With gas prices projected to climb higher during the busy summer travel season, many drivers are focused on finding the right credit card to maximize the money you’re spending at the pump. Earning some cash back each time you fill up feels rewarding, but those pit stops come with a risk: credit card skimmers.
EMV technology was supposed to solve the dangers of swiping, but gas stations don’t have to embrace chip technology until 2020, and criminals are taking advantage of the slow adoption. In Florida, state inspectors are on track to find 1,000 skimming machines by the end of the year — an increase of 350 devices from 2017. The Sunshine State isn’t alone, either — recent reports in California, Texas and New York all show that skimming is a widespread problem.
As criminals look for easy opportunities to steal valuable information along the interstate, consider these five ways to keep your card safe.
1. Pay Inside
The lack of EMV technology isn’t the only reason that gas pumps are so susceptible to skimmers. Think about a typical gas station with 10-20 filling stations — it’s impossible for workers behind the counter to monitor all those card terminals.
Inside the store, though, it’s a different story. Many stations are shifting over to chip-enabled payment terminals at the counter, and even if they’re still relying on swiping, the chances of a criminal manipulating the terminal in front of someone’s eyes are quite slim. In fact, in Texas, law enforcement officials urged drivers to pay inside after a recent surge in skimmers.
2. Browse Your Bluetooth Connections
Nathan Seidle, founder of SparkFun Electronics, has conducted extensive research into skimmers and developed the Skimmer Scanner mobile app, which is designed to alert people to the possibility of a skimming device. Seidle found that most skimmers broadcast over the Bluetooth channel HC-05 with the very complicated password of “1234.”
“Unfortunately, there really isn’t a way to tell that a pump has been modified from the outside,” Seidle told me in a recent interview. “These skimmers are deep inside the pump and once installed it’s impossible to tell from the outside unless you can open the pump or scan for them with our Skimmer Scanner app.”
3. Download Skimmer Scanner
In addition to simply looking for suspicious Bluetooth devices, Seidle’s Skimmer Scanner app is a pretty awesome tool for understanding when it may be time to find a different gas station. “Think of Skimmer Scanner like an anti-virus app on your computer,” Seidle said. “As we test more skimmers and find more vulnerabilities in their tech we push an update to the app so it can always detect the latest tricks.”
The only downfall of the app is that it’s not currently available for iPhone users. But if you’re on the Android train, I recommend downloading it here. And if you’re reading this and happen to have some developer expertise, Seidle wants to hear from you. “This is not our day job,” he told me, “so we really need help from the community. If there’s a mobile app developer out there, we’d love their help. The project is entirely open source, free and anyone can help make it better. ”
4. Keep a Close Eye on Your Account
Even if you do your best to avoid suspicious terminals, you may still fall victim to a skimmer. The most important step you can take to enhance your card’s safety is the one you should be doing no matter where you’re making purchases: monitor your account activity.
If your card has been skimmed, it may take some time before someone else actually uses it. “Just in case a logger is discovered and removed, we suspect the numbers are harvested almost daily,” Seidle said. “Now that said, it is probably many weeks or months before the stolen credit card numbers are aggregated into large lists that are then sold on the internet.”
5. Ask Your Bank to Do Something
Skimming is clearly a major problem, and there’s only so much that a cardholder can do to avoid becoming a victim. Seidle believes there’s another party with the power to defeat skimming devices.
“The solution should be customers putting pressure on the credit card companies to solve fraud,” Seidle said. “The card companies have a tremendous amount of information. If my card got stolen, and your card got stolen, wouldn’t it be straightforward to cross reference the transactions and see where we both traveled? Credit card companies could locate skimmers and hacked websites in days. Instead, it’s swept under the rug and the entire customer group ends up paying for it through service fees and interest.”
I’m on Seidle’s side. Skimming has been a persistent problem for cardholders, and as more consumers deal with stolen card numbers from their road trips, banks and credit card companies should prioritize security. Points, miles and cash back are obviously compelling benefits for TPG readers, but imagine how much more rewarding those cards could be if the financial industry didn’t have to deal with losses from criminal activity.
“I’m waiting for a credit card company to step forward and market their anti-fraud, anti-theft technology,” Seidle said. “I’ll carry their card in my wallet immediately.”