NCR (Duluth, Ga.) has turned to the academic community to create an "ethical hacking" program that will help the ATM giant better safeguard financial data in the coming years.
NCR has developed a corporate-academic alliance with the University of Abertay Dundee in Dundee, Scotland, devoted to uncovering and addressing criminal hacking threats posed to ATMs. Rather than reacting to known threats as they arise, the security intelligence gained and adopted between NCR and the University of Abertay through the ethical hacking program is designed to stop would-be hackers and viruses before crimes occur. NCR Labs, the company's advanced development arm, is taking the lead on this project. The aim of the program is to ensure that consumer trust in self-service is not compromised by criminal actions involving ATMs.
The current contract is the second to be approved through the KTP and focuses on personal authentication measures required to gain access to ATMs.
According to Jeff Dudash, a spokesman for NCR, "The University of Abertay Dundee was chosen based upon its existing expertise in the School of Computing and Creative Technologies and the outstanding staff, as well as their ability to partner with our financial solutions research and development team based in Dundee."
Dudash told BS&T that Abertay is offering a bachelors degree in ethical hacking through the partnership. NCR is partially funding the program and NCR employees also serve as advisors and managers on the program. The University provides the student participants and shares all research findings with NCR for consideration, and potential implementation in future R&D decisions.
So far, the program has arranged for a small working group of two-to-three student on rolling assignments.
Given the sensitive nature of the program, Dudash cannot go into detail on what it is that was discovered by participants. He does, say, however, that "the university has helped us uncover potential future issues that allowed us to make changes to the system in advance of any security issues affecting our customers. Working in this way with the university will allow us to constantly question our security philosophy and adopt a proactive rather than reactive approach. We've certainly been pleased with the program."
ATM crime is growing in scope, which is one of the things that prompted the Abertay partnership. Dudash says taking these problems seriously is paramount to protecting consumers and the 1.5 million ATMs deployed worldwide. "More than a billion dollars in global losses are reported annually from electronic crime and credit card fraud associated with ATMs," he explains. "In Europe alone, the total losses of 485 million euros were reported, according to the European ATM Security Team (EAST). NCR is taking a proactive stance on prohibiting ATM fraud."
NCR has a long history of working with university partners in many parts of the world such as Dalian University in China and the Indian Institute of Technology in India, UK universities like Robert Gordon, Duncan of Jordanston and Dundee Universities in Scotland, and University of Kent and Cambridge University in England, and Stanford University and Georgia Tech in the U.S. to name a few.
Some of the work NCR has done in conjunction with universities includes intelligent algorithms, human computer interface/usability and new sensor technologies.
And in NCR's home state of George, where it recently relocated its headquarters, the company is developing ties with the Georgia Institute of Technology to help get its Columbus, Ga., manufacturing facility off the ground. "As part of getting that new manufacturing center up and running, we're partnering very closely with Georgia Tech's logistics and engineering school to help us maximize our supply chain and optimize our 'Green Energy' initiatives at the plant. Some very cool stuff if you're interested," he explains.