Computing devices including card readers allow a user to perform financial transactions themselves without the need for an in-person cashier or bank teller. In some examples, the computing devices including card readers may be “pay at the pump” gasoline terminals at gas stations or “self-checkout” terminals in grocery or retail stores. In other examples, the computing devices including card readers may be automatic teller machines (ATMs) associated with financial institutions. In order to utilize such computing devices, a user may insert a credit or debit card that contains identifying information. The identifying information may include the user's name, account number, or the like. The identifying information may be contained in a magnetic stripe of the card that is read by the card reader on the computing device upon insertion of the card. The user may also enter a personal identification number (PIN) in order to further verify their identify for the transaction.
As electronic transactions become more popular, such as those occurring at gas stations or ATMs, the opportunities for fraud and/or identity theft may also become more prevalent. One method of capturing another person's identifying information or bank account information is through the use of skimming devices on ATMs and other computing devices having card readers. A skimming device may be affixed over a card reader or a card reader component to capture a user's identifying information upon insertion of the user's card past or through the skimming device and into the card reader or card reader component. The skimming device may be discrete and still allow the ATM or other computing device to perform the desired transaction using the card reader so that the user does not suspect any wrong doing. The skimming device may read the identifying information contained in the magnetic stripe and store it and/or send it to a device associated with someone other than the user, i.e., a bad actor or fraudster. The skimming device may also include a camera used to obtain the user's PIN as it is entered on a keypad of the ATM or other computing device. In this way, the bad actor capturing the user information may obtain all of the user's identifying information needed to access the user's account or financial information.