Skimming poses key security concerns
For anyone using a magnetic strip ATM card or credit card, the question of your card touching a skimmer is a question of “when” and not “if.”
Remote ATM machines, convenience store ATMs, pay-at-the-pump gas stations and now, even US Post Office automatic stamp machines have been found with skimmers that steal the ATM/credit card’s data and your PIN which thieves use to manufacture fake cards that are sold on the market for $80 to $100 each and rack up thousands of dollars in charges before your bank figures it out and shuts down the card.
The data on a magnetic card in your wallet now is stored via Frequency/Double Frequency (F2F) encoding. A simmer can make an identical copy of the data and anyone with a small investment in card reproduction equipment can manufacture a perfect copy of your credit card.
When you realize you are the victim of credit card fraud, probably due to a skimmer, you’ll experience several emotions.
At first glance, relief because you’re not responsible for the fraudulent charges but there’s the inconvenience of waiting for a new card, setting up your automatic payments with a new card number and waiting for funds to be restored. That said, everyone pays because banks charge higher fees and less interest to cover the cost of skimmer-based fraud.
The explosion of skimmers in the US is due to the cheap technology most US bank-issued credit cards use — the magnetic stripe. The rest of the world also primarily uses cards with smart-chip systems commonly called “Chip and PIN.” We prefer “EMV,” which stands d for EuroPay, MasterCard, and Visa, because it’s these companies who are driving the adopting of these security-centric smart credit/ATM cards.
While US banks are taking some steps to thwart skimming, any movement towards European-styled EMV cards seems years away. Or is the move towards European styled EMV cards sooner than many expect?
There is significant interest from US banks and financial institutions in REALSEC’s in-house cryptographic solutions for encryption and digital signatures. This includes financial cryptographic hardware (Cryptosec Banking), data preparation for EMV cards (H3P), and remote master key loading in ATMs (Cryptosec RKL).
Each technology helps financial institutions meet the security needs of their banking customers whether it’s the use of digital signatures to avoid phishing, secure key updates in ATMs, the adoption and migration of bank cards to chip and PIN technology, and increasing overall security technology to give customers confidence that every financial transaction they make is secure and authorized.
So when US banks are ready to begin the transition to EMV cards, we stand ready to help them defeat skimmers once and for all.