CLONE CARD
Making unapproved replicas of credit or debit cards is known as credit card cloning or skimming.
As a result, thieves can use them to make purchases, thus taking the cardholder’s money and/or putting them in debt.
Thieves utilize specialized tools for this, sometimes in conjunction with straightforward social engineering. Card cloning has traditionally been one of the most prevalent card-related types of fraud worldwide. According to Nilson Report, this theft costs the global economy USD 28.65 billion annually and is expected to reach USD 38.50 billion by 2023.
Making an unauthorized clone of a credit card is referred to as credit card cloning. Skimming is another name for this action. Using an electronic device, thieves copy data from a credit card terminal, transfer it to a new card, or overwrite an existing card with the information.
Unfortunately, cloning and related stealing methods have proliferated like wildfire in recent years. Fortunately, security upgrades like the use of personal identification numbers (PINs) and chip cards have made it possible to fend off these attacks.
WHAT IS CLONE CARD
Skimmers are little devices that may be attached to hardware like point of sale (POS) terminals at physical retail locations or even at ATMs, which are commonly used by fraudsters. The magnetic stripe on the back of the physical credit card or debit card is read by these skimming devices, which function as card readers, and they capture the credit card information of an unaware victim, including card numbers, PINs, and CVV data. They are also affordable and available for buy online.
On the POS terminal or ATM, fraudsters can use a phony keypad to obtain the PIN information of the legitimate cardholder. Once they have this data, they can use the stolen CVV, PIN, and credit card information to create a new physical card and conduct fraudulent purchases in the name of the legitimate cardholder. Until the cardholder checks their bank accounts, financial documents, or notices a change in their credit score, something may have occurred that they are unaware of.
Cloning also no longer requires physical execution. Fraudsters can now steal a large number of card details utilizing remote scanning equipment thanks to contactless technology by just strolling down a busy street carrying a covert scanner in their backpack or purse.
According to Feedzai study, card cloning has become a worldwide phenomenon and has increased by 34% globally. A pair of individuals were detained by Irish police last year, and 66 skimmed credit cards were also seized. Over 350 counterfeit cards were only recently recovered by Indian police. Six persons were recently detained by the FBI in the United States for utilizing card skimming technology to steal more than $200,000 from petrol stations.
HOW DOES CLONE CARD WORKS
Card cloning is a fairly elaborate criminal scheme. More specifically:
- An accomplice is recruited – someone with physical access to credit cards e.g. a cashier, restaurant server etc.
- They are given a skimmer – a compact machine used to capture card details. This can be a separate machine or an add-on to the card reader.
- The customer hands their card to the accomplice, as payment.
- The accomplice swipes the card through the skimmer, in addition to the POS machine used for normal payment.
- The accomplice hands back the card to the unsuspecting customer.
- The thief transfers the details captured by the skimmer to the magnetic strip a counterfeit card, which could be a stolen card itself.
- The counterfeit card can now be used in the way a legitimate card would, or for additional fraud such as gift carding and other carding.
Of course, there are variations on this. For instance, some criminals will affix skimmers to handheld card readers or ATMs. The outcome is the same as long as their customers swipe or enter their card as usual and the thief can come back to get their device: All the data stored on a credit or debit card’s magnetic strip is captured when the card is swiped through the skimmer device.
In order to exploit the stolen card information in more contexts, the thieves may also shoulder-surf or other social engineering strategies to learn the card’s PIN or even the owner’s billing address.