Today again, first page news in Sweden is on how consumers accounts are emtied of money after putting their cards in machines. This time in a “skim equipped” card reader when refueling gas at an unmanned gas station. This a story that repeats again and again (especially at ATM machines).
How to solve/lower this problem? Enable a connected mobile payment service using a technology where the user are securly authenticated and no sensitive information like card/account number, CCV, etc. is transmitted during execution of the payment transaction. And where the transaction is signed in the mobile, “sign what you see”, before executed.
So if implemented, nothing to skim and if you want to do a man-in-the-middle, you have to wire-tap dual encrypted online connections, and in a short time frame, and if you succeed you get “bosh” information and for use no where..