Skimming (in the credit card world) is commonly defined as capturing magnetic stripe data during the normal payment process by swiping it through an external (or even inline) device before or after the authorization swipe. External devices are commonly found in stores where a payment instrument is presented, and someone takes the card away from view to process, like at a restaurant. Inline skimming occurs where the cardholder is present during the swiping, and usually involves tampered swipe devices.
The PCI Security Standards Council recently released an EXCELLENT guide with tips on preventing skimming, with sample forms that you can use to track your progress. Most of the skimming techniques employed can be addressed with physical inspection, something with which this guide goes into great detail. Consider doing your visual inspections during a shift change, or at least upon the opening and closing of the stores. Simple visual inspection can go a long way to preventing skimming.
Possibly Related Posts:
- Let’s Encrypt for non-webservers
- Selective Domain Filtering with Postfix and a SPAM Filtering Service
- PCI DSS 4.0 Released plus BOOK DETAILS!
- Preventing Account Takeover, Enable MFA!
- Proofpoint Patches URL Sandbox Bypass Bug