Skimming and Payments Security

Approximately 39 million Americans fill-up every day and fuel dispensers have become one of many targets for thieves looking to steal credit and debit card information by "skimming," an aggressive tactic used to illegally obtain consumer card data for fraudulent purposes. Skimming occurs when a third-party card-reading device is installed either outside or inside a fuel dispenser, which allows a thief to capture a customer’s credit and debit card information to create counterfeit cards.

Skimming is one type of cardholder data theft and are different than data breaches, which is the physical theft of documents or equipment containing cardholder account data (cardholder receipts, files, PCs, POS terminals), or un-authorized access or deliberate attacks on a system or network environment where cardholder data is processed, stored or transmitted.

Since 2008, NACS and Conexxus have offered convenience and fuel retailers the resources and tools they need to proactively initiate and maintain effective payment security procedures that help reduce the occurrence of skimming.

See how NACS can help protect your business against skimming.

New anti-skimming demo. Learn More.

WeCare Decals available through NACS WeCare Program are tamper-evident labels that help retailers identify potential security breaches when a device is opened by an unauthorized person and skimming devices are inserted at fuel dispensers or other unattended PIN-entry devices.

NACS Member Coupon Code (at checkout): NACS0001

The SkimDefend app, powered by Pinnacle Corporation, is to be used in coordination with NACS’ WeCare Tamper-Evident Decals, in order to reduce the risk of skimming at fuel dispensers. The app will scan and log the unique characteristic of each WeCare decal and locally store the site, time, pump number and decal ID information. Retailers can then use this information (stored digitally) to track any/all pump (CRIND) intrusions and thereby proactively combat skimming efforts, as well as maintain forensic evidence for authorities in the event a skimmer is eventually discovered – as well as help comply with PCI 3.1 guidelines.