NationalLink is following “Business as Usual” approach, we made a number of significant changes to our operations to account for the current situation.
More Information



Keeping track of your money: Enroll in text alerts

I've always wanted to travel to Europe and visit Italy, England, Ireland and Spain, but like most of the country life gets in the way and we just assume that we'll make that commitment later in life.  

However, according to my bank statement i've already been to London and attempted a purchase of over $1,000.  And just a few hours before there were two charges that occured stateside in Maryland, one for $8 and some change and another for $3. Who knows how this happened or why it happened to me, all I cared about was the fact that I caught it. And it wouldnt have been a red flag for me if I hadn't enrolled in text alerts.

In a recent blog entitled Counterfeit Fraud: How it works and how to prevent it, I went over some techniques of how thieves can obtain your card information and their methods of securing your funds. There was the method of shipping a physical compromised card to a country, as well as card-not-present.  In this example, card not present was the method of choice. Somehow, at some point, my data was compromised. i happen to feel that I'm situationally aware when it comes to pulling cash from an ATM. I don't send my account information to anyone, I don't text it to anyone. So the only thing that really came to mind was a method that some hackers have adopted to literally view activity on your computer called "evil twin".

I can't remember the last time I connected to a coffee shop's WiFi, but i can tell you that I have connected to their "unlocked" connections.  Before I became "Security Plus" certified I wasn't aware of this, but when you go to a coffee shop, bakery, bookstore or restaurant the first thing you do is connect to their WiFi. Which by the way may be counter-productive, since a crowded WiFi connection can actually be slower then your data stream. However, when you search for a connection, locations should have have a secure connection with an image of a padlock next to the signal strength indicator, it's not necessarily a redflag if it is unlocked. The redfag should go up when you see two internet connections with the same EXACT name while one is secured and the other is not password protected.  Chances are that unsecured connection, though it's more convenient to connect to, may in fact be an evil twin.  

An evil twin is when someone is using their laptop/tablet/smartphone to impersonate a router. When you think you're connecting to a free wireless connection, you in fact be connecting to someones smart device.

Now that someone has seen you purchase new shoes or book a hotel, your card information has become compromised.  It's just a matter of time before the hacker attempts to use your information.  Again, who knows when my information was stolen, what matters is the fact that I caught it with the help of text alerts. My hackers attempted two small test transactions to ensure the card works and to avoid redflags, followed by a large transaction to get more money in one sitting. 

Though I will always be careful when inputting card information and hope my new card comes in the mail before the weekend, I will more then likely scratch London off of my list of places to visit.  Remember, use websites that are verisgn certified and guarantee your account's safety. And ofcourse, enroll in text alerts!

EMV in the US

As we ponder this question, consider the most recent ATM theft in which organized thieves drained more than $45 million dollars from ATMs worldwide in mere hours. By accessing bank databases, cyber-thieves were able to eliminate maximum withdrawal limits on individual accounts, load customer data onto any plastic card with a magnetic stripe (a hotel room key would suffice) and use them to withdraw millions of dollars in cities around the world. Such a scheme isn’t that difficult to accomplish with the magnetic stripe technology we use today.      

The good news is that EMV is coming soon to an ATM near you. But “soon”
 is a subjective term. Most industry experts agree the primary driver for EMV migration in the U.S. will come from issuers, as they’re the ones tasked with replacing more than a billion mag-stripe credit and debit cards. This won’t be a singular event – but rather an ongoing process, where expired cards will be gradually replaced with EMV chip card technology. The shift will be subtle, and the card-holder may not even be aware of the change.


Before issuers can start providing customers with EMV smart-cards, they need a plan for accepting them at terminals. The first step towards accepting EMV smart-cards at the ATM is typically an assignment of liability:

• MasterCard is the first in the U.S. to publicly declare that if fraud occurs on a transaction initiated through an EMV card on a MasterCard, Cirrus or Maestro network, then the ATM owner will be liable for that fraud if the ATM was not properly equipped to support EMV technology. Visa has also announced dates for liability shifts, and other issuers in the U.S. will soon follow suit.

• In Canada, Visa was first to shift the liability to ATM owners. Within two years, all cards from Interact members (Royal Bank of Canada, CIBC, Scotiabank, Toronto-Dominion Bank, and the Desjardins Group of Credit Unions) featured EMV chip-cards.

While the October 2016 deadline for compliance in the U.S. moves closer, the message is clear: It’s time to get ready for EMV. This shift, which can take up to a year to complete, involves hardware, software and professional services to ensure compatibility on the back end.



Handling Regulatory Issues - How and when they pay off.

In the past year ATM deployers have dealt with the ADA  deadline with PCI and EMV not far behind, not to mention the Windows 7 integration and deposit automation. It sounds like a headache I know, but it's really not all that complicated.  These all contribute to necessary hardware and software updates that need to be acknowledged.  But why are all of these upgrades even necessary? Two reasons:

Technology Shifts and Regulatory Mandates.

The upgrades due to technology shifts are not necessarily "legally" mandatory, but if you want to remain competitive then upgrades like Windows 7 and deposit automation are crucial.

Regulatory mandates such as ADA, PCI and EMV are necessary for financial institutions and deployers to keep up with regulatory compliance.  The fees with non-compliance fines and liability related lawsuits are much greater than the cost of the upgrades, so in the end the payoff is upgrading.

EMV is a bit of an exception because it isn't necessarily going to be a governmet regulation. You may have heard the term "Liability Shift" thrown around quite a bit. This liability shift is what is driving the EMV transition.  There is no specific penalty for not upgrading to a smart-card reader. However, with the liability shift, the responsibility of fraudulant activity trickls all the way down to the ATM owner.

A quick example: in Canada, an ATM destributor opted to not upgrade four of his machines by the January 1, 2013 deadline. Word got around that these four machines were not ready to accept EMV, so they were targetted. The thieves obtained a number of comprimised cards with unknown balances and withdrew over $90,000.  Needless to say these charges were being disputed by the actual account holders and because the liability shift deadline had passed, the only party that was required to pay back that $90,000 was the small time ATM destributor. And all for now spending the extra cash to upgrade his four machines.

With that being said the final decision when upgrading should make sense in that as an investment, they should generate a return.  Ofcourse common sense will tell us that not upgrading even just four machines isn't worth $90,000. 

Mathias Thiele, VP of Global Development at ACG Inc., uses the example of the automation of check handling: “Automating check processing results in greater operational efficiency and lower operational costs for end users, therefore satisfying the ROI (return on interest) requirement”.

Larger institutions have already adopted automatic check processessing where as the small companies are still in the process, though due to the cost of the upgrade it is actually more burdensome on the small company's budget than on larger institutions.  However, it is still essential for the smaller communities to invest into the upgrades to simply stay relevant in the industry.

These advances and requirements will come and go. The best thing to do is upgrade as soon as possible, otherwise take a step back and consider your companies budget.  Will remaining behind one step really affect you? Will it really hurt you if you don’t get that iPhone 5s and stick with the iPhone5? Advance your machines when it’s mandated and fiscally sensible and always remember to solicit advice and service at


Ensuring a Successful Business Venture

Create a business that revolves around the customer.

Satisfying the market is key when developing a business plan for your company. A lot of companies will try to “push” what they are offering without considering a customer’s needs. Terrina Rishel, co-founder of ATM Authority uses the restaurant industry as an example in that, “not even the best location or most beautiful ambiance can be successful if the menu is horrible”.  The fate of most business ventures can typically be determined within the first few minutes of a pitch, depending on how focused the idea is towards customers.

Respecting your Clients

Ignoring good feedback can lead to bad trends in your company.  It’s immediately evident that you expect your clients and customers to change their ideas towards your company.  Adapting to your surroundings shows how much you care about your clientele. Leave room for accommodation, if a customer is looking for something to be done that is out of the norm, be ready to satisfy that order, this will also set you apart from the competition.

Avoid consistency in the industry

The first thing new up and comers within any industry tend to do is look at the competition and begin the processes by imitating what has already been done. Now if the industry seems to difficult to break into, it can be a sign of an overcrowded market, in which case “you may want to reconsider the venture”, says Rishel. However, if you are educated enough within the industry, you may be able to find holes that others haven’t yet considered to fill.  Rishel advises: “differentiate yourself by doing due diligence and starting with what is not working, instead of what is working”.

Over indulge in knowledge

Be an expert! The difference in knowing the answer of a question will instill confidence as opposed to having an idea or knowing the bare minimum to get by. If your company is providing a service, be prepared to answer any and all questions your customers may have. Knowing more than what is expected of you shows that you care enough about your customers to really dig deeper on any issue. “Being viewed as an expert and staying top-of-mind with your market is the fastest way to ensure that you are included when a proposal is needed”. – Rishel

Always ensure mutual benefits.

Companies will constantly try selling the “win-win” relationship that is promised  to nearly any new business venture.  Be completely honest and hold yourself to a moral compass that sets you apart from the competition. Putting yourself in your customer's shoes and realizing that it may not benefit them down the road shows a different level of respect.  Consideration in declining a proposal that doesn’t pay off for both parties will show your commitment to your principles and could lead to referrals by customers that look for honesty.

“It’s simple really: Find a customer to make happy – and do it!” - Rishel