he Iowa Legislature has approved a bill intended to deter payment card “skimming” at fuel pumps.
The devices are attached to external fuel pump payment card readers and ATMs. The small devices, or “skimmers,” can be installed within seconds. They are designed to steal and store debit and credit card data. The data can then be retrieved and used for fraudulent purchases or activities.
A single compromised pump can capture data from as many as 100 cards per day, according to the National Association of Convenience Stores.
Iowa law now reads that a prosecutor must show that an individual has the intent to defraud the authorized user, the card issuer, or a merchant.
The Senate voted unanimously to advance a bill to Gov. Kim Reynolds that would simplify prosecution of criminals who place skimming devices on fuel pumps and ATMs. House lawmakers already approved the bill, HF2199, by unanimous consent.
The bill clarifies it is a felony offense to obtain information encoded on a payment card without permission. Offenders would face up to five years in prison and a fine of $750 to $7,500.
Rep. Zach Nunn, R-Bondurant, has referred to skimmers as “a crime wave that is systemically sweeping across the country.”
During discussion on the floor of the house, Nunn said, “In the last two years in Iowa there has been a five-fold increase in the amount of skimmers being placed at gas pumps, convenience stores, and ATMs. HF2199 makes changes to our code to ensure the persons using skimming devices to steal credit and debit card information face a penalty.”
The bill also creates a new criminal offense to cover instances when a person possesses a scanning device with the intent to obtain information encoded on a payment card without permission from the user, the issuer, or a merchant. Violators would face up to two years behind bars and a fine of $650 to $6,250.
Additionally, the bill expands third-degree criminal mischief to include instances when a person intentionally damages, defaces, alters, or destroys property used for payment card processing.
The state of Michigan recently implemented a new law to address the issue. The rule establishes specific security measures that fuel stations must employ to restrict unauthorized access of customer payment card information.
As of last month, fuel pumps in the state must have one or more of the following:
- Tamper proof security tape over the panel opening leading to the scanning device;
- Encryption of payment card information;
- A device or system to make the pump or scanning device inoperable if the panel is opened without proper authorization; and
- A device to replace a manufacturer-supplied standard lock or any other measure approved by the Department of Agriculture and Rural Development.
Law enforcement recommends consumers look for a broken seal on fuel pumps. Another preventative measure for consumers is to give card readers a firm pull before inserting their card. They add that many in the industry consider this to be the best way to determine if a pump has been tampered with because if a pump has been hacked, consumers will likely be able to pull the whole unit out. Also, it is recommended to avoid pumps that are out of sight of the clerk.
Click the links to view other legislative activities of interest for Iowa and Michigan.
Copyright © OOIDA