This coming weekend millions of Americans will take to the roads to visit friends and family for the holidays, stopping at numerous gas stations along the way. But a new report from Visa warns that unsuspecting travelers who pay at the pump with an old magstripe card risk having their account details stolen by a group of hackers.
Visa says the hackers are exploiting a weakness in the point-of-sale (POS) networks gas stations use. The hackers have been able to infiltrate the POS network and have installed their own card scraping software on it. When customers swipe their card at the pump, the hacker’s software intercepts the card details en-route to the POS network. The hackers can do this because the magstripe card data isn’t encrypted.
There are a few ways users can cut their risk of falling victim to the threat. The first is the most cumbersome: Don’t pay at the pump and instead go inside and pay the cashier directly. But an easier option is, if your card has a chip in it, use that method to pay instead of swiping it. Data sent by the chip is generally encrypted, which means the hacker’s software can’t steal your info.
Data theft via old magstripe cards has become such a problem, Visa is encouraging that all gas stations in America install chip readers at the pump by October of next year. If the gas stations do not, they may be liable for counterfeit fraud that happens at their pumps.