1. Mobile

Protect your credit card info with the free ‘Skimmer Scanner’ Android app

By

Gas pump
Dolgachov/123RF
The price we pay for convenience is sometimes vulnerability to unscrupulous people trying to steal valuable financial information. It’s not always an anonymous hacker on the internet, however — the biggest danger may be at your local convenience store. The next time you fill your tank and swipe your card, be aware that there could be a “skimmer” inside the pump, recording and storing your credit card data for later retrieval.

It turns out that it’s ridiculously easy to install a card skimmer at a point of sale terminal. Gas pumps are particularly vulnerable because they’re often unmanned and have a lot of traffic. Luckily, there’s a free Android app called Skimmer Scanner that can alert you if there are any of these devices nearby.

A gas pump skimmer can be installed in less than 30 seconds. It records your credit card data when you fill up, then when the perpetrator returns to the scene of the crime — hours or even days later — they can retrieve all the stolen credit card info remotely with a cell phone or laptop.

Nathan Seidle, CEO of the website SparkFun, has a detailed analysis of how these gas pump skimmers work at his blog. He was contacted by local law enforcement, who provided him with several of the skimmer devices they had found, and asked if he could retrieve the data that they had stored.

Most skimmers use a Bluetooth connection, which can be easily detected. Seidle was amazed at the ineptitude of the criminals who designed the skimmers. “Initially this blew my mind,” he wrote. “If I were to design a bluetooth skimmer I would program the module to NOT broadcast its ID.”

He went on to add, “The soldering of the ribbon (the gray cable that connects to the credit card reader) is horrendously bad indicating the perpetrator has very little experience with soldering and probably zero experience with electronics.” Don’t count on criminal incompetence to protect you, however. “The designers of this skimmer were smart, it’s better to make these devices easy to connect to than to add a layer of security. What’s the worst that could happen? The device is detected and removed from the pump. Meanwhile, 10 more have been deployed for a total cost of $100.”

The Skimmer Scanner app checks for nearby Bluetooth transmissions and alerts you when one is detected. “Many of these devices go undiscovered until they’re removed by the scammers,” Nathan Poole (who designed the app) told ZDNet. “I think what we’ll find as more and more people use the app is that there are more skimmers out there than anyone previously thought.”

Currently, the app is only available for Android and there are no plans for an iPhone version. The code is open-source, however, so feel free to tinker away.

Editors' Recommendations

How to choose the best microSD cards for your smartphone or tablet

galaxy s8 tips and tricks

The 100 best Android apps (September 2021)

best Android apps

The best iPhone apps (September 2021)

iOS 14 App Library

The best Wear OS apps for your Google-powered smartwatch

Looking at a smartwatch using the Wear OS.

With Tesla bleeding money, Elon Musk initiates hardcore spending review

Tesla Model Y front

Is a bidet worth it?

Woman holding toilet paper beside bidet.

What is Google Home?

Image of Google Home, 16:9 scale

We tried a bunch of VPNs and this one is the best for Netflix

A TV with the Netflix streaming service on screen.

Best Alexa settings to update right now

The Echo Dot Wall Mount Holder in a bedroom.

What’s new on Disney+ in October 2021

A scene from Muppets Haunted Mansion.

The EU wants Apple to ditch the Lightning port for USB-C by 2024

Black iPhone 11 plugged into charger.

Chorus throws the laws of physics out the window — and that’s a good thing

Forsaken fighting other ships above a city in Chorus.

Surface Duo 2 vs. Surface Duo: Which is better?

Two people viewing something on the Person editing on the Surface Duo 2.