As a merchant you have a responsibility to protect your customers sensitive data, yet every year we hear about massive data breaches and most people with a credit or debit card have received a replacement card due to a breach. While these types of large scale breaches get the most attention, there are other ways to have your card information stolen. In this post we will explain some of the ways that credit card information is stolen, and precautions you can take to avoid it.
Card Skimming
Card skimming is most prevalent on ATM’s and other forms of unattended card readers. This is achieved by placing a small device where you insert or swipe your card that reads the magnetic stripe data to be retrieved later. These can take the form of a false front on the card slot at an ATM or gas station. It can be a small device attached to a card reader. These can also be accompanied by a small camera or pin pad overlay to record the pin number.
The best way to prevent card skimming is to be aware and test devices before you use them. Check that the card reader is securely fastened as most ATMs and gas pump card readers are made to be solid, so if the parts are loose or look out of place, report it to the owner and use a different ATM, gas pump, or avoid using the vending machine, whatever the case may be.
Malicious Software
While most computers have firewalls and security software, hackers are constantly innovating ways to get around them. When malicious software is installed on the computer or your network they can track keystrokes or intercept data that is then sent to the hacker. This will include logins, passwords, secret answers, etc. To avoid this style of identity theft, ensure that your security software is up to date. Avoid downloading software from unknown sources and ensure that your computer and network are being scanned regularly to detect and remove any possible malicious software.
Dishonest Employees
Sometimes it can be an employee who is perpetrating the fraud. Whether by copying the information using a skimmer, writing down the card info, or taking the data from the office, all of these are potential data breaches. The best way to manage that is to use clear policies regarding who is able to handle card data and that it is restricted to a need to know basis and make sure that you or your managers know how to spot skimmers or potential tampering.
Prevention is your best tool in dealing with fraud because once it happens it can be very costly. If you become aware of an issue, address it right away and contact your merchant services provider for advice on how to minimize any damage caused.
