Invisible ATM Card skimming

scottalanmiller

@Dashrender said:

Just so we're on the same page, I couldn't tell you the last time I called the bank for any account information. It's just not something I need, and frankly I could disable it and it would probably be just fine.

How do you verify that there are no malicious transactions? That's why I often log in.

Dashrender

@scottalanmiller said:

So your CC is online, just not the bank?

Correct.

JaredBusch

@Dashrender said:

@scottalanmiller said:

@Dashrender said:

So I assume everyone here has a password/phrase on their accounts for phone access?

I'm not even aware of phone access options. That sounds crazy. The only thing I use the phone for is to shut off a card that is exposed.

Try calling your bank and see if you can at minimum get information about your account over the phone. If nothing else it would be an interesting test.

Without basic information, you will not be able to get it from my bank. Same as with yours. My bank will require a few pieces of information about the account and the answer to a security question (one of 3) setup. The security question is the "password" part of the puzzle and is how all banks I have used for a decade or more operate. I would suspect that almost all banks operate this way.

The point is that you did these things and someone still tried. So why make it so hard on yourself when people are still going to try and get into your account?

Make proper use of the technology at hand. Same as with anything else in IT.

Dashrender

@scottalanmiller said:

@Dashrender said:

Just so we're on the same page, I couldn't tell you the last time I called the bank for any account information. It's just not something I need, and frankly I could disable it and it would probably be just fine.

How do you verify that there are no malicious transactions? That's why I often log in.

I don't worry about my bank account because I use it so infrequently except as I mentioned to pay the CC and the mortgage. Both of which are done through electronic direct withdrawls. I check my statements monthly when I get my statements from the bank.

As for the CC, living where I do where fraud is pretty darned low - I don't check my CC statements more than monthly, but if I was in your situation, I might be in the habit of checking daily. Not to mention the other safeguards you've put into place (multiple accounts, moving money from one account to another when you need to use the ATM, etc).

scottalanmiller

@Dashrender said:

I don't worry about my bank account because I use it so infrequently except as I mentioned to pay the CC and the mortgage. Both of which are done through electronic direct withdrawls. I check my statements monthly when I get my statements from the bank.

If you don't worry about it, what's causing all of this extra effort?

scottalanmiller

@Dashrender said:

As for the CC, living where I do where fraud is pretty darned low - I don't check my CC statements more than monthly, but if I was in your situation, I might be in the habit of checking daily. Not to mention the other safeguards you've put into place (multiple accounts, moving money from one account to another when you need to use the ATM, etc).

More like once or twice a week, not daily. But "often." If something is awry I want to know quickly. And in reality, the highest risk places are in the US, not abroad (except when I go to Africa.)

david.wiese

or everyone could just switch to a system that uses smartphones, a qr code that expires after 45 seconds and your 2 factor authentication on your smartphones banking app.

https://newsroom.bmo.com/press-releases/bmo-harris-bank-launches-mobile-cash-america-s-la-tsx-bmo-201503160996816001

nothing can be skimmed in the current methods doing this way that I am aware of.

scottalanmiller

@david.wiese said:

or everyone could just switch to a system that uses smartphones, a qr code that expires after 45 seconds and your 2 factor authentication on your smartphones banking app.

https://newsroom.bmo.com/press-releases/bmo-harris-bank-launches-mobile-cash-america-s-la-tsx-bmo-201503160996816001

nothing can be skimmed in the current methods doing this way that I am aware of.

I need to start trying that out. I keep meaning to.

david.wiese

@scottalanmiller
I use it and it's great. Still some quirks but for the most part it's very easy to use. No card to use and to me a lot more secure and I avoid the possibility of my card getting skimmed. I am getting my wife to use it as well so the only time it could get skimmed is at a POS terminal.

Dashrender

I agree - things like Apple Pay and Android Pay - hell, even using Paypal at places like Home Depot - way safer than using ATMs and CCs for the reasons @david-wiese mentions.

Dashrender

@scottalanmiller said:

@Dashrender said:

I don't worry about my bank account because I use it so infrequently except as I mentioned to pay the CC and the mortgage. Both of which are done through electronic direct withdrawals. I check my statements monthly when I get my statements from the bank.

If you don't worry about it, what's causing all of this extra effort?

I'm not sure what extra effort you're speaking of? The only none standard thing I have on this account is the required password for phone access (which the teller's even see when I visit a branch - which is rare).

I suppose if I should do anything, it would be to disable phone access altogether, leaving with electronic transferred CC and mortgage payments, and visiting in person when I need/want cash.

Dashrender

@scottalanmiller said:

And in reality, the highest risk places are in the US, not abroad (except when I go to Africa.)

So you've had more fraud against your accounts in the US than anywhere else?

The news story in question here is specifically about Mexico.

I've heard these skimmers are in places like LA and maybe places up and down the east coast, but haven't seen them be rampant.

scottalanmiller

@Dashrender said:

I'm not sure what extra effort you're speaking of? The only none standard thing I have on this account is the required password for phone access (which the teller's even see when I visit a branch - which is rare).

I suppose if I should do anything, it would be to disable phone access altogether, leaving with electronic transferred CC and mortgage payments, and visiting in person when I need/want cash.

I can go online, from anywhere, and make payments, move money around, check transactions, lock things down, etc. Nearly zero effort and available to me 24x7.

scottalanmiller

@Dashrender said:

@scottalanmiller said:

And in reality, the highest risk places are in the US, not abroad (except when I go to Africa.)

So you've had more fraud against your accounts in the US than anywhere else?

The news story in question here is specifically about Mexico.

I've heard these skimmers are in places like LA and maybe places up and down the east coast, but haven't seen them be rampant.

The general fear of fraud is not ATMs in the US but people copying your card. I'm told Atlanta is the world place in the US for it.

MattSpeller

Chip, Pin & Tap - love em.

scottalanmiller

@MattSpeller said:

Chip, Pin & Tap - love em.

Yes, such a great idea.

Dashrender

@scottalanmiller said:

@MattSpeller said:

Chip, Pin & Tap - love em.

Yes, such a great idea.

lol the epitome of two factor authentication.

dafyre

@scottalanmiller Isn't the Atlanta airport one fo the bigger international places on the east coast?

If so, that would make sense.

MattSpeller

@Dashrender tap isn't protected at all, purchases under a set amount ($50?) just tap and go.

Dashrender

@MattSpeller said:

@Dashrender tap isn't protected at all, purchases under a set amount ($50?) just tap and go.

Does Tap exist in Europe? or is that a North American only thing?

I was thinking that Tap only existed because non PIN use of chip is the way the US is going.