Stealing account data from a credit card and duplicating the information into another card for fraudulent purposes is called ‘skimming.
Small business owners need to be cautious of something called credit card ‘skimming’. It affects credit card holders, business owners, and merchants as well. It is very important to understand how ‘skimming’ works. First, let’s find out what exactly this skimming activity is all about.
Stealing account data from a credit card and duplicating the information into another card for fraudulent purposes is called ‘skimming.’ During active and legit transactions, card holders (and most of the times retailers too) are completely unaware that the card’s data is being stolen. A consumer walks into an ATM or a gas station and uses their credit card for withdrawal or for making a payment. And while a transaction is in process, all data (including account number) is transmitted electronically to another card reader. These tricky card readers are often carefully hidden and attached to the POS (point-of-sale) devices. Data from a legit credit card is mapped to another card, and soon that counterfeit card is prepared to be used anywhere in the world. Affected cardholders receive updates after the damage has occurred. This is a grim scenario.
HOW IS CREDIT CARD SKIMMING DONE?
Unauthorized card readers are attached in front of actual card reading slots of ATMs and other POS devices, at places like gas pumps or wherever credit card transactions are done. Credit card information is captured by these card readers as cardholders attempt to use the machines in front of them. There have been instances where skimming devices were found on the doorframe slots of ATM vestibules. Unsuspecting consumers dip their card into such rigged doorframe slots to open the door, and within a few seconds, their card information and account details get stolen.
Many times, the skimming devices capture information from ATMs while legit transactions are in progress. These devices can also be placed in the pinholes set for video cameras in ATM machines. And, at times, fraudsters can even use a secondary keyboard laid over the original keyboard to capture the card’s PIN (personal identification number).
Card skimmers either work alone or in groups. They usually befriend corrupt employees working in cafés, restaurants, and bars, etc.; or sometimes take a temp job at such places. Who will suspect a legit employee at these places while handing their credit card! The technique and strategy works well and has been successful for a long time.
Skimmers shrewdly conceal their skimming devices within or close to the POS equipment, and collate data as much as possible. There are handheld skimming devices too, which can be easily hidden in a pocket. Then, certain ‘gifted’ fraudsters are known to use sleight of hand for skillfully swiping a credit card, right under the nose of its cardholder. Skimmers use all sorts of ways to strip data from the magnetic stripes set behind credit cards. The stolen data opens door for illegitimate purchases which can be done online or in-person.
Often, such fraudulent transactions go undetected for a long while. Usually, cardholders realize the problem once they get their card’s monthly statement. Those consumers who don’t bother to regularly check the monthly statements find their cards utilized up to the worst limits. This is the reason why banks emphasize on reviewing credit card statements on a monthly basis, and ask for immediate reporting of suspicious transactions.
HOW FAR HAS THE SKIMMING ‘BUSINESS’ GONE?
According to a report pulled up in 2010, credit card skimming causes losses in the billions. In the U.S. alone, the approximate loss comes up to $8B annually! 80% of the frauds are conducted using ATMs.
Banks, merchants and government agencies have adopted many security policies and techniques to fight skimming. Still, a most recent report shows the loss of $2B due to financial data breaches – money stolen through credit and debit cards. Keep in mind that this figure does not include the losses borne by merchants. This amount is for cardholders only. If merchant losses are to be included, then the figure would shoot up to tens of billions… and that too in a year!
According to a research, data theft of credit cards in the U.S. is mostly perpetrated by organized gangs belonging to various countries. The research also mentioned that Eastern Europe seems to be a thriving market (black market) dealing in skimming equipment. And not just equipment; but of late, even financial data is brought and sold on a regular basis.
Agencies, responsible for apprehending skimmers, say that most of the times it becomes difficult for them to authenticate fraudulent transactions since many financial institutions maintain a discreet position when asked for an assessment. According to the concerned agencies, skimmers have also started strongly focusing on debit cards – a faster way to get hands on cash.
Frauds through debit cards (using PINs) have quintupled, given the banking industry data. Crooks are successfully managing to acquire debit card PINs through skimming and data-recording via ATMs.
WAYS TO PROTECT SMALL BUSINESSES FROM THE CLUTCHES OF SKIMMING
Many businesses have fallen prey to skimmers. Despite the measures you take, there are chances of your business becoming a victim of skimming. In such situations, there are security programs to safeguard your business from the disastrous impact of data breaches (physical and virtual).
These security programs are designed to help businesses handle the expenses occurring due to actual and suspected breaches. No matter what your business’s PCI compliance status is, expenses associated with data breach will be taken care of (as long as there’s no evidence of your involvement in the breach).
Usually, financial damages for small business incurred from data breaches escalates to the range of $25,000 to $50,000. In some situations, the damages can even exceed this range. Such losses can easily lead most small businesses to a permanent shutdown. But these disasters can be avoided by opting for data breach coverage tools, which are not only comprehensive but affordable too. Most security programs cover credit monitoring, card replacement costs and other relevant expenses. Many merchants are now shifting to EMV enabled billing instead of magnetic strips. EMV is much safer than magnetic strips, and can prevent huge losses. Customers also prefer EMV cards these days as they offer a safe transaction.
Don’t let issues like credit card skimming and data breaches affect your valuable business. Take the right and required measures as soon as you can.