Credit card skimmers now need to fear the Reaper

Tech
Publisher

BALTIMORE—At the USENIX Security Symposium here today, University of Florida researcher Nolen Scaife presented the results of a research project he undertook with Christian Peeters and Patrick Traynor to effectively detect some types of “skimmers”—maliciously placed devices designed to surreptitiously capture the magnetic stripe data and PIN codes of debit and credit cards as they are inserted into automated teller machines and point-of-sale systems.

The researchers developed SkimReaper, a device that can sense when multiple read heads are present—a telltale sign of the presence of a skimmer.

Nolen and his fellow researchers worked with data provided by the New York City Police Department (NYPD) to assess the types of credit-card-skimming gear currently in the wild. They uncovered four broad categories of skimming gear:

Overlays and deep inserts are by far the most common types of skimmers—and are increasingly difficult to detect. Police, Scaife noted, often find them only by looking for the cameras used by skimmers to capture PIN numbers, because most of the common detection tips—including trying to shake the card slot to see if it dislodges—are ineffective.

SkimReaper is aimed specifically at overlays and inserts. It uses a card-shaped sensor with a printed circuit that, when powered, can detect the voltage spikes created by coming in contact with magnetic reader heads. If it detects two or more, there’s a skimmer in play.

Testing against skimmers collected by the NYPD, the SkimReaper yielded a 100-percent detection rate. The NYPD has adopted SkimReaper and has already discovered one skimmer in the wild with the device; another seven police departments have also signed on for the SkimReaper, and Scaife says that demand exceeds his team’s ability to manufacture them.

But the payoff is huge in terms of damage to skimming operators. Card-skimming devices are costly and custom-manufactured for each type of targeted machine, and stopping and retrieving a skimmer can put a serious dent in the skimmer’s profits. Detection in place also offers law enforcement an opportunity to catch the skimmer or an accomplice in the act of trying to remove the device after data is collected.

Latest Articles

Continue to the category
Previous articleThe road to bipedalism wasn’t straight and narrow
Next articleMIT scientists crack the case of breaking spaghetti in two

Related Articles

Researchers track fishing fleets by putting radar sensors on birds

Tech Publisher - 0
Wildlife management has been revolutionized by the ability to track species in their natural habitats—to figure out what areas they actually occupy, where...
Read more

Apple reports a blowout Q1 2020, but names coronavirus as a worry for the next quarter

Tech Publisher - 0
Based on the latest Apple quarterly earnings report, it seems that Apple's newer iPhone models have been a hit, along with the...
Read more

Apple releases iOS 13.3.1 and macOS Catalina 10.15.3

Tech Publisher - 0
Today, Apple released updates for its operating systems for iPhone, iPad, iPod touch, Apple Watch, Mac, HomePod, and Apple TV devices. iOS 13.3.1...
Read more

©2021 Copyright - New York Metropolitan Magazine