This section provides background information related to the present disclosure which is not necessarily prior art.
Technical Field
The present invention relates to a protective device for a card reader. The invention further relates to a self-service terminal equipped with the protective device, specifically an ATM, an account statement printer or an information terminal, and a method applied thereto to prevent data being read from a magnetic stripe card by means of a spying device that has been installed with fraudulent intent by third parties in the proximity of the card reader.
Discussion
Traditional self-service terminals are frequently encountered operating as ATMs or account statement printers. In order to use them, the user, or customer, needs a bank card that is usually the same as a magnetic stripe card to be read by a card reader, on which card data including the customer's personal and account data are stored. Unfortunately, manipulation is being practiced to an increasing degree at self-service terminals by third parties to gain access to these card data in a fraudulent manner. For this purpose, a special spying device is installed as unobtrusively as possible at the particular self-service terminal that essentially contains a small, foreign card reader that is mounted whenever possible directly in front of the actual slot on the self-service terminal, or the actual card reader. When a customer inserts his bank card into the card reader on the self-service terminal, its magnetic stripe is also read by this foreign card reader, whereby the third party acquires the card data, specifically the customer and account data, and it is then possible to produce an illegal copy of the bank card. If the third party is able in addition to spy out the confidential numeric password (PIN) associated with the bank card, he can easily withdraw money from the particular account using the counterfeit bank card and the pilfered PIN.
In professional circles, the fraudulent method just described for spying on card data or customer information is known as skimming or card abuse. One possibility for preventing it, or at least making it more difficult, is to generate a protective electromagnetic field suitable for compromising the read function of the magnetic card reading head in the spying device. To do this, the protective field must be generated, or take effect, at the exact spot where the spying device is normally installed, that is to say, immediately in front of the insertion slot of the “genuine” or actual card reader. In addition, the protective field must be sufficiently strong to ensure that the read function of the spying device is effectively compromised or blocked and that the data can no longer by read from the magnetic stripe card by skimming.
However, it is not easy to align or position a protective field of this type with such a degree of accuracy and also to adjust its field strength so that the read function of the actual card reader on the self-service terminal is not compromised by mistake at the same time. For example, in many card readers there is a magnetic stripe pre-recognition head immediately behind the insertion slot with the aid of which it can be determined whether the magnetic stripe card has been inserted correctly. This magnetic stripe pre-recognition head is usually located close to the area in which the protective field takes effect. As a result it can easily happen that the magnetic stripe pre-recognition head is compromised by the protective field when reading. Additionally, reading heads arranged in the interior of the card reader are compromised or interfered with by the protective field by mistake when reading. Consequently, it often proves difficult in practice to achieve a good balance between an optimal alignment and adequate field strength for the protective field on the one hand and reliable operation of the card reader without interference on the other.
In order to overcome this problem, a protective device is proposed in DE 10 2005 043 317 B3 that can be used advantageously in a self-service terminal, in particular an ATM, account statement printer and/or information terminal. The protective device has a protective field generator and an associated inductor to generate an electromagnetic protective field in the form of an alternating field that is suitable for interfering with the operation of a spying or skimming device, wherein the protective device is activated by a control unit of the card reader for controlling a card transportation device in the card reader in such manner that the protective field is reduced or deactivated at least for the time period of reading the magnetic stripe in the proper card reader such that reading the magnetic stripe card in the actual card reader is not negatively affected by the protective field. In this way, the protective field generator is deactivated only occasionally and precisely when or while the magnetic stripe card is being read by the proper and “genuine” card reader. As long as there is no card in the card reader, the protective field is activated and takes effect against potential skimming with sufficient field strength. This solution ensures that the actual card reading process is not negatively affected or interfered with by the anti-skimming measures, but it is associated with a certain expense to achieve the temporary deactivation of the protective field.