Guarding Against Payment Card Withholding and Skimming
Making purchases with debit or credit cards is generally safer than using cash, but card withholding and “skimming” frauds can compromise the accounts of unwary consumers.
Card withholding refers to credit card data being compromised when a payment card is out of your sight, such as making a payment at a restaurant or a bar. Skimming fraud, which is becoming more common, refers to the duplication of cardholder data from the card’s magnetic strip to later make unauthorized purchases or cash advances.
In either instance, paying attention to your surroundings and using cards carefully can help reduce the risk.
Skimmers More Sophisticated
Just as mobile technologies increase in power while they decrease in size, skimming devices, which mimic legitimate card readers, are becoming more sophisticated and harder to detect at first glance.
A skimmer sits on top of the card reader at an ATM or gas pump. As the user swipes or inserts their card, the skimmer quickly captures and stores the data on the magnetic strip.
With some skimmers, the fraudsters have to retrieve the physical skimmer to download the card data. With others, a small Bluetooth transmitter sends data to someone parked nearby with a laptop.
The skimming problem continues to rise, despite the implementation of security chips on payment cards. Because gas stations were exempted from the initial roll-out of the chip cards, they still rely on magnetic strip data — and remain a rich target for hackers.
A new variation on the skimmer fraud, known as “shimming,” alters card readers to block the use of security chips. In these instances, the card reader defaults to the magnetic strip, exposing the stored data to potential misuse.
Smaller, more powerful skimmers are also being used in card withholding fraud, with servers swiping payment cards on portable devices before completing the diners’ purchase on the restaurant’s point of sale system.
Protecting Your Cards
Protecting payment cards against misuse requires paying attention to how and where you’re about to make a purchase, and looking for common signs of potential fraud.
At a gas station, for instance:
- Take a look at the pump and card reader. If the reader looks slightly normal than usual, or if a security seal on the pump has been broken, avoid inserting your card.
- Wiggle the reader. A legitimate reader should feel like a solid part of the pump, while a skimmer is designed to be removed easily. If a reader feels loose, don’t use that pump.
- Pay inside. Payment terminals inside gas stations are less likely to be compromised.
In a restaurant, it’s harder to track your card as it’s being swiped. Instead, consider paying with cash or with pre-paid payment cards with stored value. If a stored-value card is compromised, your other bank accounts won’t be exposed.