Being vigilant is always the best way to protect yourself with regards to privacy and protecting your important information, like debit and credit card pins and account numbers. With the news coming out of Calgary that a customer at a gas pump found a ‘skimming machine’ on the pump, I thought it would be a good idea to explain what a skimming machine is and how it works.
A skimming machine is a device used by individuals who are trying to gain access to your bank account information, debit or credit card, through the use of technology that captures the data from the magnetic strip. Most skimming machines are placed over top of the original card reader, whether it is at a gas pump or even an ATM. They look identical to the original card reader and so they can be difficult to spot. Credit card fraud is a roughly 12 million dollar industry in Canada, and while that is down considerably from roughly 140 million in 2009 it is still a big problem. So how do you spot skimming machines?
Always do a quick check for tampering. If you are taking money out of your regular ATM at your local branch, you are no doubt familiar with how the machine looks and operates. Do a quick check around the screen, keyboard and card reader for any signs of tampering. If something doesn’t look right there is no harm in double checking with a teller. The same goes for any ATM; they all tend to work in a similar manner so if something seems off, don’t use it and notify someone immediately.
Skimming machines usually sit on top of the original card readers and are not securely fastened. Therefore, if you touch the card reader and it moves or feels loose that would be considered unusual. ATM machines are well built so if anything seems loose, that would signal a red flag for me.
Always assume someone is watching. Maybe someone is not physically standing over your shoulder, but observing through the use of micro cameras and transmitters. Whenever you are using your debit or credit card, always protect your pin. You might be in the middle of a store and no one is in sight, but that doesn’t mean that someone isn’t trying to watch. Even if you don’t notice anything unusual with the ATM itself, always cover your pin with your hand.
By remaining vigilant you will significantly reduce the likelihood of having your card information stolen. But always be aware of the credit card and bank statements. If something looks abnormal or you see a purchase you didn’t make, the sooner you report that to your bank the better.
Privacy is a growing concern among many technology users. Technology and their ever increasing advancements mean more of our personal and intimate details are ending up online in some form or another, whether it is social media or some other platform. This is true for both our personal and professional lives. From a business perspective, there are many tools out there that are convenient and easy to use but don’t necessarily consider our ‘private’ information important enough to protect it properly. However, there are some companies out there that specifically use the business model of keeping our private information completely and entirely secure. These companies use a model called Zero Knowledge – I will define what that means in a moment.
For this article I am going to focus specifically on cloud storage systems, but keep in mind that the Zero Knowledge paradigm can be applied to any system or platform, in so far as, that particular company is willing to lose access to your personal information. When enlisting the services of an online cloud platform there are some important questions you should ask yourself. One, is my privacy worth protecting? Two, should I allow someone other than myself to control my private information, and three, should I blindly trust that a company has my best interest at heart when it comes to that information? The answers to those questions should be fairly clear.
So what exactly is a Zero Knowledge System? Let me first give you some examples of what are not Zero Knowledge Systems. They would include cloud platforms like, Dropbox, Google Drive, and OneDrive. These platforms are easy to use and they offer convenient ways to access your data from anywhere. However they are not completely secure, because those companies have access to your encryption keys which means they have access to your data. This puts your privacy at risk, hackers can more easily gain access to that information and two Government entities can also more easily gain access to your personal information. A Zero Knowledge System (ZKS) is the complete opposite of those platforms listed above. Zero Knowledge Systems provide a platform for you to securely store your data, they provide the means to encrypt that data, but they themselves do not actually have access to that data – they do not have access to your encryption key. This means for examples, a hacker couldn’t hack into their servers and gain access to millions of encryption keys. It also means that government entities cannot coerce or subpoena companies to give them access to your data because they do not actually have the encryption keys to that data – the government would have to get a warrant and come directly to you for your encryption key.
A good example of a company that provides a Zero Knowledge platform is SpideOak. They provide three basic, yet very important services. One is called Semaphor, Semaphor is a real-time collaboration tool that allows for encrypted conversation and easy file sharing, it is similar to Skype, but safer from a privacy perspective. Second is SpiderOak One, SpideOak One is a cloud storage platform that allows you to securely access your data anywhere. The third one is Encryptr, which is a Zero Knowledge password manger.
In many cases I think people associate technology with a loss of privacy and as such, they accept it as something that is inevitable. However, I would argue and I think Zero Knowledge Systems are proof that technology actually has the means to both makes our lives easier and increase our privacy, so long as we, as users, align ourselves with companies (like SpideOak) that operate on a platform of true and genuine privacy.