An article relating to this blog post on Finextra:
UAE banks hit by surge in ATM fraud
Banks across the United Arab Emirates (UAE) are sending customers text messages urging them to change their PIN numbers following a surge in fraudulent ATM withdrawals made abroad.
The news article just mentions changing the pincodes. Changing the pincodes is not enough. The card numbers can be used for card not present transactions.
Will there be another lawsuit much like what happened with TJX? Will this breach be used once again to 'promote' EMV and blame countries who have not fully migrated to EMV?
If issuing banks allowed their cardholders to turn off their card accounts for cross border, atm or card not present transactions when the cards are not being used, thieves will stop doing what they do. A system that enables cardholders to turn on or off
their card accounts by setting their own user limits is the only really effective system that deflects the increase in card fraud while it guarantees an excellent quality of service to cardholders. With this system, fraudsters would no longer have any reason
to sniff out and copy card details. And this system does not compete with EMV. It can and should exist with EMV.