To Secure ATM Transactions: Ditch the Card

chicksdaddy writes: Security Ledger has a piece that looks at the efforts of a string of startups to secure ATM transactions from skimmers and malware-based attacks. Step 1: get rid of the ATM card. The article profiles a couple different companies. One, Trusona, has technology that can uniquely identify standard issue ATM cards by analyzing the unique distribution of Barium Ferrite particles on their magnetic strips and using it to connect the card to the customer. The company combines that with card swipe biometrics to thwart malware-based replay attacks. The article also mentions upgrades that will allow banking customers in the U.S. to use a mobile application to withdraw cash from ATMs without a card or PIN, and a prototype from Diebold that combines proximity based sensing (via NFC) with iris scans to authenticate customers and authorize transactions. Cool as it sounds, its worth remembering that most ATM attacks are decidedly "low tech." A survey by the ATM Industry Association in 2015 listed "physical attacks" and those using "explosives" as the second and third most common type of ATM attack after card skimming.

chip ?

[slashping]

Why not use a chip card instead ?

Re:chip ?

[Nyder]

I'd say go one step forward: tatoo a barcode on everyone's forhead AND a chip inside the head.
Forget the ATMs, think of the posibilities: easy tracking, no more anonimity in public, oh, the options are unlimited.
No more muggins as it's quite hard to carry 2-3 severed head with you.

Pretty sure the xians will say this is the Mark of the Beast. But if it will bother them, then I am down.