EAST publishes Guidelines to standardise the Terminology for locations of Card Data Compromise Devices at ATMs

EAST has published a document entitled ‘Standardisation of Terminology for locations of Card Data Compromise devices at ATMs.’

These Guidelines have been put together by members of the EAST Expert Group on ATM Fraud (EGAF).

Fraudsters have been constantly improving ATM skimming devices since the first basic devices appeared.  Various types of ATM skimming devices are used by fraudsters, both digital and analogue.  Initially fraudsters used simple overlay skimming devices at the card reader throat, but with the evolution of more sophisticated types of skimming devices, the placement of them has moved to other locations around the card reader (both external and internal).  Wire-tapping devices (eavesdropping) have also been used to tap data at the card reader pre-read and read heads, and also card reader-electronics.

In order to assist with the reporting and analysis of such devices, and to set a common standard for describing the placement of skimming (and shimming) devices, EAST has produced these Guidelines for the Industry and Law Enforcement.  While most skimming devices are designed to skim magnetic stripe data, these Guidelines also consider the possible placement of devices that are used to read data from the Chip (shimming devices) or to perform a relay attack.

These Guidelines are available for download on the EAST Intranet to EAST members (National and Associate), and there is a version available for wider circulation.  EAST Associate Membership is free for Law Enforcement Officers.