India moves to triple DES on its ATMs

I was intrigued to read on the Indian newswires last week that Visa and MasterCard have instructed their member banks there to upgrade their ATMs to triple DES encryption standards by July 1 of this year.

According to the report, most of the cash machines in Indian that were installed prior to 2002 use DES encryption, but all of the machines sold since use triple DES.

Santanu Mukherjee, Visa International's country manager for South Asia, said in a press statement that, in the interests of security, Visa has insisted that all banks in the country comply with this mandate in the required timeframe.

"This is an international mandate and all regions have to comply within their specified time period. The US and the Asia Pacific region have to comply by 2007," he explained.

What's interesting about the report is that some banks, notably in the US, are having to invest extra dosh in upgrading their cash machines, which typically have a lifespan of 10 years or more.

What I found especially interesting was the fact that some of the US network of ATMs are using older encryption technology - I'd always assumed that US cash machines used the highest levels of encryption...