Browse Definitions :
Definition

card skimming

Contributor(s): Matthew Haughn

Card skimming is the theft of credit and debit card data and PIN numbers when the user is at an automated teller machine (ATM) or point of sale (POS).

Card skimming allows thieves to steal money from accounts, make purchases and sell card information to third parties for the same purposes. Generally, the exploit involves modified payment card reader hardware that fits over an existing genuine payment device or ATM. The phony reader collects and passes on payment card information for retrieval by the thief. PIN numbers may be retrieved with a keypad overlay or a hidden camera.

Another possibility is shoulder surfing, in which the thief pretends to be just another person waiting to use the machine and watches the victim enter the code. In systems that use Bluetooth to transmit card data wirelessly, such as some mobile POS, a thief may also be able to eavesdrop on transactions that aren’t adequately protected.

A lack of public awareness about the issue allows card skimmers to be successful. To protect yourself from the exploit, you should be alert to your surroundings when making any transactions and take note of changes to known ATMs and card readers or anything out of the ordinary in the environment.

If an ATM or POS seems suspect, you should refrain from making a transaction and report anything suspicious to the owner. To protect yourself from RFID skimming, which allows thieves to steal card information from a distance, it may be advisable to carry cards in holders made from materials that block wireless signals.

This was last updated in January 2017

Continue Reading About card skimming

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

Extensions de fichiers et formats de fichiers

Motorisé par:

SearchCompliance

  • compliance audit

    A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines.

  • regulatory compliance

    Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business...

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

SearchSecurity

  • payload (computing)

    In computing, a payload is the carrying capacity of a packet or other transmission data unit. The term has its roots in the ...

  • passphrase

    A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that ...

  • Web application firewall (WAF)

    A Web application firewall (WAF) is a firewall that monitors, filters or blocks traffic to and from a Web application. WAFs are ...

SearchHealthIT

SearchDisasterRecovery

SearchStorage

  • computational storage

    Computational storage is defined as an architecture that couples compute with storage in order to reduce data movement. In doing ...

  • data deduplication

    Data deduplication -- often called intelligent compression or single-instance storage -- is a process that eliminates redundant ...

  • public cloud storage

    Public cloud storage, also called storage-as-a-service or online storage is a service model that provides data storage on a ...

Close