations appeals to directors of card-based theft operations. In addition to the unwittingly sponsorship of global money laundering, financial institutions processing these transactions are at risk of their ATMs being drained of cash by persons using these foreign issued payment cards.

When little or no issuer-based withdrawal limits exist for these payment cards, they can be used repeatedly to make withdrawals at any ATM, especially those where the ATM switch has no limits established for foreign “not on us” cards.

Case in Point

In February of 2013, a global card fraud operation drained ATMs in New York and around the world of over $45,000,000 in a matter of hours. Involving bad actors from many countries, the operation was complex and well planned. It could have been thwarted by pre-existing foreign card restrictions. After compromising the systems of both Indian and US card processing and issuing firms, the criminals eliminated withdrawal limits on foreign pre-paid debit cards. In New York alone, the crew drained $2.4 million from nearly 3,000 ATM machines in 10 hours. Single ATM withdrawals exceeded $10,000.


Pre-existing foreign card withdrawal restrictions would have saved the day.

The CSFi Solution

Even a single occurrence of this type can result in significant financial loss to the victim financial institution. CSFi Foreign Card Withdrawal Rules enable the enforcement of customizable acquirer standards governing foreign “not on us” card usage at the ATM. Simple, easily deployed and absolute. Once deployed you become the master of your exposure to “foreign card” risk, and can take control of acquirer-based fraud at your ATMs.

The CSFi difference

If you are already a customer you already know…CSFi never sleeps. We have been earning the trust of financial institutions around the globe for more than 38 years. CSFi laboratories are always engaged in the in identifying ways to advance the success of our partners. Our customer service has no equal.

Contact CSFi. Find out what you have been missing.

Even a single incidence of this type can result in significant financial loss to the victim financial institution. CSFi Foreign Card Withdrawal Rules enable the enforcement of customizable acquirer standards governing foreign “not on us” card usage at the ATM. Simple, easily deployed and absolute. Once deployed you are the master of your exposure to “foreign card” risk.

The CSFi difference

If you are already a customer you already know…CSFi never sleeps. We have been earning the trust of financial institutions around the globe for more than 38 years. CSFi laboratories are constantly engaged in the in the identification of opportunities to advance the success of our partners. Our customer service has no equal.

Contact CSFi. Find out what you have been missing.

By : Sales and Marketing /June 18, 2018 /Highlighted Feature, News /0 Comment Read More

Multi Language and Multi Currency Support at the ATM

Advanced ATM Functionality - Multi language and multi currency support

Global, Mobile and Demanding

Maximizing innovation is more important now than ever. The battle for consumer favor has never been more intense. A truly global economy places extreme pressure on financial service providers to meet and beat consumer expectations. A financial institution’s ability to maintain profitability while satisfying customer demand is the goal. Winning and retaining customers to expand market share is critical, and banks must learn to be leaders, not followers in this ever-evolving industry.

Support for multiple languages and multi currency dispensing has been available with CSFi solutions for decades. The modern ATM displays multiple languages and dispenses multiple currencies through a simple screen based interface. Banks and FIs that wish to harness these modern features can do so with ease and flexibility by utilizing the easy setup options found in CSFi’s ATM switching solutions.

Multi language Access to ATMs is Essential

For business travelers, tourists and customers residing in multiethnic and international bordering communities the ability to communicate with customers in their native language is essential to customer satisfaction, along with the convenience of having access to foreign currency.

Powerful and Convenient

Multi language and multi currency ATMs are a powerful addition to any ATM network and a common sight at airports, train stations, border locations and cosmopolitan centers around the world.

Unlike more basic machines, advanced ATMs can interact in multiple languages and dispense multiple currencies from a single machine. Ideal for accessing local currency upon arrival at an overseas destination, the advanced multifunction ATM is viewed by customers as a key component of global life.

Financial Institutions around the world rely on CSFi to test the boundaries of what’s possible with an ATM.

Investigate the possibilities…Contact CSFi Find out how the combination of SWITCHWARE® G4 and Multi Language and Multi Currency support might enhance your bottom line.

By : Sales and Marketing /June 18, 2018 /Featured News, News, SWITCHWARE /0 Comment Read More