ATMIA has published new industry best practices for ATM software security.

The manual will help the industry to combat security threats like malware attacks.

"The release of Version 3, which contains major updates to version 2.1., is very timely, especially in view of the significant rise in ATM malware attacks across several markets," explained Technical Editor and co-author, Douglas Russell of DFR Risk Management.

He thanked other contributors including Triton, GMV and Q-ATM.

The manual includes a survey of the current global ATM software environment, a description of the PCI framework for ATM software and sections on ATM Security Governance, security and software operational policies, threats to ATM networks, physical and logical fraud, payments security and the role of encryption. There are also chapters on preventing insider fraud, service interface protection for the ATM, relevant emerging technologies and detecting and mitigating malware and black box attacks. Finally, there is a checklist of recommendations for security ATM operating software and an essay on the "Ten Immutable Laws of ATM Security".

"Every company in the industry should put into practice these security recommendations in order to prevent the spread of global malware attacks," advised Mike Lee, CEO of ATMIA.

Members can download the manual here.