Skimming is a fraudulent technique in which criminals use specialized devices to steal data from bank cards, such as credit or debit cards, when they are used at physical terminals, such as automated teller machines (ATMs), point-of-sale (POS) terminals, or gas stations. This process captures information from the card's magnetic stripe or chip, as well as the PIN, to subsequently create card clones or conduct unauthorized transactions. Skimming has evolved with advances in technology, but its core principle remains physical tampering with the device. Although skimming is often associated with ATMs, it can occur on any device where a card is inserted or swiped.
The goal of skimming is to collect enough data to simulate a legitimate transaction. The captured information can be stored locally on the device or transmitted remotely, minimizing the risk to fraudsters. It's important to understand that this is not hacking in the digital sense, but rather the physical manipulation of the equipment.
Skimming can last from a few hours to weeks, depending on the risk of detection. In 2023–2025, an increase in cases using wireless technologies was observed, allowing fraudsters to avoid physically returning to the device.
These technologies are inexpensive to produce (ranging from $10–$100 per device) and are readily available on the black market. With the transition to EMV chips, magnetic stripe skimmers have become less effective, but shimmers compensate for this.
Understanding these mechanisms helps raise awareness and reduce risks. Skimming is a crime, and its victims often receive compensation from banks, but prevention is the key to safety.
The goal of skimming is to collect enough data to simulate a legitimate transaction. The captured information can be stored locally on the device or transmitted remotely, minimizing the risk to fraudsters. It's important to understand that this is not hacking in the digital sense, but rather the physical manipulation of the equipment.
How does ATM skimming work?
The skimming process typically involves several stages: preparation, installation, data capture, and information extraction. Here's a detailed description:- Preparation and installation of the device:
- Fraudsters select a target — often ATMs in secluded locations, such as gas stations, stores, or tourist areas, where detection is less likely. They gain physical access to the ATM, sometimes by distracting staff or using tools for quick installation.
- The main device, the skimmer, is attached to the card slot. This can be an overlay, which fits over the original reader, or a deep insert skimmer, which is placed inside the slot to make it harder to detect. Installation takes seconds: the skimmer is attached with glue or magnets, and it camouflages itself to match the color and shape of the ATM.
- To capture a PIN, additional components are added: a pinhole camera hidden above the keyboard or screen, or a keypad overlay that records keystrokes. The camera can be as small as a pinhead and pointed at the keyboard to record video of the PIN entry.
- Data capture:
- When a user inserts a card into an ATM, it passes through a skimmer before reaching the original reader. The skimmer reads the magnetic stripe data (tracking data), including the card number, cardholder name, expiration date, and CVV code. This happens instantly and does not interfere with the normal operation of the ATM — the transaction is completed successfully, raising no suspicion.
- The PIN is simultaneously recorded: the camera records video, or a keyboard overlay stores the sequence of keystrokes. In some cases, combination devices are used, where the screamer and camera are synchronized.
- Chip-based (EMV) cards use "shimmers" — thin devices inserted into the slot that intercept data from the chip during authentication. Shimmers are harder to detect because they bypass the magnetic stripe and operate at the chip level.
- Data storage and transmission:
- The captured data is stored in the skimmer's memory (flash memory or microcontroller) or transmitted in real time via wireless modules. Fraudsters can return and remove the device to extract the data, or the data is automatically sent to their device (smartphone or computer) nearby.
- After collecting the data, the fraudsters create clones of the cards: they write the stolen data onto blank magnetic stripe cards or use them for online purchases.
Skimming can last from a few hours to weeks, depending on the risk of detection. In 2023–2025, an increase in cases using wireless technologies was observed, allowing fraudsters to avoid physically returning to the device.
Technologies used in skimming
Skimming technologies combine electronics, miniaturization, and wireless communications. Here are the key components:- Magnetic stripe skimmers:
- Overlay skimmers: Plastic or metal panels with a built-in magnetic reader. They copy data from tracks 1 and 2 of the magnetic stripe (containing the card number and other details).
- Deep insert skimmers: Thin circuit boards inserted into the slot, often powered by the ATM itself. They are invisible from the outside and can operate for weeks.
- Shimmers for chip cards:
- Microchip-based devices that mimic a chip reader and intercept cryptographic data during EMV transactions. They are thinner than skimmers and designed for modern cards.
- PIN Capture Devices:
- Pinhole cameras: Miniature cameras (1–2 mm in size) with wireless video transmission. They are battery-powered or powered by an ATM and can record in high definition.
- Keyboard overlays: Touch panels that register keystrokes via wires or capacitive sensors.
- Wireless transmission and storage:
- Bluetooth or GSM modules: For sending data over a distance of up to 100 meters. Fraudsters can monitor from a parking lot.
- Built-in memory: 1-16GB flash chips for storing thousands of records.
- Additional: Some devices use RFID or Wi-Fi for transmission, and advanced versions have GPS for tracking.
These technologies are inexpensive to produce (ranging from $10–$100 per device) and are readily available on the black market. With the transition to EMV chips, magnetic stripe skimmers have become less effective, but shimmers compensate for this.
The evolution of skimming and current trends
Skimming emerged in the 1990s with magnetic stripes, but has evolved since the 2010s, from simple overlays to IoT integration. Between 2023 and 2025, a rise in "jackpotting" — when devices trick ATMs into dispensing cash — is expected, but this is a separate method. Fraudsters are using 3D printing to create exact replicas of ATM parts. According to Europol, skimming remains a leading threat in Europe, with wireless technologies being used to minimize the risks.Protection and Detection Measures (Educational Recommendations)
To prevent skimming:- Check the device: Pull on the card slot and keyboard — if anything comes loose, it could be the screamer. Look for discrepancies in color or shape.
- Use secure methods: Prefer chip or contactless (tap-to-pay) cards, which are harder to skim. Choose ATMs inside banks or with anti-skimming technologies (such as blockers).
- Protect your PIN: Cover the keyboard with your hand when entering it.
- Monitor your accounts: Check transactions regularly and set alerts.
- If you suspect: Do not use the ATM, report it to the bank or the police.
Understanding these mechanisms helps raise awareness and reduce risks. Skimming is a crime, and its victims often receive compensation from banks, but prevention is the key to safety.
