A new security alert is warning that ATM and pay-at-the-pump fuel dispenser skimming attacks in the United States (U.S.) are on the rise. This trend is likely being fueled by the migration away from magnetic-stripe technology toward the new EMV chip technology.
ATMs and pay-at-the-pump fuel dispensers, because they are unattended, have become easy targets. Fraudsters can, with relative ease, attach skimming devices to the fascia without being noticed.
U.S. card issuers are quickly ramping up their EMV rollout efforts. As of October 1, 2015, liability for fraud resulting from a magnetic-stripe transaction, will be absorbed by the party that does not enable EMV during the fraudulent transaction. But the liability shift date for ATMs and pay-at-the-pump fuel dispensers will not occur until October 1, 2017.
What this means is that skimming magnetic-stripe transactions at ATMs and self-service fuel dispensers will likely continue to increase over the next two years. That being said, be mindful to monitor dispensers for high levels of bad card reads or problems accepting cards. Other suggestions are to create a security check list for cashiers; train store personnel to perform daily dispenser security checks (using security strips taped on dispensers can help detect tampering ); periodically have a qualified service provider inspect the inside of the dispenser payment terminal for tampering; train store personnel to ask for identification of technicians and confirm scheduled work prior to work being performed on dispensers; position store personnel in such a way as to give employees an unobstructed view of the dispensers making sure the forecourt is well-lit; replace common dispenser terminal locks with locks unique to the location; make sure dispenser keypads are PCI-compliant encrypting pin pads; and use video surveillance to discourage unauthorized access to the dispensers, posting signs that monitors are in place.