PCI Security Standards Council releases recommendations to prevent card skimming
The PCI Security Standards Council released new recommendations and best practices for retailers to protect against credit and debit card skimming scams. Skimming is a way in which criminals steal credit and debit card data to make purchases electronically. Sometimes the information is stolen via a reader at a point-of-sale terminal. Other times an individual with access to a card will steal the information off the card and pass the information along for a fee.
“Skimming is becoming a widespread problem,” Bob Russo, general manager of the PCI SSC, said. “These are guidelines for what retailers should be looking at. We discuss different techniques for protection those point-of-sale devices.”
PCI includes a risk assessment questionnaire for retailers to self evaluate how susceptible their business is to data skimming. They also include information on education of employees, and prevention of point-of-sale tampering. They suggest writing down all identifying information on a point-of-sale device such as the general appearance, serial number, seals and labels, how many wires of what color and where the connect to. Record the information and check each terminal on a regular basis to make sure the machine shows no physical signs of being tampered with.
