ElectraCard is seeking new security certification

Pune-based ElectraCard Services, which is named in the multi-million dollar global ATM fraud, today said it is seeking fresh security certification from concerned agencies.

"We are in the process of re-certifying and re-listing with the PCI-DSS standards of the PCI Security Standards Council (whose certifications are recognised by international payment associations such as Visa and MasterCard)," ElectraCard said in a statement.

However, the company denied any role in the USD 40 million ATM heist in February 2013 and said its role was only in the USD 5 million fraud on December 21 last.

"As already reported in the media earlier this year, there were fraud attacks which affected several institutions worldwide, including ECS, last December and reports shed more light on the incidents because of the recent arrests," ElectraCard said.

The firm further said: "It has engaged external agencies such as Verizon in its forensic and other investigations. Through these investigations, there is a now a better understanding of how this has been perpetrated. However, as the investigation has revealed, the PIN and magnetic stripe data seem to have been compromised outside the ElectraCrad processing environment."

The statement further said it was in touch with the US Secret Service on the issue and that it will continue to work with the authorities to bring this to an acceptable closure for all its stakeholders.

Another company hit by the crisis is the Bangalore-based EnStage whose data security was also breached in the USD 45-million global ATM heist.

Like ElectraCard, EnStage also specialises in processing payment transactions and counts Bank of Muscat, one of the two affected banks in the fraud, as its clients.

"One of our customers was affected by the crime. EnStage is deeply committed to information security, and we will continue to take all reasonable measures to ensure our networks are secured from criminal actors," its spokesperson had said yesterday.

EnStage, promoted by Govind Setlur, had hired an independent security experts "to analyze the intrusion" and "recommend enhancements to its information security infrastructure", the spokesperson had said. It had also implemented additional monitoring capabilities, the spokesperson had added.

An international criminal gang made two coordinated hits on ATMs around the world in matter of hours recently, withdrawing USD 5 million on December 21 last year and another USD 40 million on February 19 this year.

According to banks and investigators, the gang made large cash withdrawals after hacking into Indian and US credit card processing companies to raise the balances and withdrawal limits on MasterCard prepaid debit cards.

According to a report, hackers broke into the systems of the two domestic companies that handled prepaid cards for two Middle Eastern banks -- Bank of Muscat and RakBank.

Bank of Muscat reported in February that it had to make a 15 million Rial or USD 39 million loss provisioning due to the fraud. 

DH Newsletter Privacy Policy Get top news in your inbox daily
Comments (+)