The sophistication of card skimming in 2023 and beyond

Updated on October 26, 2023


In an age where digital transactions have become the norm, the ease of swiping or tapping credit and debit cards makes payments fast and easy. However, beneath the convenience of card-present payments lurks a silent threat that has been steadily growing in sophistication and prevalence – card skimming.

Card skimming is a deceptively simple yet highly effective method of stealing sensitive financial data and poses a significant danger to individuals and businesses. With criminals continually evolving their tactics, it is essential to understand how to protect your software business and educate your subscribers against this pervasive threat. This article outlines how card skimming occurs and what your subscribers can do to protect their business if they handle card-present transactions.

Fraud is still prevalent in physical transactions

Over 440,000 incidents of identity theft involving credit card fraud were reported across the USA in 2022. The financial losses in these cases ranged from $100 to $500 and up to over $1,000 per consumer, with some people experiencing continued financial loss due to identity theft that

has occurred in the past. While fraud often goes unseen in digital transactions, such as through data breaches or phishing attacks, card skimming targets card-present payments and transactions at automated teller machines (ATMs), point-of-sale (POS) terminals, and gas stations. For your subscribers, it’s critical to protect physical and digital payment channels to ensure they haven’t been compromised.

How to identify a card skimmer

Criminals attach card skimmer devices to physical payment terminals and ATMs. The small size of the device can make it difficult to detect. Once the card skimmer records a person’s payment details, the details are used to create counterfeit credit cards and commit other types of fraud, such as identity theft. The type of skimmer that a criminal uses can vary and include:

  • Cameras that can record the card’s PIN and an image of the person’s face
  • Fake keypads placed over the real keypad on an ATM or POS system
  • Card reader attached to the real card reader slot that may appear bulky and out of place
  • Card shimmers that are placed inside card readers to steal data contained in the card’s chip

To recognize a card skimmer, your customers should know to look out for cameras, whether the machine looks the same as other devices, and if there are any loose or moving parts. There are also technologies available that will alert them if a card skimmer has been attached to payment terminals.

How to protect sensitive payment data

Card skimming detection and being vigilant about checking for abnormalities in POS devices are just one aspect of payment security. A full payment security strategy will also include card-not-present tactics, compliance with the Payment Card Industry Data Security Standard (PCI DSS), fraud detection tools, and monitoring of all accounts.

Protect your payments with Payrix

It’s critical for software companies to be vigilant about protecting their business and educating their subscribers on the importance of payment security. By staying up to date on the latest attack methods of cybercriminals and criminals that use card skimming devices, you can proactively protect your software and, in turn, help your subscribers understand how to protect their customers.

Payment experiences designed for your software

Unleash powerful Embedded Payments technology that delivers on a better experience.