Auriga was recently honoured with the prestigious Peter Kulik Innovation Award from the ATMIA, the leading non-profit trade association representing the entire global ATM industry. Stefano Cipollone, Auriga’s Business Development Manager, reveals why WinWebServer (WWS), the integrated ATM acquiring solution, was selected and what it means for customers.
Q: How do you feel about your Peter Kulik Innovation Award win?
Very proud, of course, as it proves our ongoing commitment and investments have found an important new appreciation on the market. WWS differentiates itself from older, increasingly restricted, and outmoded methods of integrating ATMs with other banking systems and services.
Q:What industry problems does Auriga’s integrated acquiring solution solve?
Auriga has recognised for some considerable time the inherent weaknesses in the traditional ATM architectural model, prohibiting it from evolving into a complete next generation ATM and branch automation infrastructure. Our WWS software proposition is based on a channel integration model that solves many of the problems that most ATM infrastructures are coming up against.
WWS solves major industry challenges such as improving self-service security or enhancing the retail banking customer experience of digital self-service banking. In fact, the ATM channel remains siloed and unlike any other digital channel in the way, it is managed.
Introduction of new technologies, integration with other channels like mobile and branch, flexibility to implement both new functionalities and mandates are all still encountering a number of infrastructural obstacles. Specifically, the need to synchronise the three main parts of the current infrastructure (ATM Application, Terminal Handler and the Protocol that is the “contract” between the two).
Traditional ATM acquiring architecture needs an infrastructure upgrade to be able to remain relevant within the context of an increasingly wide range of digital channels and changing customer behaviours. It is therefore vital to be able to offer expanded services across self-service and other channels using a framework that was built for that purpose.
Q: Can you explain the channel integration model and its importance?
The hardware is isolated, and the software stack can be more logically structured into an integrated client-server solution that is not separated anymore, as it was with the previous architectural model. It clears the roadblocks created by the de-facto company driven NDC/DDC protocols and reliance on legacy terminal handlers.
Therefore, there is no waste into the definition, agreement, publishing, and implementation amongst different parties, but all the focus and energy go into the actual implementation of the business requirements in a much more agile approach. This integrated client-server software stack clears the way to connect the ATM and self-service devices in general to other downstream services, such as mobile channels, upstream transaction processing layers, and core banking services.
It is actually key in allowing financial institutions to deploy effective branch automation solutions and provide better customer experiences, enhance customer satisfaction, deliver functionalities faster and at lower cost, as the technology allows them to focus their energy on business functions.
Q: What can organisations do to improve the security of the ATM ecosystem and enhance the user experience at ATMs?
In terms of security, ATMs should be kept in a silo infrastructure and segregated from the corporate network with strict, controlled, and monitored access policies. This would prevent potential ATM security risks through lateral movement from a compromised internal network.
The Zero Trust approach ought to be mandatory and applied to the software that is allowed to be executed and the hardware to be connected. The model concentrates on a certification process by the security and ATM operations teams that decide on the resources that can be trusted based on operational needs.
An organisation’s security policy needs to consider the status of devices. The policy must be extremely strict when ATMs are in production (in service) and can be physically accessible for a potential cybercriminal. However, when the ATM is undergoing maintenance with a third party technician that may not be fully reliable when manipulating the device SW and HW, the security needs to be relaxed.
All activity needs to be monitored and changes in HW/SW need to be detected. In order to properly manage the on-site maintenance activities, it is critical that the security tool is integrated with the ATM operations/monitoring tools so that protection is rarely relaxed and always fully controlled.
Q: Finally, do you have any thoughts on upcoming ATM innovations and trends?
Infrastructure overhaul will be a huge trend – with the proper choices, banks can adapt their structure to deliver innovation. Having ATM software and infrastructure that enables seamless alignment with current and future needs is going to be imperative for current and future banking.
Banks and ATM owners must consider more innovative strategies and next generation self-service banking technology to preserve and improve access to cash, while reducing the “cost per transaction” of maintaining a self-service or branch channel, addressing changing customer habits. This requires overcoming challenges that stem from how ATMs have been neglected and siloed compared to other digital channels that banks have embraced over recent years.
It is also necessary to support alternative cost-reduction strategies like the lean bank branch or ATM pooling. Flexibility and efficiency can be achieved only when modern technologies can be fully leveraged. An increasing number of financial institutions are realising this when embarking in these modernisation and optimisation processes.