Wikia

The IT Law Wiki

Skimming

31,969pages on
this wiki
Talk0

Definitions Edit

Biometrics Edit

Skimming is

the act of obtaining data from an unknowing end user who is not willingly submitting the sample at that time. An example could be secretly reading data while in close proximity to a user on a bus.[1]

Credit/debit cards Edit

Skimming is

[t]he use of an electronic storage device by criminals to read and record the encoded data on the magnetic stripe on the back of a credit or debit card. Typical examples of such use involve rogue employees at restaurants that swipe a patron's card in the skimming device prior to swiping it through the restaurant's own card reader or attaching the skimming device to an ATM machine.[2]


Data Edit

Skimming is

[t]he extraction of a subset of a larger data set, e.g. a subset of events with similar event-level attributes that make the events interesting as a group unto themselves.[3]

RFID Edit

Skimming is

the unauthorized use of an RFID reader to read RFID tags without the authorization or knowledge of the RFID tag's owner or the individual in possession of the RFID tag.[4]

Overview (Credit/debit card) Edit

There are two principal types of skimmers currently in use: hand-held and non-portable. Hand-held skimmers are used by service workers in various types of retail businesses such as bars and restaurants. When a customer gives the worker his or her payment card, the worker can swipe the card through the legitimate business's swipe-card machine, then swipe the same card through the hand-held skimmer and provide the skimmer and all its captured data at a later date to other criminals.

When a non-portable skimmer is mounted over the card slot on an ATM machine, the customer unwittingly sets the skimming process in motion by dipping his card into the slot. The criminals’ skimmer reads the customer’s magnetic stripe data first, then the legitimate financial institution’s card-reader technology recognizes the customer’s card and PIN number and effects the transaction. To capture the PIN number, the criminals sometimes use pinhole cameras mounted near the ATM’s keypad so that the criminals can see and record the PIN numbers as ATM customers type in the numbers.[5]

References Edit

  1. NSTC Subcommittee on Biometrics, Biometrics Glossary, at 25 (Sept. 14, 2006) (full-text).
  2. Combating Identity Theft: A Strategic Plan, at 18.
  3. ESnet, "HEP Science Network Requirements" 60 (2009) (full-text).
  4. Guidelines for Securing Radio Frequency Identification (RFID) Systems, Glossary, at B-3.
  5. Mass-Marketing Fraud Subgroup Cross Border Crime Forum, "Mass-marketing Fraud: A Report to the Minister of Public Safety of Canada and the Attorney General of the United States" 18 (Mar. 2008) (full-text).

See also Edit

Around Wikia's network

Random Wiki