mysecurepc

There has been a lot said about gas station skimmers - devices that take your debit card information at the gas pump. How does this happen? A crook attaches a skimming device, about the size of a pack of cigarettes, inside the gas pump. When the debit/credit card is scanned the information is captured on the skimmer. Sometimes a small camera is mounted to get debit card pin numbers being typed in.

Thieves get access to the pump by getting the keys from the attendant (usually paid off) or pose as a gas pump repairman. The most susceptible places are mom-and-pop gas stations. Unfortunately, there is no way to tell if a skimmer is attached to the pump.

Me? I use cash.

Doug

The scams never go away. The PIN block fraud involves your debit card. When a debit card is swiped, say at a gas station, the information on it is sent to a server. Included in this information is your debit card number, the data from the magnetic strip, and the encrypted PIN code. When you enter a PIN number it is sent to the server, too. The server unencrypts the PIN number (residing from the magnetic strip) and compares it to the one you entered. Of course they must match in order to complete the transaction.

Here lies the problem: some retailers save your debit card information (including the PIN number) on their server. There is *no* reason to save it - it should be erased after it is used for the current transaction. A hacker then breaks into the retailer’s computer system and steals the debit card number, the encrypted PIN, and the key to unencrypt the PIN. Then counterfeit debit cards are made and it’s off to the nearest ATM machine.

How do you fight it?

A few ways.

1. Use a signature instead of a PIN number when using the debit card.

2. Do not use a debit card; use cash. Especially with no name gas stations, stores, etc. I only use the debit card at one grocery chain and I use cash for other transactions.

Doug