Credit Card Security – Musato Technologies
loader image

We enable business and digital transformation decisions through the delivery of cutting-edge ICT solutions and products...

Get inspired…

Latest Threat to Credit Card Security Is Undetectable

When using an ATM to withdraw cash or to check available funds, there’s a number of things you can do to ensure safe access to your account. These include covering the keypad when entering your PIN, checking no one suspicious is standing nearby, and looking the ATM over to see if it has been tampered with. However, none of those steps can help you avoid the latest threat to your card’s security: shimmers.-Credit Card SecurityCredit Card Security

You’ve probably heard of a skimmer before. Skimmers are used to swipe and read the magnetic strip on a card and criminals have found novel ways to add them to ATMs. For example, they construct a new front for an ATM and stick it over the top of the real one. Some even integrate a camera to try and record your PIN (which is why you should always cover your hand when typing it in).

Skimmers work but are bulky and relatively easy to spot. Shimmers are different. They take the form of a very thin card with an embedded microchip and flash storage which is slotted inside the card reader. You cannot tell the shimmer is inserted, and it doesn’t stop cards from being used in the machine as normal.

When someone uses the ATM their card details are recorded by the shimmer. Criminals will obviously prefer using a shimmer because it’s very easy to install without being detected. It gets worse, though, as reading the data the shimmer stores can be done simply by inserting a special card. So the criminal can collect the stolen data while looking like they are simply using the ATM to access their account.

Because these shimmers are so thin and card sized, they aren’t limited to just ATMs. The terminals we increasingly see installed in stores for self-service are also vulnerable.Credit Card Shimmers

Regardless of whether it’s inserted into an ATM or card terminal, the shimmer can remain in place to collect data for weeks, maybe months without detection. Regular data downloads from the shimmer then allow fake cards to be created which are used to make fraudulent purchases.

The latest batch of shimmers was discovered in Coquitlam in British Columbia. The Royal Canadian Mounted Police (RCMP) posted the images you can see above to show just how thin and sophisticated they are. According to CBC, the RCMP suspects these shimmers are being produced by and for organized crime due to their complexity.

Business owners and banks can combat shimmers by carrying out daily checks on all their card reading devices. As for consumers, there’s no easy way to tell a shimmer is inserted into a reader. However, you can opt to use tap-to-pay if it’s available, and this removes the need to insert your card into the reader. The same is true of opting to use a service such as Apple Pay. Contact Musato Technologies for more information.

Gideon E. M
Author: Gideon E. M

Gideon Ebonde M. is the CEO and Chief Software Architect at Musato Technologies. He is experienced Software developer with a demonstrated history of working in the information technology and services industry. He has a strong engineering professional skilled in Mobile Application Development, Enterprise Software, AI, Robotics, IoT, Servers, Cloud and business application. He is an accomplished DevOps software engineer and a visionary computer scientist and engineer.