Card skimming is a fraud method whereby a malicious person can copy your payment card so that he or she can use it later on to impersonate you and pay in your name or obtain money from an ATM from your funds.
Payment cards were in the past nothing more then a plastic card with an embossed number that could easily be copied by either looking at it, or by passing it trough a machine with carbon paper. Those cards have on the back a magnetic stripe that was used to program the same number and some security features like a validity date and a checksum number. It became much easier and cheaper to obtain card readers that could read the magnetic stripe on the back of the card, and empty cards could be easily re-programmed with the same number.Security Improvements
Security is a cat and mouse game. Malicious people are very inventive finding ways around security measures, improvements are often driven by fraud situations that made banks and clients loose a lot of money. It’s also a bit like cleaning up the water while the faucet it still running…Some ATM’s and card readers were modified to be able to optically read the embossed numbers on the card to make sure that simple ‘white label’ cards with only the copied magnetic stripe would not work anymore. Once this became again known by the malicious people they’ve added a computer chip that would only provide the security numbers and details once inserted in a trusted terminal. Currently, this is one of the most secure methods, ATM’s and card readers can be programmed to be more easy or more lenient in regard to card security, but systems that use a chip only (or sometimes combined with a stripe and optical features of the card) are currently deemed the most secure.
Contactless payments
And now recently new functionality has been added to payment cards, the possibility to pay by just approaching your card to a payment terminal, pretty much like a badge to get into a building.NFC technology allows short range wireless communications (a couple of centimetres, not more). This allows for payments to be made over this wireless interface up to a certain max. amount. NFC cards can be easily read by smartphones with a NFC chip and software. This will provide a couple of details of the card that can be used to re-create again valid payment cards that can emulate the original card.
Careful where you walk…
It has become a new sport by malicious people to get themselves a valid payment terminal they can use. It is not hard for private people to obtain a portable payment terminal themselves and use that to steal money from you with contactless payment cards.Most cards will allow a certain amount to be debited without using a PIN number. Malicious people program the terminal to ask for the max amount and will pass by you and have the terminal approach your pockets. You can sometimes observe this in crowded area’s like public transportation. Most criminals will (try to) disable the beeper of the portable terminal but they don’t manage always. Be alarmed if you hear short beeping noises around you, it could be a person stealing 29.95 from you. Most people only look once every month on their account statement, once realised, this money is already long gone…
Recent Comments