Crooks who make and deploy ATM skimmers are constantly engaged in a cat-and-mouse game with financial institutions, which deploy a variety of technological measures designed to defeat skimming devices. The latest innovation aimed at tipping the scales in favor of skimmer thieves is a small, battery powered device that provides crooks a digital readout indicating whether an ATM likely includes digital anti-skimming technology. A well-known skimmer thief is marketing a product called “Smart Shield Detector” that claims to be able to detect a variety of electronic methods used by banks to foil ATM skimmers.

The device, which sells for $200, is called a “Smart Shield Detector,” and promises to detect “all kinds of noise shields, hidden shields, delayed shields and others!”

It appears to be a relatively simple machine that gives a digital numeric indicator of whether an ATM uses any of a variety of anti-skimming methods. One of the most common is known as “frequency jamming,” which uses electronic signals to scramble both the clock (timing) and the card data itself in a bid to confuse skimming devices.

“You will see current level within seconds!,” the seller enthuses in an online ad for the product, a snippet of which is shown above. “Available for sale after November 1st, market price 200usd. Preorders available at price 150usd/device. 2+ devices for your team – will give discounts.”

According to the individual selling the Smart Shield Detector, a readout of 15 or higher indicates the presence of some type of electronic shield or jamming technology — warning the skimmer thief to consider leaving that ATM alone and to find a less protected machine. In contrast, a score between 3-5 is meant to indicate “no shield,” i.e., that the ATM is ripe for compromise.

“We don’t hide the fact that our ATMs are protected against this type of external skimming attack,” Harrow said. “Our Anti-Skimming product uses a uniquely shaped bezel so you can tell just by looking at the ATM that it is protected (if you know what you are looking for).”

Harrow added that NCR doesn’t rely on secrecy of design to protect its ATMs.

“The bad guys are skilled, resourced and determined enough that sooner or later they will figure out exactly what we have done, so the ATM has to be safe against a knowledgeable attacker,” he said. “That said, a little secret sauce doesn’t hurt, and can often be very effective in stopping specific attack [methods] in the short term, but it can’t be relied on to provide any long term protection.”

The best method for protecting yourself against ATM skimmers doesn’t require any fancy gadgets or technology at all: It involves merely covering the PIN pad with your hand while you enter your PIN!

That’s because the vast majority of skimming attacks involve two components: A device that fits over or inside the card reader and steals data from the card’s magnetic stripe, and a tiny hidden camera aimed at the PIN pad. While thieves who have compromised an ATM you used can still replicate your ATM card, the real value rests in your PIN, without which the thieves cannot easily drain your checking or savings account of cash.

Also, be aware of your physical surroundings while using an ATM; you’re probably more apt to get mugged physically than virtually at a cash machine. Finally, try to stick to cash machines that are physically installed inside of banks, as these tend to be much more challenging for thieves to compromise than stand-alone machines like those commonly found at convenience stores.

Technology is easier to access now than ever before, but not all apps are created equal. In the interest of student safety, privacy and cybersecurity and providing a beneficial learning environment, it’s important to evaluate each app before downloading it. Here are seven important questions to ask yourself before downloading a new app for your kids to use.

Question #1: Is It Age-Appropriate?

Just like any other form of media, apps are developed for a wide range of audiences. Watch out for apps that say they are intended for children ages 13 and up. This is the equivalent of a PG-13 movie, so there may be language and content that is inappropriate for your children if they are younger. Many apps post specific age ranges (e.g., ages 5-8, ages 3 and up) within the app store. Find one that matches your child’s.

Question #2: How will this app benefit my child?

There are many apps out there with specific educational goals, and some of them might even be used in your child’s classroom. This is great because those apps are likely pre-vetted for academic usefulness. At home, you have to do the vetting on your own. Before downloading, check to see that it targets a useful skill, such as critical thinking, reading skills or mathematical fluency.

Avoid those apps designed simply to engage your child in mindless playing that does not stretch their thinking. Many take up a lot of time, so make sure you’re picking one that uses that time in a valuable way. They can still be fun and engaging for your kids!

Question #3: What Are the Privacy Settings?

Make sure that any app you download allows you to protect your information. There should be a setting within the app that you can turn to the “private” mode. Usually, you can find this information within the app store before purchase.

Using apps’ privacy features is incredibly important, as you don’t want your child’s device to accidentally reveal more information than is necessary or appropriate.

Question #4: Can Strangers Contact My Child?

Along the same lines as privacy settings, make sure that strangers and unknown users cannot contact your child through an app before downloading. Some games have children play against other users, and this can be fine as long as that’s the only communication they have. Apps, especially for young children, should not involve interaction with strangers!

Check the settings and the description in the store. If there’s a messenger or a live chat component, make sure these settings are turned off. If they cannot be turned off, it may be worth reevaluating whether the app is appropriate.

Question #5: How Will Your Child Access the App?

Make sure your child cannot get into the app in a way you’re not aware of, like with a password that you don’t know. If you purchased the phone and the app, you have the right to access them. This will help you monitor your child’s app usage and make sure they are being safe. Check in on your devices regularly to ensure they’re being used in a manner that makes sense for your child.

Question #6: What Will I Do if This App Turns Out to Be a Fraud?

Before you download an app, think about what you’ll do if it turns out to be something you didn’t expect. Sometimes, apps that look helpful on the surface turn out to be scams.

It’s probably best to explain to your child ahead of time that some apps aren’t what they seem and that when this happens, they need to be deleted. Giving your child this information ahead of time might prevent a meltdown if the app does turn out to be a fraud. You can even turn it into a game by teaching your child what a “good” app looks like. After evaluating it yourself, if it’s appropriate, you can allow your child to evaluate the app as well. This allows them to be more invested in the final decision to keep or delete it.

Question #7: What Do the Reviews Say?

Are there reviews? Most apps are widely reviewed right there in the app store, so you can evaluate them before you make a download decision. Take the time to read both the positive and negative reviews to see the best and worst qualities of the app. Take care to look for warning signs like safety or privacy issues.

Cybersecurity and privacy can feel overwhelming, but they don’t have to be. It’s a simple matter of asking yourself a few quick questions before purchase to make sure you’re providing a safe, educational experience for your child.

The holidays and the ever-increasing propensity for online shopping bring the risk of identity theft, an understandable topic of concern for many shoppers. Bankrate estimates that in 2016 alone, 41 million Americans were victims of identity theft. When every credit card swipe represents the potential for thieves to steal personal and financial information, it’s important that we understand the risks. The point is not to scare people into hoarding cash under their mattresses and never going online – it’s that consumers must take proactive measures to ensure their own online safety. With that in mind, here are some everyday tips that consumers can start using today to help proactively secure personal and financial information.

Steps Adults Can Take to Mitigate Online Risks

Always use strong password safety measures

• Do not save passwords in your browser for auto login.
• Do not use the same password for everything.
• Make your password a sentence – you can use upper- and lowercase letters, punctuation, numbers and even spaces!
• Do not use your name for any part of the password.
• If possible, enable strong authentication (using your smartphone, for example, to get a code to log in from unknown devices).
• Be smart about security questions; do not use information easily found on social media profiles.

Browser best practices

• Clear cache.
• Clear downloads.
• Block popups.

Bank online, check your accounts regularly and set up alerts

• It might seem counterintuitive to manage finances online if the main concern is safety, but being able to proactively monitor your account online helps ensure you have up-to-the-minute information whenever you need it.
• Log in to your account frequently (e.g., at least once per day) to ensure there has been no malicious activity.
• Set up alerts to notify you of large purchases/withdrawals or low balances.

Regularly update operating systems and software with the latest security patches

• Although constantly restarting phones and computers can be annoying, making sure that operating systems are up to date is a good way to ensure hackers and thieves cannot bypass exploitable security protocols on devices.

Verify the authenticity of websites, especially when purchasing or downloading items from that site

• Always check URLs when navigating online and ensure the web address for the site you’re visiting is correct.
  • Example 1: You want to purchase something from Best Buy online. You click on a link from a Google search that takes you to www.bestbuying-online.com. Since Best Buy’s website is www.bestbuy.com, you are potentially on a site whose purpose is to steal personal and financial information.
  • Example 2: You are trying to download the latest version of Microsoft Office for your computer. Ensure the URL is correct (as indicated in the first example) but also make sure you click on the correct link to download. On many third-party sites there will be “click bait” (explained further later) all around the page to try and lure rogue clicks and open new windows or initiate malicious downloads.

Always continue learning

• The single greatest piece of advice is to never get complacent. Hackers and identity thieves are constantly changing their approaches, so it is crucial to stay abreast of new developments and vulnerability trends.

The advice above can be useful for adults, but it is not just adults who need to be mindful of online safety. The entire family must also practice safe social media habits and be very careful with the information they share, especially young children and teenagers.

Advice for Parents of Young Children, Teenagers and Beyond

Make sure children are not posting unsafe or harmful content on social media. Examples can include but are not limited to:

• Location of their home, school, church etc.
• Illicit behavior (drinking, partying, general mischief, etc.)
• Checking in at different locations to indicate where your family is at a given time

Be vigilant regarding gaming systems

• One might not think about it, but there are online communities built around specific gaming systems or specific games. It is a blind spot for many parents and can leave children open to being contacted by predators. It is important to talk to children about the games they play and who they connect with online. 

Don’t fall for “click bait”

• Educate your children (and yourself!) about click bait. Many times malicious content can look like an advertisement or a link to download free software. Telltale signs of click bait can include but are not limited to embellished titles, obscure or overly engaging images or intense motion or colors within an ad.

Cyberbullying

• Make sure to talk to your family about the severe nature and consequences of cyberbullying.
• Check social media accounts for signs of bullying (e.g., insults, threats, intimidation).

Always be actively involved in online activities

• The single best advice is to simply be involved, talk to children and young adults about their online activities; if something does not seem right, it likely is not.

Though it might seem intimidating and overwhelming at times due to the number of threats and the ever-changing nature of online vulnerabilities, taking the above precautions will hopefully engender confidence about taking control with proactive online safety measures. As long as users take ownership of their online identities and use caution, they can take full advantage of the many benefits of the internet now and in the future.

Where do we go? Who do we talk to? What do we read about? Our mobile phones are troves of personal, private information, and the US Supreme Court weighed Wednesday how easily police should be able to get it.

In a case seen as a landmark for privacy protection in the digital age, the court heard arguments over whether, police have the right to obtain the location data of a person's phone from providers without a search warrant.

During the hearing, most of the high court's nine justices appeared deeply concerned about how phone companies can track a person's movements via their device and hand that information, sometimes going back years, to police when asked.

Civil libertarians say that information is protected by the US Constitution.

But law enforcement officials say the location data transmitted from a phone to a cell tower has been essentially made public and handed over to a third party, giving up any claim the owner might have to privacy.

The specific case involves Timothy Carpenter, who was tracked down and convicted of theft in 2011 after the police obtained some 12,898 cell tower location points for Carpenter's device over four months from phone companies.

Justice Sonia Sotomayor appeared to agree with the pro-privacy advocates.

The cell phone "is an appendage now for some people," she noted.

"Right now we're only talking about the cell site records, but as I understand it, a cell phone can be pinged in your bedroom. It can be pinged at your doctor's office. It can ping you in the most intimate details of your life -- presumably at some point even in a dressing room as you're undressing."

Constitutional Test Case

The US Constitution's Fourth Amendment guarantees the privacy of citizens from "unreasonable searches and seizures," and says police must obtain warrants based on "probable cause" if they want to search a suspect's "persons, houses, papers, and effects."

Parties on both sides of the case agree that the law did not anticipate an era in which everyone relies on a cell phone and technology providers can amass data on a person via those phones.

Nathan Wessler, an attorney with the American Civil Liberties Union representing Carpenter, said the police collection of the phone location data constituted a "search" that required a warrant.

"The concern here is with the privacy invasion, which is quite severe over the long term, over these more than four months of data," he told the court.

But the government argues that the location data is not like tapping a phone conversation, which is illegal without a warrant.

"We're dealing here with routing information. We're not dealing with the contents of communications," argued Michael Dreeben, deputy solicitor general for the Department of Justice.

He argued that giving up the information is a voluntary act by the cell phone user, and so it is not protected.

"There is an element here of voluntariness in deciding to contract with a cell company, just like there's an element of voluntariness in getting a landline phone and making a call," Dreeben told the court.

Implications for Private Data

The case has much broader implications than cell phone location data, experts say.

Today, a huge amount of information from people's lives is held by "third parties": personal files stored in the internet cloud, information from home electronics collected by the makers of those appliances, and communications sent via cell phones and the internet.

"The advance of technology means that information you used to store in your desk drawer is now stored somewhere with third parties," said Greg Nojeim of the Center for Democracy & Technology.

To get information in a drawer, he noted, police would have to ask the court for a warrant.

The Supreme Court will likely make a decision on the case before the end of its current term in June 2018.

In the past five years, 30 percent of all cardholders – credit, debit, even prepaid – have experienced some form of fraud, and at least 17 percent have experienced multiple fraud attempts. However, there’s also good news. Armed with an understanding of how credit card fraud happens and how to guard against it, you can significantly reduce your exposure to risk. The Shift to EMV Chips

You may have noticed in recent years that most credit and debit cards come embedded with small chips. A card chip, known as a Europay Mastercard Visa (EMV) chip, uses the global EMV standard to authenticate and secure transactions made by credit, debit and prepaid cards. This technology is more secure than traditional magnetic stripe cards, which store data that is unchanging and easily copied by a card skimmer. Once a fraudster has “skimmed” your magnetic stripe data, they have all the information they need to use your card as they see fit. Chip cards, by contrast, generate unique security codes for each new transaction. This means thieves can’t use your card for new transactions even if they manage to copy your data.

Unfortunately, card skimming is only one kind of risk. Chipped cards do nothing to protect against card-not-present transactions, such as those processed online. These cards also come with other potential security risks; each card still has a magnetic stripe backup, and this stripe data can be rewritten to effectively undo the protections afforded by the security chip. Data breaches are still a major concern as well, as chip technology offers no protection against the theft of stored information. Additionally, EMV cards can still be skimmed and their data sent remotely to a secondary device, allowing criminals to use the card as they wish for a short period of time.

Tread Carefully With P2P Transactions

Whether it’s Venmo, PayPal, Square Cash or another service entirely, a peer-to-peer (P2P) transaction platform allows you to quickly and conveniently send and receive cash from virtually any device. Unfortunately, P2P services also expose your credit card information to a greater risk. To limit your chance, only conduct transactions with people you know and trust. Additionally, carefully read the platform’s security policies before using to ensure that the process protected appropriately.

Use a Dedicated Card for Digital Transactions

There are clear benefits to using a single credit card for all your needs: it allows you to manage your spending easily and even rack up reward points. However, you can improve your security by using a separate card only for digital transactions. While it won’t prevent theft, it will limit your exposure by ensuring that only one account is potentially put at risk.

Don’t Get Hooked by Phishing Scams

Phishing is a very simple type of scam, but it’s also extremely effective. A phishing attempt comes in the form of an email, text message or social media communication that purports to be from a trusted source, often a reputable company or financial institution. The message will include a request for login credentials, personal information or other sensitive data that criminals can use for fraudulent purposes, or it will attempt to infect your device with malware. To prevent falling victim to phishing, never enter personal information after following a link you’ve received in an email or message. If you believe the request may be legitimate, contact the company or person directly to verify before providing any information.

Practice Good Security Habits

It may be convenient to store your credit card data and other information in online shopping accounts that you frequent, but it’s also a major security risk. Instead, opt out of any data storage, and enter your information manually for each transaction. Clear your browser’s cache after making a transaction to ensure that none of your data is stored, and be sure to only shop over a secure https:// connection. Treat all public computers and Wi-Fi hotspots as compromised, even if they appear to be safe.

Maintain Vigilance

The unfortunate reality is that you can never completely prevent fraud, but you can identify it quickly and limit the damage. To that end, make a habit of reviewing your credit card and bank statements frequently for any suspicious activity. It’s also important to check your credit score and credit report for any errors or signs of fraud. Many credit cards now provide free access to your credit score, and you can check your credit report three times per year by alternately requesting a report from each of the three major reporting bureaus: Experian, TransUnion and Equifax.

Stay Safe With Text Alerts

In addition to obtaining your credit reports, you can stay on top of your finances by using text alerts. Most banking apps provide the option to set various alerts, whether it’s a text message for every transaction over a specified dollar amount or a daily text summary of your current balance. Set these alerts and use them to keep an eye out for any signs of unusual activity. If you notice something that doesn’t add up, report it as quickly as you can.

Credit card fraud is a serious and rapidly growing problem, with losses estimated to reach $10 billion by 2020 in the United States alone. The introduction of EMV chips has helped to curb certain types of fraud, but it’s done nothing to prevent fraud online. With the knowledge and these tips, however, you can do what it takes to keep yourself and your finances protected.