The Bluetooth Dilemma

PED (PIN Entry Device) skimming is increasingly becoming a problem in retail stores. Many PEDs are being stolen from stores, during business hours, and returned with a skimming device inside that will collect any credit card information and PINs entered into it. The thieves also need a way to transmit the data back to themselves. Bluetooth is the optimal data transmitting method for skimming.

VISA has announced that they want stores to start scanning for Bluetooth devices. However, there is a problem: A Bluetooth device can be set to non-discoverable. And no currently available scanning software can correctly detect and characterize these non-discoverable devices.

So even with VISA’s scanning policy, it is unlikely that stores would be able to find any of these PED skimming bluetooth devices.

Source: http://pen-testing.sans.org/blog/2011/10/20/the-bluetooth-dilemma

Advertisements

One thought on “The Bluetooth Dilemma

  1. Bluetooth used to be so convenient and accessible to people and now that it is easy for someone to actually pick up credit card numbers from Bluetooth is pretty interesting and dangerous.

Comments are closed.