"This technology can be used in any point of sale device," he said. "It literally takes less than 10 seconds to install, and once installed, it stays there forever. The criminal just uses a little bit of glue on the device, installs it on the machine and leaves it there. Then he comes back a few days later, inserts a special card and every stolen record will be copied. Then he goes home, connects it to his computer and transfers the information."
The skimmer fits so neatly into the chip card slot that it's almost invisible, he said.
"Old-fashioned skimming devices are overlays installed on top of the machine," he said. "But this particular device is so much harder to identify. "The merchant will have to get a flashlight and see if they can spot anything in the slot. I don't see how store managers will do it on a daily basis."
Barysevich said that the terminal manufacturers have been notified about the issue.
"I always try to alert businesses about impending dangers and attacks," he said. "But once we get the information to them, the ball is in their court. Sometimes companies move very slowly."
Meanwhile, one solution could be to take one of these skimming devices, duplicate its form -- without the data-stealing functionality, of course -- and install it into the terminals.
There wouldn't be any room for the crook to insert their own skimmer, he said.
Somebody should start selling the blanks until the manufacturers come out with a permanent fix, or everyone switches over to the dynamic chips and the whole issue becomes moot.
Sign up for CIO Asia eNewsletters.