

Criminals Hide Payment-Card Skimmers Inside Gas Station Pumps - cwan
http://www.darkreading.com/database_security/security/attacks/showArticle.jhtml?articleID=223100233

======
kvs
Let's not forget that in some states full-service is required and customer is
usually not the one swiping the card. So, the gas station attendant can be an
accomplish on this whole scheme.

------
jeromec
From what I heard, digital thievery has gotten so hot gas station _attendants_
were being paid for copies of card information. This sort of problem will only
grow as society depends more and more on technology. It's my hope that
technologists such as we that frequent HN can invent counter measures to these
vulnerabilities. Otherwise, it's a real shame. One thing I do, and encourage,
for convenience is to use bank debit cards as credit cards for purchases
(credit card convenience without fees). However, my suggestion is to set up an
extra no-fee checking account with a couple hundred dollars for this purpose.
That way a compromised card is limited in its losses.

------
tfincannon
If the skimmers transmitted the stolen data via Bluetooth, wouldn't the
receiver have to be within 30 feet? That would seem to make it easy to track
down.

~~~
almost
I think the idea is that they still store details but it makes it much easier
to pick them up afterwards. With a traditional skimmer you maybe have to
remove it to get at the juicy stolen details which is a whole load of extra
risk vs. just walking by with a laptop.

I doubt anyone is waiting in a parked car across the street having details
streamed to them in real time, you never know though...

------
gcb
and people, remember that removing or messing with any of thode devices is in
violation of the DMCA. So dont look too much. You are not expected to know how
an atm or gas pump work. Just insert you card as you're expected to and be a
law abiding citizen.

~~~
almost
Yes, the DMCA does suck quite a huge amount. But is the DMCA the main thing
stopping you from disassembling and reassembling gas pumps before you use
them? I'm guessing probably not.

~~~
gcb
if i dont know how they work regularly, how can i spot an anomalous card
skimmer?

Cmon this is HACKER news. Any chance you have to bash something that prevents
hacking should be taken to bash said thing.

how can i be safe when i buy an used pump from ebay and want to make it a soda
pump? Damn the dmca! Think of the children!

~~~
almost
Ok, I'm an idiot :) I didn't see the sarcasm in your comment at all...

However, I do now want a converted gas pump soda pump!

