One of the biggest risks of paying for something with a credit or debit card is the potential for your card information to be stolen.
When people think of credit card fraud, they usually think of someone stealing their wallet and using the cards or some form of identity theft.
Another common form of card theft is somehow stealing your card information and creating a duplicate card.
You’ll never know that someone else has access to your card details, but somewhere there will be a scammer who has a credit card that looks just like yours.
When the scammer uses this duplicate card, the amount they charge will be added to your card’s balance, leaving you to foot the bill.
One common way of getting the information needed to generate these duplicate cards is by using a card skimmer.
What is a Credit Card Skimmer?
A credit card skimmer is a small device that attaches to a standard card reader. These are commonly attached to gas pumps, ATMs, or other card devices that include card readers.
Typically, a fraudster will choose the card reader they want to target a build a card skimmer that will easily attach to the device. The skimmer may be a small device that slides into the slot that accepts credit or debit cards. It might be an attachment that goes over the slot.
How it steals your card info
No matter how it attaches to the device, the effect is the same.
When you insert your card, you aren’t actually inserting it into the slot on the device you are trying to use.
Instead, you insert it into the slot on the card skimmer. The skimmer will read the details from your card and save them to memory.
It will then transmit your card details to the device you’re trying to use.
Your transaction will go through as normal, but the fraudster will now be able to view your card details.
Card security measures
The security systems on credit cards are actually surprisingly basic. Cards that use magnetic stripes are very easy to read and very easy to copy. After all, the technology is fifty years old and based on old-fashioned cassette tapes.
Once someone has stolen your card details, it’s trivial for them to make multiple duplicates of your card. It’s also easy to get a lot of card details in a short amount of time.
Security experts say that a single compromised device can net fraudsters info from as many as 100 cards in a single day.
If you’re worried about your card’s details being stolen by a card skimmer, consider these countermeasures.
1. Pay Using a Manned Point-of-Sale Terminal
People who use card skimmers rely on the fact that many devices that use credit and debit cards aren’t manned.
ATMs, gas pumps, and many other devices are only ever used by customers.
Of course, there is the need for occasionally maintenance and restocking, but these devices spend aren’t monitored most of the time.
The fact that these devices aren’t monitored makes it easy for someone to install a card skimmer. It may only take a few seconds to install a skimmer, so most passersby wouldn’t even notice anything suspicious about the fraudster’s visit to the ATM or gas pump.
Once the skimmer is installed it can transmit data to the fraudster automatically. Even if the skimmer is discovered during the next maintenance period, having the skimmer in place for just a few days is all it takes for hundreds of cards to be compromised.
One great way to avoid card skimmers is to only use manned point-of-sale terminals. If you’re at a gas station, pay inside by speaking to an attendant. If you’re at a fast food restaurant, avoid the self-service kiosks and order at the counter.
The only way for someone to install a skimmer at a manned POS terminal would be to distract the employee manning it, which would be far more difficult.
2. Use Mobile Payments
Card skimmers rely on the fact that you have to swipe or insert your credit or debit card.
That means that you can avoid card skimmers by making use of mobile payment systems. Apple Pay, Google Pay, Samsung Pay, Chase Pay, and similar services are constantly growing in popularity. As more stores accept mobile payments, you will find it easier to use these apps than to swipe your card. Using the apps will also help you avoid fraud.
Apple Pay, Google Pay, Samsung Pay, Chase Pay, and similar services are constantly growing in popularity. As more stores accept mobile payments, you will find it easier to use these apps than to swipe your card. Using the apps will also help you avoid fraud.
Other online payment systems, such as through a loyalty app, let you bypass swiping your card. A clear example is Starbucks.
This is also a good way to avoid card terminals (and, as a result, any potential card skimmers).
3. Use a Skimmer Scanner App
Card skimmers these days are highly sophisticated electronic devices. Many of them are designed to transmit data back to the fraudster wirelessly.
That means that once the skimmer is in place, the fraudster doesn’t have to come back to the scene to collect the data. You can take advantage of this.
Some smartphones offer skimmer scanner applications. What these apps do is scan the area you are in for various wireless and Bluetooth signals. Typical signals like cellular data and WiFi are easy to identify.
Bluetooth signals are short range, so it’s unusual if you pick up many Bluetooth signals in an area near a device that might be affected by a card skimmer.
The skimmer scanner app will analyze nearby data signals to look for potential skimmers. If it finds one, it will notify you so you can avoid swiping your card.
4. Inspect the Card Reader for a Skimmer
One habit that is good to get into is to physically inspect the card reader of any device you’re planning to use. Skimmers are designed to be easy to attach to a device and easy to remove from a device. You can use that to your advantage.
Look at the card reader. Does it look unusual or does it look like there may be something alreay in the slot? If so, there’s a chance there’s a card skimmer attached to it. You should also physically nudge the card reader or check if there’s a skimmer in the slot. You might be able to detach the skimmer so you can safely use your card.
ATMs are common victims of card skimmers, but to complete an ATM transaction, a fraudster will also need your PIN. Feel the keypad to see if something has been attached to it to copy your PIN.
Sometimes criminals will attach fake keypads over the top of the ATM’s keypad so it can record each button that is pressed.
They may also place a hidden camera in the area and point it at the ATM’s keypad. Look around for cameras and make sure to hide the keypad from view as you input your PIN. Both these tricks can help you reduce the chances of fraud.
5. Use Your Card’s Chip Rather than the Magnetic Stripe
Many credit cards have started moving away from using their magnetic stripes, instead, asking customers to use the card’s chip.
Many people found this transition somewhat annoying, due to how long chip transactions take compared to swipes. Still, using your card’s chip is an important precaution to take to avoid fraud.
The data on your credit card’s chip is far more protected than the data on the card’s stripe. The data is encrypted and anyone who manages to capture that data will need to know the decryption keys to get any useful information from it.
To make things even harder for criminals, the data on your card’s chip is constantly changing. Anyone wanting to clone your card’s chip would need to know the algorithm used to generate your chip’s data so that they can keep the clone’s information updated.
While all the equipment needs to skim and duplicate a card’s magnetic stripe may cost less than $50, you’d need $1 million or more to be able to break chip security.
Card skimmers are an easy way for criminals to steal your credit or debit card information.
Skimmers are cheap, easy to place, and can get criminals information on a hundred or more cards in just a single day.
Knowing what skimmers are and how to avoid them can help you reduce the chances that you will be affected by this type of fraud.
Keep an eye out for physical evidence of a card skimmer whenever you use your card, and use your card’s chip whenever possible.