Skimming debit & credit cards at gas pumps is nearly epidemic across the Country.

The international connection to ATM skimming incidents is well documented. Earlier this summer, federal authorities indicted a crime ring for its alleged involvement in a $1.5 million ATM skimming scheme that targeted Citibank and JPMorgan Chase bank branches in New York, Chicago and Miami.

Bank ATMs also are prime targets, especially when they are walk-up or drive-up machines. High transaction volumes coupled with easy access make them ideal for fraudsters. "The Tampa case so far is really typical," Buzzard says.

The average loss per cardholder comes out to about $590, "which we see more often these days, meaning that the criminals prefer large withdrawals instead of numerous smaller ones," Buzzard adds. "The cards will be trashed as soon as the unauthorized withdrawal is completed, so they like to go big in one clean withdrawal before moving to their next cloned card."

Last week NACS Daily(National Association of Convenience Stores)reported that skimming debit and credit card numbers at gas pumps has become nearly epidemic. In a follow up article, bankinfosecurity.com spoke with NACS payments consultant and PCATS Executive Director Gray Taylor on how retailers can protect their operations from costly skimming schemes.

The news source notes that while skimming incidents at the fuel dispenser account for a relatively low percentage of card compromises, the use of master keys for access to pump enclosures is an industry problem, according to Taylor.

"There are 900,000 pay-at-the-pumps out there, and, literally, I have four keys in my desk that will open up every dispenser in the United States that has not been upgraded," Taylor commented, adding, "Today, you can buy new dispensers that have unique keys. The problem is doing something with the dispensers that are out there; getting these guys to upgrade."

However, ensuring pump enclosures have unique keys also reflects a greater need for “broader education, notes the news source.

NACS Anti-Skimming Solution:

The WeCare decal
is a tamper-evident label that can help retailers identify potential security breaches if skimming devices are inserted at fuel dispensers or other unattended PIN-entry devices. The labels can also help retailers address some of the PCI compliance mandates that are now required.

The security labels are to be used on fuel dispensers near the credit/debit card transaction area. If the label is lifted to insert a skimming device, a “void” message appears on the label, providing a visual alert to store employees so that additional action can be taken. Because the labels clearly indicate that they are to prevent tampering, the labels help assure customers that their data is secure, and discourage criminals targeting the store.

Links:
http://www.bankinfosecurity.com/articles.php?art_id=4015

http://www.nacsonline.com/NACS/News/Daily/Pages/ND0815112.aspx