Think you’re too observant to have your card skimmed?

Blown up ATM.Think again.  A few days ago I tweeted a news story about how Australia is seen as a soft target for ATM card skimming gangs.  A few hours later a friend responded with an article from Lifehacker with tips on spotting ATM’s that have been tampered with.  Unfortunately, it was accompanied by a picture of a very oldschool and deceptive skimmer.  Ones of this size and bulk haven’t been used for many years and really do not suit the ATM at all.

If you follow the link at that Lifehacker article it takes you to a VERY good PDF document which demonstrates just how hard it is to spot modern skimming devices.  Most people wouldn’t do this though and just assume skimmers are still big bulky things as shown at the Lifehacker site.  A few more examples of current skimmers and a discussion about skimming after the break. Continue reading

Advertisements

CC companies do something non-useless.


Most people dislike security because it adds complexity. One could almost say “with greater security comes greater complexity”, but it is in no way true that “with greater complexity comes greater security”. And in this lies the problem, many a time companies add to the complexity in the name of security, but they don’t actually add any security at all.

Credit card companies are brilliant at this. That 3 digit number thing (CCV – remember this term) on the back of your card for example, if someone is skimming visually then when you turn the card over that is read too. Microchips, no more secure than the magnetic strip just read in a different way. It’s like writing a sentence in English twice, but the second time using crayons rather than felt tip pen. It’s still in English, it’s still the same information. RFID? That’s LESS secure as it can be skimmed simply be being in the vicinity of the card. It really does make me angry and glad my current card only has the magnetic strip. I hate the idea of any cards I carry around with having RFID to be honest.

The credit card companies or to be more accurate, Visa, has now actually done something intelligent that DOES add to security. Looky at the picture above. The basic idea is that you enter your PIN on to your own card (so the PIN cannot be skimmed except for visually), then then generates a one-time code to use in place of the CCV. This means the theif needs to visually note your PIN then actually steal your card (at which point you’ll know to cancel it immediately), they can’t just copy it with a skimmer.

THAT IS FUCKING BRILLIANT!

If these come out in Australia and only on Visa, I’ll definitely be switching (I have a MC at the moment). It’s the first change CC companies have made in 5-10 years which hasn’t angered me. My hat goes off to you, Visa.

Source: DarkReading.