Fact-check: Does pressing 'cancel' twice on an ATM protect from cyberattacks?

Multiple social media posts, which have garnered tens of thousands of views, claim that pressing the ‘cancel’ button twice after withdrawing money from an Automated Teller Machine (ATM) will prevent an ATM PIN theft.

The claim is untrue.

Claim

“After withdrawing cash from an ATM, do remember to press the ‘cancel’ (X) button twice before you leave,” one user wrote on Instagram on November 6, “Otherwise cyber attackers can hack your [bank] account.”

The post has been shared over 42,000 times and liked over 20,000 times to date.

Identical claims were shared here and here on Facebook.

Fact

Pressing the ‘cancel’ button twice after completing a transaction at an ATM will not prevent cyber-attacks or ATM fraud, information technology experts confirm.

An IT expert at Bank Alfalah in Karachi told Geo Fact Check on the condition of anonymity that the ‘cancel’ button's primary function is to conclude the ongoing transaction and prepare the ATM system for the next user interaction.

“Users do not need to press the cancel button again after completing a transaction, as it is designed to close the transaction automatically once it's done and concluded,” he wrote via email.

While Khawaja Mohammad Ali, the former regional coordinator of the cybercrime wing at the government’s Federal Investigation Agency, called the online claims a “hoax” which should be “ignored”.

Ali explained that if a bank does notice any “malicious system activity” it informs its customers through proper channels.

Ali Habib, the chief spokesperson of the Habib Bank Limited, also rubbished the online claims as “false”.

With additional reporting by Saman Amjad.

Follow us on @GeoFactCheck. If our readers detect any errors, we encourage them to contact us at [email protected]