SkimReaper, subject of a USENIX Security paper, detects most common card skimmers.
They uncovered four broad categories of skimming gear:
- Overlays—devices that get placed on top of the slot for the ATM or point-of-sale system. They can be modeled to match a specific ATM type’s card slot or, in some cases, overlay an entire device such as a credit card reader at a retail point of sale. Overlays on ATM machines are sometimes accompanied by a keypad that is placed atop the actual keypad to collect PIN data.
- Deep inserts—skimmers engineered to be jammed deep into the card reader slots themselves. They’re thin enough to fit under the card as it is inserted or drawn in to be read. An emerging version of this is a "smart chip" skimmer that reads EMV transactions passively, squeezed between the card slot and the EMV sensor.
- Wiretap skimmers—devices that get installed between a terminal and the network they connect to. This suggests there’s a fundamental security problem to begin with.
- Internal skimmers—devices installed in-line between the card reader of a terminal and the rest of its hardware. These, Scaife said, are more common in gas-pump card readers, where the attacker has a greater chance of being able to gain access to the internals without being discovered.