updated 10/17/2011 4:50:24 PM ET 2011-10-17T20:50:24

A 26-year-old German engineer is behind bars for rigging retailers' payment processing devices to steal and transmit customers' bank card information to a network of cybercriminals.

Thomas Beeckmann was sentenced to three years in a U.K. prison for manipulating PIN Entry Devices (PEDs), also konwn as PIN pads, so that they recorded victims' bank card details as their cards slid through the machines, London's Metropolitan Police said in a statement.  When he was arrested on June 8 as he entered the U.K. on a train from Holland, Beeckmann was found with a series of circuit boards used to rig payment devices in Holland and Belgium.

The BBC reported that Beeckmann's 17 devices could have been used to steal up to £150 million (about $236 million) a year.

In court, it was revealed that Beeckmann was hired by a cybercrime network whose members stole PIN pads from store counters throughout Europe, and then brought the devices to the U.K., where Beeckmann would tamper with them. The organized crime gang would then return the newly rigged machines back to stores.

ATM and point-of-sale (POS) device skimming scams are not uncommon; hackers recently compromised at least 70 POS terminals in Michaels craft stores across the country, and a Florida waitress even got in on the action by swindling customers out of $5,000.

[Cops: Angry Waitress Skimmed Customer Credit Cards]

But the technology that went into Beeckmann's rigged devices was especially sophisticated, and allowed the criminal network he worked for to steal hundreds of thousands of dollars without eliciting suspicion from the stores where the phony card readers were placed.

Beeckmann engineered the PIN pads he was given to transmit their harvested data via Bluetooth. This enabled the crooks to visit stores where Beeckmann's device was being used and receive all the data they needed to clone batches of fraudulent credit cards. In fact, Beeckmann's devices could transmit their recorded information about 330 feet, so the crook could download the stolen card numbers to his laptop or mobile phone without even entering the store, the BBC said.

© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments