1969: Six weeks after landing men on the moon, Americans take another giant leap for mankind with the nation’s first cash-spewing, automated teller machine.
The machine, called the Docuteller, was installed in a wall of the Chemical Bank in Rockville Centre, New York. It marked the first time reusable, magnetically coded cards were used to withdraw cash.
A bank advertisement announcing the event touted, “On Sept. 2, our bank will open at 9:00 and never close again!”
Don Wetzel, an executive at Docutel, a Dallas company that developed automated baggage-handling equipment, is generally credited as coming up with the idea for the modern ATM while standing in a bank line. Previous automated bank machines had allowed customers to make deposits, pay bills or obtain automated cash — after purchasing a one-time voucher or card from a teller. The new device was the first in the United States to dispense cash using a mag-stripe card that didn’t require teller intervention.
For the time being, tellers had no need to fear for their jobs. At about $30,000 each ($178,000 in today’s buying power), the machines cost more than a teller’s annual salary.
And they could only dispense cash, not receive deposits or transfer money between accounts. Those features came with the 1971 version, called the Total Teller.
The ATM freed customers from the tyranny of banker’s hours, giving them access to dough 24/7 and even, much later, performing the function of currency converters — allowing Americans traveling abroad to obtain cash in local currencies.
Of course, the machines were good for banks, too, eventually letting them cut costs, reduce teller lines and, of course, charge outrageous user fees.
There were issues, though. Because the machines were offline there was no way to check a customer’s balance to see if there was enough money to cover a withdrawal.
“Not only was it a technical problem to overcome, it was a problem in the minds of the banker to issue a card to somebody and not know whether he had the money in his account or not,” Wetzel said in a 1995 interview .
To overcome that barrier, there was a $150 daily limit for ATM withdrawals. Other obstacles included finding a manufacturer to put mag stripes on the back of the bank cards, and printing receipts that could be read by machine.
Then there were problems with resistance from banks, who worried that customers would reject the machines, or that reducing face-to-face interaction with customers would lose opportunities to sell customers other bank services.
Customers embraced the new machines, however, which opened the way for other manufacturers to get in the game.
Diebold was one of the first companies to see the gold in the emerging ATM market. A maker of safes and vaults until then, the company
decided to branch out in 1974 with the first installation of its TABS 500 ATM. By 1995, Diebold was producing more than half of all ATMs in the United States.
Today there are ATMs everywhere, including one at the McMurdo research station on Antarctica –- but no sign of one, just yet, on the moon. And today’s ATMs go far beyond teller duty. Some even sell lottery tickets and postage stamps.
But along with the ubiquity of the machines came security issues.
The first ATMs were offline mechanical machines. Within a decade, with the rise of PCs, they became electronic devices. By the 1990s, ATMs were being connected to backend networks by modem, and their dominant operating system was Microsoft Windows. This, of course, opened a whole new wave of vulnerabilities.
Since then, hackers and scammers have kept banks on their toes devising ever-more-sophisticated ways to steal cash through ATMs. Skimmers, until recently, were the dominant mode. The devices consist of components slipped over legitimate card readers that surreptitiously record data from the mag strip of cards as customers insert them. A tiny camera captures the customer’s PIN as it’s entered on the keypad.
There have also been a spate of attacks using a default passcode that the maker of one ATM brand inexplicably printed in an operator’s manual easily found online.
Recently, however, hackers have found new ways to strip ATMs of their cash by installing malware on the machines. Last year, malicious software was discovered on 20 bank ATMs in Russia and Ukraine. The program was designed to attack ATMs made by Diebold and NCR that run Microsoft Windows XP software.
The attack requires someone to physically load the malware on to the machine — with a USB stick or cable, for example. Once this is done, attackers can insert a control card into the machine’s card reader to trigger the malware and give them control of the machine through a custom interface and the ATM’s keypad.
A thief could instruct the machine to eject whatever cash was inside the machine. A fully loaded bank ATM can hold up to $600,000. The malware also captures account numbers and PINs from the machine’s transaction application and then delivers them to the thief on a receipt printed from the machine in an encrypted format, or uploaded to a storage device inserted in the card reader.
This year at the Black Hat security conference in Las Vegas, researcher Barnaby Jack took the hack one step further by discovering a way to “jackpot” ATMs by installing malware remotely over modem on one brand of ATM, using a vulnerability he found in the system.
Photo: An unidentified girl puts her computer punch card into the slot of an ATM money machine, outside a bank in central London in 1968.