One of the more popular methods of accessing consumer account information is ‘card skimming’. South Africa, as well as the United Kingdom, Ireland, the Netherlands and the United States have experienced an intensification of this crime and it has become a major challenge to overcome.
The process of card skimming requires that a device be input into the payment machine or ATM so that when a credit card is swiped it will collect the credit card number and security code. The difficulty around this type of theft is that the card skimming devices can be made from computer spare parts, parts purchased on the internet or even purchased directly on the internet.
Inserting the card skimmer into a machine can be done on a few levels. The first would require someone with a key access to open the machine. This is severely restricted for ATM machines but is easily available for other payment machine types, such as those found in gas stations. For ATM’s, a large hole has to be cut out and the device inserted, which is then covered up with a normal looking decal. The card skimming device can hold as much as 300 different accounts and is then removed by the perpetrators. The attack method that is used typically involves installation of the card skimmers for a preset short time and then, after removal and collection of the credit card data, they move on to a totally different area to keep from being detected.
NCR, one of the world’s largest suppliers of ATM machines, has made attempts at diffusing the ability of card skimmers through the addition of anti-skimmer technology. In the past, the anti-skimming technology was placed on the outside of an ATM machine and achieved a high level of success. However, those that are intent on gaining information have increased their sophistication and have now instituted adding the card skimmers to the inside of the machines themselves.
Once the credit card information has been accessed and retrieved, any card with a magstrip, even a hotel room card, can then be recoded and used in the same manner as the originating credit card. They will use the credit card for a specified amount of time and then replace and recode with the next available number.
Sharon Knowles, CEO of Da Vinci Forensics says:
“Diligence is the key word when it relates to catching and eliminating fraud. Da Vinci Forensics retains the highest standards in monitoring for potential misrepresentation, as well as consistent communication for the methods that are used by perpetrators. The addition of uniform services are supplied for all avenues to reduce and eliminate access to valuable consumer information, with technologies that will protect data and company reputation.”
Companies are continuing to partner with professional organizations that specialise in the elimination of any security breach and stay ‘on top’ of each new method that perpetrators and hackers deploy. As more of our global data is held in concentric locations and people make the transition to a cash-less society, there will be a need for elevated methods to protect all information.