In the News


TRF is a fraud method of obtaining cash from the ATM without the account used to initiate the transaction being debited. This is typically accomplished by the criminal inducing a fault at the ATM during the cash dispense operation such that the host application software logic will reverse the transaction (i.e. not debit the account), although the ATM will dispense the cash and the criminal will remove it from the ATM. 

Criminals will typically use anonymous accounts for this fraud to avoid detection, often using prepaid cards or stolen or skimmed cards. 

This particular form of TRF has been reported in the United Kingdom, Ukraine, and Canada to date. The typical ATM models attacked are Through-The-Wall (TTW) ATMs, such as the NCR 6634 and 6625.

The M.O. in the recent reports uses a technique that causes a fault at the ATM card reader during the cash dispense transaction. A card and PIN are correctly entered into the ATM, and a cash withdrawal is requested. While the transaction is being authorized at the host, the ATM will pre-position the bills behind the dispenser shutter, ready to dispense. The card is ejected, and rather than take the card as per a normal transaction, the criminal leaves the card in the slot. The ATM transaction will timeout, and the card reader will attempt to capture the card. At this point, the criminal will hold onto the card preventing it from being captured. This results in the ATM reporting a card jam, and because no cash has been dispensed, the host software will reverse the transaction. Now the criminal will force open the dispenser shutter and remove the cash before the ATM has an opportunity to put the cash into the dispenser reject bin.

If you want to better protect your financial institution, take a look at how FTSI can protect you bu clicking the following link and contacting us via the information below;

(818) 241-9571

Tags: FTSI, Financial Institution, Electronic Security, ATM security, Banking Security, Transaction Reversal Fraud