Awareness, Checking security controls and Testing security now will help your business lock down your systems before the holiday rush.
Merchants looking for more information on how to secure customer payment data should visit the PCI SSC merchant site.
How “Skimmers” Steal Payment Card Data
Picture a swimming pool cleaner sweeping up leaves with a net. Likewise, hackers attach small hardware “skimming devices” to the card reader that sweeps up your customers’ payment card data when they use their cards at your store. Hackers use the data to create counterfeit cards and make illegal purchases.
Skimming is one of the leading types of fraud. Watch out for skimmers during the busy holiday shopping season!
A skimming device can fit in the palm of a dishonest retail employee. Data thieves also slip skimmers into your point-of-sale card reader. Some skimmers have tiny cameras that capture PINs entered by unsuspecting customers. Make sure (and make sure your employees know) that anyone coming to service your equipment is known and planned for – that is most often how these skimmers are installed.
Here are three simple steps how you can prevent card skimming:
- Scout easy targets of attack. For retail stores, skimmers are most often found in point-of-sale terminals or card readers. Beware when your terminal or card reader sits where easily reached by customers! Move these devices out of reach to keep them safe.
- Watch for skimming devices. A skimming device hidden in your terminal or card reader is invisible. Regularly inspect your point-of-sale devices for signs of tampering, such as a broken seal over an access cover or screws, odd cables, or new devices that you don’t recognize.
- Disable skimmers immediately! If you think a skimmer is present, immediately call your point-of-sale installer for help. Follow their instructions. You might need to manually process cards until the installer arrives to inspect your device. Better to be safe than sorry!
Resources that can help you:
Merchants looking for more information on payment security essentials should start here: